Re: Remailers run by spooks
-----BEGIN PGP SIGNED MESSAGE----- On Mon, 4 Mar 1996, Anonymous (or so he thinks!) wrote:
Both presenters explicitly acknowledged that a number of anonymous remnailers in the US are run by government agencies scanning traffic. Marlow said that the government runs at least a dozen remailers and that the most popular remailers in France and Germany are run by the respective government agencies in these countries. In addition they mentioned that the NSA has successfully developed systems to break encrypted messages below 1000 bit of key length and strongly suggested to use at least 1024 bit keys. They said that they semselves use 1024 bit keys.
I don't know about everyone else, but I consider this, if true, to be a MAJOR worry. It never ceases to amaze me how lightly the government takes lying to the people. Unfortunately I don't have the contacts or resources to do any further investigation, I hope this thread is resolved one way or another soon.
Yeah, didn't you know that Sameer was on the CIA payroll? How do you think he paid for his new Ferrari? I have no doubt that the CIA can break 1000-bit keys on a case-by-case basis, *if they decide to allocate the resources*. I think it's possible that some remailers are run by spooks. However, I seriously doubt that anyone is breaking stuff routinely, and I think the web of trust is pretty good. Of course, the CIA had Ames... the reverse could easily be true. However, I also have no doubt that Strassmann and Marlow are spreading disinformation and exaggerating their capabilities in an attempt to break the web of trust and incite a witch hunt. It won't work. The answer in any case is more use of remailers, not less. Just turn up the noise level. You already know that nothing is 100% secure, but you do what you can. It's a war of attrition. - -rich - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBMTp7ayoZzwIn1bdtAQFJXgGAg8I4+IwZYrDI46bMj2nED+Dh0AeoMJVs PP10Ui5u46sXDAUjpMzJSwv5EqdIOEKy =611k -----END PGP SIGNATURE-----
On Mon, 4 Mar 1996, Just Rich wrote:
-----BEGIN PGP SIGNED MESSAGE-----
I have no doubt that the CIA can break 1000-bit keys on a case-by-case basis, *if they decide to allocate the resources*. I think it's possible that some remailers are run by spooks. However, I seriously doubt that anyone is breaking stuff routinely, and I think the web of trust is pretty good.
What does the web of trust currently have to say about the political reliability of remailers?
However, I also have no doubt that Strassmann and Marlow are spreading disinformation and exaggerating their capabilities in an attempt to break the web of trust and incite a witch hunt. It won't work. The answer in any case is more use of remailers, not less. Just turn up the noise level. You already know that nothing is 100% secure, but you do what you can. It's a war of attrition.
And thus the winner will be the one who makes it the hardest for the other to fight, not who inflicts the most casualities.
- -rich - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.]
-----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service
iQBFAwUBMTp7ayoZzwIn1bdtAQFJXgGAg8I4+IwZYrDI46bMj2nED+Dh0AeoMJVs PP10Ui5u46sXDAUjpMzJSwv5EqdIOEKy =611k -----END PGP SIGNATURE-----
--- My prefered and soon to be permanent e-mail address: unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information
-----BEGIN PGP SIGNED MESSAGE----- [To: Just Rich <rich@c2.org>] [cc: cypherpunks@toad.com] [Subject: Re: Remailers run by spooks ] [In-reply-to: Your message of Mon, 04 Mar 96 00:11:09 EST.] <199603040511.AAA24235@bb.hks.net>
However, I also have no doubt that Strassmann and Marlow are spreading disinformation and exaggerating their capabilities in an attempt to break the web of trust and incite a witch hunt. It won't work. The answer in any case is more use of remailers, not less. Just turn up the noise level. You already know that nothing is 100% secure, but you do what you can. It's a war of attrition.
I agree with turning up the noise level. For a few weeks now I've been using the following script: #!/bin/ksh while sleep `roll 1 7 1`000 do roll 1 10000 `roll 1 200 1` | "a chain of remailers back to me" done I've deleted the actual command to do the remailing, since it is homegrown. Back at this end, I recognise the incoming mail and throw it away. So I never get to see it, but there is a steady stream of encrypted traffic both in and out. The "roll" command, by the way, is a perl script I picked up off the net, and it is very handy to have around: #!/usr/bin/perl $low = $ARGV[0]; $high = $ARGV[1]; $count = $ARGV[2]; $high = $high - $low + 1; # seed the random process, and generate a few to be thrown away. srand($$+time); for ($i = rand(1000)/50; $i >= 0; --$i) { rand(1000); } # generate for ($i = 0; $i < $count; ++$i) { $v = int(rand($high)) + $low; print $v, "\n"; } Chris McAuliffe <cmca@alpha.c2.org> (No, not that one.) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBMTqKi4HskC9sh/+lAQGZigQAjOcE1xU08shVqA/8wdnworQVKr9nHSCh xZEa5N6pBnV6rxvLJYC8QZMkYj/OcUzyZDUg10unqBLDjtgChSBhG61F/V5RWNOc X4IuTJAt1sIxplT6UU3OvLo7AaaNdSgz886X/M4ssnlIubOo7b+jNlxccMLr7PKK FYuLndXjspg= =knru -----END PGP SIGNATURE-----
participants (3)
-
Black Unicorn -
cmca@alpha.c2.org -
Just Rich