Re: Novel use of Usenet and remailers to mailbomb from luzskru@cpcnet.com
-----BEGIN PGP SIGNED MESSAGE----- Bear with me - original text follows all these quotes At 2:29 PM1/13/96, bryce wrote:
If "digital postage" is ever implemented, this sort of distributed-origin mailbomb-through-a-remailer would be stopped immediately. All the messages that the horny net geeks send would necessarily contain the same postage stamp, and the remailer would notice this right away -- and throw away messages containing the used postage stamp.
One more motivation for e$-like digital postage for remailers.
Unfortunately this is not the case. The perpetrator would simply have to convince the horny net geeks to pay their own postage. In fact, it is *in general* impossible to have both anonymity and prevention/control of mail-bombing. Of course digital postage will help the problem somewhat by making the bombers pay for it, and smarter filters on the recipient's end will help, but in general it is a problem we are going to have to live with if we want anonymity.
Impossible is an awfully strong word. If I was going to implement free digital stamps, I'd have a autoreply daemon (stamps@remailer.com) that when sent a mail, would respond with X number of valid stamps. If you're going to trust me not to log my remailer traffic, extending that trust to believing I won't log the stamp requests shouldn't be that much of a stretch. Alternatively, the stamp could consist of a unique-id, any unique-id, working identically to Usenet message ids. That way, the user can generate his own stamps without being forced to trust the remailer operator not to log them. I prefer the second option as it has both greater anonymity and allows for simple history file patching to the remailer. Either way, if the stamps/message-ids are forced to be inside the encrypted address block, mail-bombers can only get one message through. Even if the HNGs are instructed to add a stamp and re-encrypt the address block, when the spam-o-grams start getting routed through the pre-packaged route, they'll be stopped dead after one message gets through. Joseph Block <jpb@miamisci.org> "We can't be so fixated on our desire to preserve the rights of ordinary Americans ..." -- Bill Clinton (USA TODAY, 11 March 1993, page 2A) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMPnluAF0VTodVW1dAQHilAgAmuvKLut8tR2uHuUkNTMEaYqYK+OR97W0 Wp9ZCNWSZl2pMNyHwmNPUk8L5x7O3OlbTXYMFd+oHAGavL199qCELij/QecBaT5U L+Nmm86KYvFuVgxvEGcRSZCY8UjQ3nuW7rQ8js9s1I2+uuDgge14qzMajTUYlh2i nI2ZlffJCv1OC3i5RIPrT6/piC0tAD7pBbFuZD5X3lk8bk90F3MgMiJJP26MPgZ3 23qjaaXLFM0JhnK+1p+7+gd97dh6D6G17OIRhu+9/XJbmR1Vz3sEHt77Xk1jFzYO tFS5c9k4xXT+DlY6TdOvXPlE5T5KvzHVkV8mJm3VJy/8aFpL/IlthQ== =faLt -----END PGP SIGNATURE----- No man's life, liberty or property are safe while the legislature is in session. 2048bit-Fingerprint: F8 A2 A5 15 56 42 9B 16 3F BD 57 0F 8A ED E3 21 ------------------------------------------------------------------------ Help Phil! email zldf@clark.net or see http://www.netresponse.com/zldf
-----BEGIN PGP SIGNED MESSAGE----- I wrote:
In fact, it is *in general* impossible to have both anonymity and prevention/control of mail-bombing. Of course digital postage will help the problem somewhat by making the bombers pay for it, and smarter filters on the recipient's end will help, but in general it is a problem we are going to have to live with if we want anonymity.
An entity calling itself Joe Block allegedly wrote:
Impossible is an awfully strong word.
Indeed. And I would be delighted (sort of) if someone could show me how my assertion above is incorrect.
If I was going to implement free digital stamps, I'd have a autoreply daemon (stamps@remailer.com) that when sent a mail, would respond with X number of valid stamps.
<snip> Look I don't actually understand how remailers are currently implemented, but for the purpose of this discussion it doesn't matter. Any sequence of steps that a legitimate correspondant can use to send a letter a mailbomber can use to send an e-mailbomb. Now you can make the sequence of steps more complex in the hope of weeding out the less technically competent mailbombers, but this is a weak solution which will also make remailnet even more inaccessible to the barely technically competent people who make up the vast majority of e-mail users. Look at it this way. How can one ensure that one receives only the kind of e-mail that one likes? I can think of only 3 ways: 1. Discriminate based on content. (killfiles, etc.) 2. Discriminate based on authorship. (PGP sigs, reputations, etc.) 3. Retaliate against those who send you mail that you didn't want. (mail-bombing, reputation-trashing, social or legal penalties, violence, assassination, etc.) Now unconditional anonymity (or even "Pretty Good" anonymity a la cpunks remailers) does away with option #3, right? (I take a moment to note that this is precisely *why* we advocate anonymity in the first place...) So that leaves us with option #1 and option #2. It is impossible for current computers to reliably identify for us whether a given e-mail message is junk mail or not. (I take a moment to note that when it becomes possible for computers to do so we will probably have bigger things to worry about...) *But* there is a lot that done with regard to discrimination based on content. First there's the obvious stuff-- killfiling topics and keywords (like "NSA" and "ITAR" on cpunks...) and splitting messages into different folders based on which list they are from-- and then what about this idea: someday people will include a few micro-dollars in their messages to encourage you to read them. Now that would be interesing. Now the schemes that I have seen aired here about how to prevent these kinds of distributed e-mailbombs generally focussed on a rough version of option #1-- just discriminate against multiple copies of the same content. That's fine (although some of my friends who are always sending me the same jokes might get left out in the cold...) but you have to realize that it is a weak fix that can be easily overcome by a technically sophisticated attacker. Also I think all such things should be done on the user's end. I would thank *my* anonymous remailers to let me and my computer decide what mail to trash. Of course as always people should pay as they go to send mail. Thus no direct financial harm is done to the recipient (or even a pecuniary bonus! See above) and the remailers could probably make a profit off of mailbombers. I'll leave option #2 alone. No fresh ideas today. Okay I've wandered, but to restate my main point mailbombing and anonymity are *in general* inseparable. Just as harassment, intimidation, blackmail, libel, copyright violations and other "information crimes" will be encouraged by anonymity. Get used to it, or else stop advocating anonymity. Regards, Bryce PGP sig and clear-text timestamp follow Mon Jan 15 15:46:21 MST 1996 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01 iQCVAwUBMPraYfWZSllhfG25AQGcZwP+L7DwXIksx1cNkqpUDxqlRcfsTw7bmRih sB5Ib1QQOoP53R9XinFHWdvvrfWx/M5sIlnZ2CweOnGyL8MgpYA+5FBjfrDvkGm9 B1EOzHMsfc0rQBOzERFvque/Kg+ojkIsoCXcvu3K9XUPpBv4iGs7E/oBSkKYX0pC 1cg35pR7SaQ= =m85b -----END PGP SIGNATURE-----
if you get the usual 150+ msg/day I do, you break it up into folders, set the reader to proceed sequentially through the folders, in an order defined in .pinerc. I have 30 folders current. when a particular person becomes annoying: # net assholes :0 HB * ( Fred.*Cohen|fc@all.net|vznuri|kevin.dirks ) assholes takes care of the problem nicely. If you get bored with a newsletter, etc. I move its folder address in procmail to "bigsleep" and every so often I try to cancel the group. Now, if I wish to really get hostile, I have a little program which returns the message showing "bounce@..." in the From:, Reply-To:, and Sent-By: fields. At the top of the body it 'shouts' the sender is objectionable and the mail returned. It does keep a log of who it bounced and if it one of the no-return types, it 'learns' from another list to use /dev/null. There is no limit to how far you can go, including mail bombing. spoofing the top line From is hard to do for lack of insecure mailers, but it can be done by other means. The only spammer I have had trouble discouraging is nashville.net. But I really do not believe in mail bombing as it hurts too many bystanders --cheap to generate, but expensive to clean up after. So, indulge in procmail(), premail(), formail(), and older versions of smail() and join the fun. __________________________________________________________________________ go not unto usenet for advice, for the inhabitants thereof will say: yes, and no, and maybe, and I don't know, and fuck-off. _________________________________________________________________ attila__ To be a ruler of men, you need at least 12 inches....
participants (3)
-
attila -
Bryce -
jpb@miamisci.org