ted, i think that with just a little of the right technical stuff, it is very easy to establish a nym in today's nets. e.g., if you buy a cheap unix box, it comes with uucp, so you can hook up to one of many anonymous uucp sites. that's easy. i know of several slip/ppp endpoints that aren't password protected. more every day, in fact. that's easy. perhaps it's this easy with fido. the point of remailers is to enable this technology to the technologically challenged. (as well as to explore the technical and social space that nyms define.) peter
From: Peter Honeyman <honey@citi.umich.edu> Date: Thu, 4 Mar 93 11:03:53 EST ted, i think that with just a little of the right technical stuff, it is very easy to establish a nym in today's nets. e.g., if you buy a cheap unix box, it comes with uucp, so you can hook up to one of many anonymous uucp sites. that's easy. Buying a unix box and finding a UUCP connection is still a lot more effort than getting a new anonymous remailer pseudomnym. It certainly costs a lot more money! And if you continuously mailbomb someone, the victim still has the (somewhat tenuous) recourse of asking the upstream uucp site to cut off the miscreant. There are controls to reduce how much someone can abuse the network. i know of several slip/ppp endpoints that aren't password protected. more every day, in fact. that's easy. And if those endpoints were abused, the owners of said endpoints would probably clamp down and protect them. (If they're used too much, they'd probably clamp down anyway, since presumably they didn't pay good money for those resources to give them away free to anyone who can dail up to them.) There are controls to reduce how much someone can abuse the network. You seem to be proposing that all such controls be removed. - Ted
Date: Thu, 4 Mar 93 13:24:58 -0500 From: Theodore Ts'o <tytso@Athena.MIT.EDU>
There are controls to reduce how much someone can abuse the network.
they are no more stringent than those employed by remailer operators.
You seem to be proposing that all such controls be removed.
you are reading me wrong. peter
i know of several slip/ppp endpoints that aren't password protected. more every day, in fact.
probably clamp down anyway, since presumably they didn't pay good money for those resources to give them away free to anyone who can dail up to
I was wondering about that -- I kind of assumed that Peter meant "real" endpoints that were unprotected because they provided service that way. For example, UUNET has (had?) a 1-900-GETSRCS (or something like that) UUCP dialin, the phone company mediated money handling, uunet didn't care who you were -- but as far as I know it would only allow file transfer. Are there any slip/ppp/uucp+rmail points that are "open" that aren't likely to dry up if they get widely announced? If so, please announce them! _Mark_
-----BEGIN PGP SIGNED MESSAGE-----
i know of several slip/ppp endpoints that aren't password protected. more every day, in fact.
Are there any slip/ppp/uucp+rmail points that are "open" that aren't likely to dry up if they get widely announced? If so, please announce them!
I was doing some password ginding a few days ago (I do this as a favor for a few people, and I sometimes throw passwd files from friends systems into the "soup"). Recently I cracked a friends dialup slip password, it was a hard choice on if I should "slip in" or not (the possiblities of the practcal jokes was endless). If I was attampting a malicious attack or to compromise system integrity for future attacks -Pete btw: if I "sliped in" I would have just run changed their Xwindow backgrounds to say they should correct the situation (nothing malicious). -----BEGIN PGP SIGNATURE----- Version: 2.2 iQBFAgUBK5uUt8hmn7GUWLLFAQHNhAF+LCMvPSR04uf5ORT0oQbDfqbSF+Q4iwD8 K6796+LEdeQu1oIjWcCWITIs9jnKsJUP =r7Ca -----END PGP SIGNATURE-----
participants (5)
-
eichin@cygnus.com -
Peter & -
peter honeyman -
Peter Honeyman
-
Theodore Ts'o