Re: Anonymity: A Modest Proposal
-----BEGIN PGP SIGNED MESSAGE----- If you simply do not want to be a final hop, it is trivial to distinguish final hops from intermediate hops in the chain. With cypherpunk remailers you can scan for the remailer headers. With Mixmaster there is a completely different format to the encrypted header (inside the encryption) for final hops as opposed to intermediate hops. I think one solution to this problem is to encourage (require) the use of pseudonym servers. Having a server like alpha as the entity on the from line has several advantages. 1) Less Spam since it takes some effort to set up the nym and it will be taken away as soon as the spam starts. 2) The operator can take firm action. When people complain they want you to punish the abuser. Typically they want you to pull the offenders account. With a remailer there is no account to pull, but with a nym server it is easy to kill the account, making the complainer happy. 3) The nym server could have a policy of only accepting messages encrypted to it, and logging the address the message came from. If confronted, the nym server could point to the last remailer in the chain. But that remailer could not have known the contents of the message since it was encrypted to the nym server. If all nym servers were standardized to run from the same account name (nymserve for example) the remailers could be configured to only deliver final hops to addresses with that username. -Lance
At 12:59 PM 10/19/95 -0400, Thomas Grant Edwards wrote:
This would require the remailer to examine entropy of messages passing through. Anything not random enough gets tossed.
A simple entropy measuring algorithm:
<SNIP> -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMIp4yfPzr81BVjMVAQGjjAf+JWEiompiWc0VUnrwBPf8D6PYBi17aCFi 7h+zHiyoA2WXAT3Y/rDdBAKq4MI+Gg+7xs2YqmXKQPSd35UBL4UJAzNHtOEA2uo5 5XN83+9oZ6AJm6oVLmmm/vvv49Ts1VEOc4ANmqdQ0k5lHsNqFAte7eFk4aUlsiIi +UUtUHc4zeXvr/T25TAEjGhB5b9DfwESYXPh1XkHBHiYCYIAsbadxGwAutVSUTWA zPOiSRVSWZ+BY4H1FvnnDdoAMYE+AwpgR1iVinbNFcrjjEm+pYiWyS2FzMoQMv6N 2mZuuFQVGRJc6sSsdSsn35kz3sJg44s/mUnyq48uyJBOblv961SYZA== =bo2F -----END PGP SIGNATURE----- ---------------------------------------------------------- Lance Cottrell loki@obscura.com PGP 2.6 key available by finger or server. Mixmaster, the next generation remailer, is now available! http://obscura.com/~loki/Welcome.html or FTP to obscura.com "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche ----------------------------------------------------------
Lance Cottrell writes:
I think one solution to this problem is to encourage (require) the use of pseudonym servers. Having a server like alpha as the entity on the from line has several advantages.
1) Less Spam since it takes some effort to set up the nym and it will be taken away as soon as the spam starts.
I fear this will be a short-lived gain. User-friendly scripts for establishing pseudonymous accounts are pretty easy to write. They may be beyond the average Fast Money Maker, but I expect myself and others will be putting them out on the Net for general consumption. I can certainly imagine one of those scripts being expanded to automatically create salesdroid001@nymsrus.org, ..., salesdroid999@nymsrus.org and emitting the same spam once from each pseudonym to a different destination. You would want to apply a statistical spam filter (of the kind mentioned recently by Greg Broiles) to the entire output of each pseudonymizer in an attempt to nip such spams in the bud. Semi-permanent account status confers privileges to the user, IMHO. I believe a pseudonymous account ideally should be treated the same as a regular account on an ISP. For example, an admin will not unilaterally close an account upon receiving a single complaint about the account user. Certainly I don't know of an ISP that routinely blocks its users' accounts from sending mail to selected other accounts. Lest I seem too presumptuous, let me say that I realize all immediately foreseeable pseudonymizers are free services. Clearly these service providers can set whatever policies they wish, and are not directly competing with the fee-charging ISPs. Perhaps future fee-charging pseudonymizers will consider these criteria in offering enhanced services. -Futplex <futplex@pseudonym.com>
With the release of digicash I hope that we can soon make this stuff for-pay and much of the spam problem will be fixed. (Not all of it, of course.) (I am rather hesitatnt to setup an account with Mark Twain though.. $2,500 min balance and not FDIC insured?)
Lance Cottrell writes:
I think one solution to this problem is to encourage (require) the use of pseudonym servers. Having a server like alpha as the entity on the from line has several advantages.
1) Less Spam since it takes some effort to set up the nym and it will be taken away as soon as the spam starts.
I fear this will be a short-lived gain. User-friendly scripts for establishing pseudonymous accounts are pretty easy to write. They may be beyond the average Fast Money Maker, but I expect myself and others will be putting them out on the Net for general consumption.
I can certainly imagine one of those scripts being expanded to automatically create salesdroid001@nymsrus.org, ..., salesdroid999@nymsrus.org and emitting the same spam once from each pseudonym to a different destination. You would want to apply a statistical spam filter (of the kind mentioned recently by Greg Broiles) to the entire output of each pseudonymizer in an attempt to nip such spams in the bud.
Semi-permanent account status confers privileges to the user, IMHO. I believe a pseudonymous account ideally should be treated the same as a regular account on an ISP. For example, an admin will not unilaterally close an account upon receiving a single complaint about the account user. Certainly I don't know of an ISP that routinely blocks its users' accounts from sending mail to selected other accounts. Lest I seem too presumptuous, let me say that I realize all immediately foreseeable pseudonymizers are free services. Clearly these service providers can set whatever policies they wish, and are not directly competing with the fee-charging ISPs. Perhaps future fee-charging pseudonymizers will consider these criteria in offering enhanced services.
-Futplex <futplex@pseudonym.com>
-- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org
With the release of digicash I hope that we can soon make this stuff for-pay and much of the spam problem will be fixed. (Not all of it, of course.) (I am rather hesitatnt to setup an account with Mark Twain though.. $2,500 min balance and not FDIC insured?)
It also sez thata maintenance fee of $10 (or so) will be imposed if the account has less then $250, so why not set up the account and deposit $2500 and then withdraw $2200 leaving $300 ? Or would that be "wrong" <g> Regards, -AJ-
Lance Cottrell writes:
If all nym servers were standardized to run from the same account name (nymserve for example) the remailers could be configured to only deliver final hops to addresses with that username.
A detail I missed before: the remailers used in pseudonym reply blocks must somehow deliver replies to the True Name (verinymous ?) address of the holder of the pseudonym. I suppose they could all finally be routed to the pseudonymizer, which would deliver the messages directly to the intended recipient (holder of the pseudonym). -Futplex <futplex@pseudonym.com>
participants (4)
-
Alex de Joode -
futplex@pseudonym.com -
loki@obscura.com -
sameer