Re: My anonymous remailer
[is cypherpunks down again? Haven't seen any traffic in 24 hours...] : From: ghio@kaiwan.com (Matthew Ghio) : Newsgroups: alt.anonymous,alt.privacy.anon-server,alt.current-events.net-abuse : Subject: My anonymous remailer : For the second time in one week someone has again mailbombed my remailer. : Last weekend it was the infamous Detweiler, and now some lamer from ysu.edu : just mailbombed someone on one of the freenets by sending copies the same : post from comp.binaries.mac over and over... I guess the freshmen have : arrived early this year. : Maybe it is just coincidence but I am starting to get somewhat pissed off. : I've been running anonymous remailers for quite a while now and have never : had to deal with crap like this. As the remailer is a vaulable service for : many people, I don't want to shut it down or start putting burdensome : restrictions on its use... Suggestions appreciated. I've been pondering this for some time. I think it's time to try a new experiment in anonymous remailing. I think that all remailers should close down, then open up with new addresses and a single shared new policy... the new policy being that each individual remailer will do his best to 'out' all posters - complete disclosure, log files available, posts available, summaries show up via finger etc etc. Give *us* the same access to the info that the LEAs have, and let us try to work out who is posting what. This puts the onus on the posters to use the encryption and chaining features, and on us to generate our spoofing traffic and delay mail and whatever else it takes to foil traffic analysis. Also, we automatically bounce submissions in plaintext at the point of entry - the only cleartext should be at the point of exit (and not even that if it's personal mail rather than news postings). And we should not guarantee service. Postings can get lost for whatever reason. If someone wants to kill postings in cleartext at the point of delivery to newsgroups or mailing lists, let them. That should stop the Detweilers and place the responsibility of abusing the remailers on the shoulders of the remailer operators. If an abusive posting is sent to news from remailer X, it's clear remailer X was the one that passed it on and had the cleartext available. And with a new policy of outing everyone automatically, people *know* we'll read the cleartext at the point of delivery. This seems to me more consistent with the cypherpunk ideal of users securing their own privacy, rather than trusting someone. G
Date: Mon, 25 Jul 1994 17:45:07 +0100 From: Graham Toal <gtoal@an-teallach.com> I've been pondering this for some time. I think it's time to try a new experiment in anonymous remailing. I think that all remailers should close down, then open up with new addresses and a single shared new policy... the new policy being that each individual remailer will do his best to 'out' all posters - complete disclosure, log files available, posts available, summaries show up via finger etc etc. Cool idea. Looks to me like Nate's remailer does most of this already. -russ <nelson@crynwr.com> http://www.crynwr.com/crynwr/nelson.html Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | What is thee doing about it? Potsdam, NY 13676 | LPF member - ask me about the harm software patents do.
Graham Toal <gtoal@an-teallach.com> writes:
I think it's time to try a new experiment in anonymous remailing. I think that all remailers should close down, then open up with new addresses and a single shared new policy... the new policy being that each individual remailer will do his best to 'out' all posters - complete disclosure, log files available, posts available, summaries show up via finger etc etc.
This is a pretty radical idea, but it is tempting. Like other remailer operators, I get tired of fielding complaints. I don't look at the messages when they go through, but incorrect ones end up in my mailbox, and I may see them by accident. So many are obscene, name-calling, etc., that it kind of makes you wonder after a while whether the service is worthwhile. Of course, I do tend to see the "dregs", users who are clueless about using the service. Hopefully the more capable users are doing something a little more worthwhile with it. Then there are the constant moral dilemmas. I got flamed pretty well for outing Detweiler on his "Death to Blacknet" spam. I try hard not to look at the messages, deleting bounced mail just from the headers, etc., but it gets to be a pain. In some ways Graham's suggestion to just say, screw you, I'm going to feel free to publicize everything that goes through my remailer, is tempting. Still, though, I think this would do more harm than good. I get about 20 to 40 messages a day through my remailer, and only 5 or 10 of those are encrypted. Switching to a policy that would require chaining and encrypt- ing to make it useful would make it a lot harder to use the remailer. If I have faith that the remailer is doing some good for someone, somewhere, then it would be bad to take that away from the people who are using it now. (I just did a complete search of the news spool directory here for postings from my remailer, and found only four, two of which were duplicates of a claim that cable companies can listen to what you are saying in your living room. I wonder what the traffic through my remailer is?) The other problem I see with Graham's idea is that I'm not sure the technology is there to provide good security in the face of this much information. Not many of the remailers add delay, and a lot of people don't like it when they do. In that case it may be easy to figure out what path even a chained encrypted message took. Even the delaying remailers, if they published message sizes, would usually reveal their in-to-out correspondance. So I think it is premature to do this. Until we have remailers which can support cryptographically strong message padding with standard message sizes, running on un-hackable systems with delays and batching to confuse the in-out relationships, it would be counter- productive to do what Graham suggests. Even once we have it, there is still the question of what the remailer network is for. I think news posting is responsible for a large fraction of the complaints. But does it also provide much of the utility of the technology? Do people use remailers for ordinary email, or just for broadcast-type messages? Unless we understand what the market is for the service it's hard to know what features to provide. In particular, if cleartext output is prevented, how much does that impair the usefulness of the network? My instinct is that it hurts a lot, although it would be nice for the operators since it would eliminate most sources of complaints. Hal
participants (3)
-
Graham Toal -
Hal -
nelson@crynwr.com