In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:52:16 +0200. <9302231011.aa20353@penet.penet.FI> -----BEGIN PGP SIGNED MESSAGE-----
Well, I don't agree that doubleblind is a great idea.
Neither do I. But many of the users of anon.penet.fi are not very computer-and-email-literate, and they have been using other services, providing double-blind. Unfortunate, but too late to change now...
Can you elaborate on those other services? The Finnish remailer is the only one I'm aware of. Also, I'm confused about these "not very computer-and-email-literate" users -- aren't they forced to use an X-Anon-Password header? I'm surprised there hasn't been more ruckus about the default behavior. There must be many folks whose identities have been inadvertantly exposed.
What we can do is to provide better ways for those who *are* computer literate enough to use extra headers etc.
I don't think this will help. With my mail environment, I have to go to lengths to send an anonymous message, concocting X-Anon-To and X-Anon-Password headers. It's worth the effort, since this helps to preserve the secrecy of my pseudonymous identity. But the first time I mess up, and send an unfettered message to an anon.penet.fi client, I am unmasked. What I'm saying is that I'm hip to headers; it's the simple stuff that trips me up. And I still don't understand how the unfettered message gets past the X-Anon-Password filter.
I think it's imperative that the sender use X-Anon-To to be pseudonymous. This is consistent with the principle of least astonishment.
But in this case I feel the principle of least astonishment is overruled by the principle of least risk of accidental exposure.
I think the risk of accidental exposure is heightened by the default behavior of the Finnish remailer. Maybe we're using the same words to describe different things.
I think that hornet's nest needed to be kicked. But I am also disappointed that not enough people defend the need for anonymity in places like news.admin.policy.
Some of us gave up on USENET policy long, long ago. Personally, I stick to the alt.* groups.
I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi adds an explicit warning at the end of every message.
In time, I hope such warnings will be unnecessary, as people grow accustomed to the use of pseudonyms. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4o0+PFZTpBW/B35AQGlcAF/UC0HNtSoIQe2arEoK5uzkjX+7fCwPUqC l/2o0wifS7SLGLfoshQpd3vaczDktaBV =TPtY -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details.
Neither do I. But many of the users of anon.penet.fi are not very computer-and-email-literate, and they have been using other services, providing double-blind. Unfortunate, but too late to change now.. .
Can you elaborate on those other services? The Finnish remailer is the only one I'm aware of.
The operating principles (and the early code) was copied from the general service Karl Kleinpaste was running at godiva. There has been two long-running servers serving some alt.* groups (alt.sex.*, alt.sexual.abuse.recovery) for years.
Also, I'm confused about these "not very computer-and-email-literate" users -- aren't they forced to use an X-Anon-Password header?
No. Not until now. And you can still post withaout it, and answer anonymous mail without it, and of course set the password to "none", disabling passwords altogether.
I'm surprised there hasn't been more ruckus about the default behavior. There must be many folks whose identities have been inadvertantly exposed.
I know, looking at the error messages and missent mail, that there would have been hundreds of persons exposed without the default double-blind.
What we can do is to provide better ways for those who *are* computer literate enough to use extra headers etc.
I don't think this will help. With my mail environment, I have to go to lengths to send an anonymous message, concocting X-Anon-To and X-Anon-Password headers. It's worth the effort, since this helps to preserve the secrecy of my pseudonymous identity.
But the first time I mess up, and send an unfettered message to an anon.penet.fi client, I am unmasked.
No, once you set a password, the server won't let your message through unless it's OK!
And I still don't understand how the unfettered message gets past the X-Anon-Password filter.
Can you elaborate? I don't understand your question. Sorry, my english isn't what it ought to be...
But in this case I feel the principle of least astonishment is overruled by the principle of least risk of accidental exposure.
I think the risk of accidental exposure is heightened by the default behavior of the Finnish remailer. Maybe we're using the same words to describe different things.
I beg to disagree.
I think that hornet's nest needed to be kicked. But I am also disappointed that not enough people defend the need for anonymity in places like news.admin.policy.
Some of us gave up on USENET policy long, long ago. Personally, I stick to the alt.* groups.
Right. Unfortunately. Because had you followed the discussion in news.admin.policy you would have realized thet sticking your head in the bush isn't going to help. Julf
participants (2)
-
Johan Helsingius -
nowhere@bsu-cs.bsu.edu