-----BEGIN PGP SIGNED MESSAGE----- This is a longer response to the warning posted by Xavier.
Beware of the message about the security bug in the anon.penet.fi software!
Indeed.
If you do as requested, and send your true email address to an5877@anon.penet.fi then he will see both your true email address and your anonymous address (if you have one - if you don't, you will be assigned one and he will see that). Any future use you make of this anonymous server (say, to post anonymously) will appear under that same anonymous address - and this person will know your true email address that goes with it.
You got me. I meant only slight malice here: I had intended to "expose" a few email/anon associations to highlight the problem. The problem became apparent to me when I sent pseudonymous mail to a prominent person on this list; his reply exposed his pseudonymous id at anon.penet.fi, surely without his knowledge.
an5877's message appears to be a trick, designed to collect anonymous/real address pairs. Johan Helsingius should take action against this trickster. Since he is learning other people's real addresses, perhaps it would be appropriate for his own real address to be revealed.
Now that would be a _very_ serious "bug" in the anon.penet.fi remailer (or, more accurately, in its administration); I am confident Johan Helsingius will reject this suggestion.
But, this does point out that these systems which automatically assign anonymous addrsses have several security flaws. Johan has already had to introduce a "password" feature to make it more difficult to send fakemail that appears to be from a particular email address through the server, thus revealing the corresponding anonymous address when it is delivered.
I think that merely masks the real problem.
an5877's trick is a variant on one discussed in news.admin.policy where it is pointed out that you can mail to someone via anon.penet.fi and ask for information; when the return mail comes back it will be from that person's anonymous address. So again you can pair up real and anonymous addresses.
I missed that discussion, or I wouldn't have wasted your (our) time.
These are serious problems. We need some discussion of how to avoid these simple tricks for defeating the anonymity while still having an easy-to-use system.
Any ideas? For starters, I think the default behavior of anon.penet.fi is badly broken. But a more serious problem with anon.penet.fi and the other remailers I am aware of is the necessity that we pseudonymous clients have to rely on the integrity of their administrators to keep our pseudonyms private. In the face of social pressure, such as Xavier's, that may be asking a lot.
::Xavier::
DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.1 iQBFAgUBK4lr4/FZTpBW/B35AQGqeAF/UBefmNprQacueYazdvhAKMF4nA+2vl44 /+FMACnWjd7yaoG99VeyhO/S6vptT1UB =yZRb -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help@anon.penet.fi. Due to the double-blind system, any replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin@anon.penet.fi. *IMPORTANT server security update*, mail to update@anon.penet.fi for details.
participants (1)
-
nowhere@bsu-cs.bsu.edu