So I got this message. How would someone identify the sender of this message? I'm writing an article on anonymity, with some discussion of remailers, and want to argue that forging already permits people to raise the costs of tracing significantly, anonymous remailers or no. Lee
From: freeh@fbi.gov Date: Tue, 24 Oct 95 16:07:08 -0400 Apparently-To: tien@well.sf.ca.us X-UIDL: 814570964.056
How difficult is it to forge headers? How difficult is it to trace a message to the actual sender if the header is forged?
Not very difficult at all (to forge, that is). This is a quick and dirty example that should be somewhat traceable. If you want pointers on how to trace it, post the whole thing, including headers, to cypherpunks.
Louis
You didn't send ALL the headers, only some of them. You need to send on the full set to make a trace possible. Lee Tien writes:
So I got this message. How would someone identify the sender of this message? I'm writing an article on anonymity, with some discussion of remailers, and want to argue that forging already permits people to raise the costs of tracing significantly, anonymous remailers or no.
Lee
From: freeh@fbi.gov Date: Tue, 24 Oct 95 16:07:08 -0400 Apparently-To: tien@well.sf.ca.us X-UIDL: 814570964.056
How difficult is it to forge headers? How difficult is it to trace a message to the actual sender if the header is forged?
Not very difficult at all (to forge, that is). This is a quick and dirty example that should be somewhat traceable. If you want pointers on how to trace it, post the whole thing, including headers, to cypherpunks.
Louis
-----BEGIN PGP SIGNED MESSAGE-----
You didn't send ALL the headers, only some of them. You need to send on the full set to make a trace possible.
More specifically, the headers which are most needed are the Received: and Message-Id: headers; each mailer along the path adds another Received; header, typically with its name, a timestamp, and sometimes the name or address of the previous system. Other headers may also help.
Lee Tien writes:
So I got this message. How would someone identify the sender of this message? I'm writing an article on anonymity, with some discussion of remailers, and want to argue that forging already permits people to raise the costs of tracing significantly, anonymous remailers or no.
- Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBMJ7YHrT+rHlVUGpxAQHfSgP/YDoEM9chlFLNZ1U4nzh6T13Lsswqv768 oTpssqzW+OYenKgop7FOGYIs7GpSdSGdgFyucYHlcBkUpVXOLMcs/pylwIVGy8Hl T/lrsNEjAEBjWlzZO6jSuKvrODZKGGfn7nTvmmCR8vKRtUlLnK3ljK8VphqpYvbm Nmg6okhczZM= =JO4Z -----END PGP SIGNATURE-----
You need to send the entire headers, including such things as recieved lines. Looking over those lines carefully will probably provide some clues. eg:
From owner-cypherpunks@toad.com Sun Sep 24 20:14:32 1995 Return-Path: owner-cypherpunks@toad.com Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by homeport.org (8.6.9/8.6.9) with ESMTP id UAA18842 for <adam@homeport.org>; Sun, 24 Sep 1995 20:14:30 -0400 Received: from toad.com by relay3.UU.NET with SMTP id QQziqi14036; Sun, 24 Sep 1995 20:10:07 -0400 Received: by toad.com id AA02191; Sun, 24 Sep 95 17:05:32 PDT Received: from crypto.com by toad.com id AA02182; Sun, 24 Sep 95 17:05:26 PDT Received: from tpc.crypto.com by crypto.com Sun, 24 Sep 1995 20:16:16 -0400 Message-Id: <199509250016.UAA19204@crypto.com>
| So I got this message. How would someone identify the sender of this | message? I'm writing an article on anonymity, with some discussion of | remailers, and want to argue that forging already permits people to raise | the costs of tracing significantly, anonymous remailers or no. | | Lee | | >From: freeh@fbi.gov | >Date: Tue, 24 Oct 95 16:07:08 -0400 | >Apparently-To: tien@well.sf.ca.us | >X-UIDL: 814570964.056 | > | >> How difficult is it to forge headers? How difficult is it to trace a | >> message to the actual sender if the header is forged? | > | >Not very difficult at all (to forge, that is). This is a quick and dirty | >example that should be somewhat traceable. If you want pointers on how to | >trace it, post the whole thing, including headers, to cypherpunks. -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (4)
-
Adam Shostack -
Bill Sommerfeld -
Perry E. Metzger -
tien@well.sf.ca.us