Thank you for posting the "Compromised Remailers" article: http://cryptome.org/remailers-tla.htm Over the past year, many remailer users have noticed that the reliability of the Mixmaster type II network has steadily degraded. Although it may well be the result of TLA interference, the remailer community's statistical methods of selecting a "reliable" remailer chain contribute significantly to the network's degradation. As a former employee of the United States Army Communications Command [USACC] Headquarters, I was amazed to stumble upon the existence of a publicly available communications medium permitting truly anonymous communication by hampering the government's ability at "traffic analysis," or tracking an email message from its source to its destination. One would have to be foolish to believe that TLAs are not hard at work trying to pierce the veil of anonymity afforded by the Mixmaster type II, and, the yet to be released, type III remailers. I ran tests in September, October & November, and provided the Mixmaster developers & remail operators with the same results I've included below. My testing was extremely simple: send a bunch of messages, and note which messages arrived. [The same procedure an accountant would use in tracking a financial transaction from its origin to its destination.] What I found was that a handful of remailers accounted for virtually all of the un-delivered email messages. Yet, these same remailers, that never delivered my email messages to the "alt.anonymous.messages" news group, where also listed as among the most reliable remailers in mixmaster stats used to select remailer chains. I've included my recommendations to improve the network's reliability in the test results below. ----------------------------------------------------------------------------- Mixmaster II Reliability Issues & Test Results ----------------------------------------------------------------------------- The major issue currently plaguing the Mixmaster remailer network is the true reliability of the LAST remailer in a chain. A considerable number of these remailers habitually act like "Black Holes" for email messages destined for "alt.anonymous.messages" and other news groups. Unfortunately, most of these "Black Hole" remailers also happen to be listed as among the most reliable remailers in mixmaster stats, with ratings ranging from the upper 90's to 100; consequently, it's highly probable that messages sent to newsgroups will frequently hit one of these demon remailers, never to reach their intended recipient. Over the past 2 months, I've sent & tracked over 5,124 email messages consisting of either 4 or 6 copies of 1,220 unique messages, each routed through 11 Mixmaster type II remailers, to the "alt.anonymous.messages" news group. --------------------------------------------------------------- Last Remailer Lost Msgs Delivered Msgs % Reliability --------------------------------------------------------------- antani 63 0 0 cripto 65 0 0 hastio 41 0 0 george 31 7 18 paranoia 41 10 20 futurew 33 9 21 edo 27 9 25 starwars 54 29 35 itys 7 9 56 italy 7 10 59 bog 3 14 82 freedom 3 45 94 tonga 5 106 95 liberty 2 51 96 panta 3 69 96 bigapple 3 104 97 metacolo 3 99 97 bogg 1 52 98 dizum 2 106 98 jmbcv 1 59 98 frell 0 34 100 randseed 0 3 100 --------------------------------------------------------------- Sub-totals 395 825 68 --------------------------------------------------------------- Total 1,220 --------------------------------------------------------------- Surprisingly - at first - I found that sending messages through chains of remailers rated, in mixmaster stats, at 98% or greater was FAR LESS reliable than sending messages through remailers rated at 50% or greater. This is because the "Black Hole" remailers were almost always rated, in mixmaster stats, at 98% or greater reliability, while the remailers that were the most successful at delivering my messages were usually rated, in mixmaster stats, at reliability ratings of 90% or lower. For those of you yelling, "it's the broken chains, dumbass!" I strongly disagree. Messages sent through broken chains were more than twice as likely to successfully reach the intended news group than were messages that failed. -------------------------------------------- Messages Sent Through Broken Chains (copies of the same message) -------------------------------------------- Copies Lost Delivered -------------------------------------------- 4 13 31 3 40 92 2 94 218 1 154 325 -------------------------------------------- Sub Total 301 666 -------------------------------------------- Total 967 -------------------------------------------- Broken chains were somewhat reliable predictors only after all the "Black Hole" remailers were removed from the remailer chains selected to send messages. Even then, the broken chain stats were marginally reliable only on the infrequent occasion that broken chains changed little from day to day. The difference I found in the actual ability of a remailer to successfully deliver email was completely at odds with the mixmaster remailer stats and broken chain data, rendering them of little value in selecting a remailer chain that insures a successful delivery. The remailer network screams for a testing methodology that stresses the success of actual messages delivered to their destination, as I've done in this test. Basically, the network needs to be auditable, and the current method of evaluating remailer reliability needs a complete re-think because it's not working well, at all. Additionally, Quality of Service standards need to be established and maintained. Remailers that consistently fail to deliver messages need to be removed from the network. I consistently achieved a 95% success ratio by removing the remailers, listed above, that failed to deliver email messages less than 94% of the time. It would also be helpful for there to be better communication between remailer operators. Example: "Italy" abruptly stopped accepting mixmaster messages on the morning of Monday, October 20, but did send an email, that morning, to the remops mailing list announcing its action to permanently leave the mixmaster network. At least two days later, italy was still listed as a working mixmaster remailer, and not even listed as a broken chain for most remailers. * When the "Black Hole" remailers were in the chain, but not the final remailers, they were as reliable as the rest of the remailers. I found this extremely puzzling. Thankfully, I'm not much of a conspiracy theorist... * Fortunately, in 5 of the tests when "bogg" was randomly selected as one of the last remailers, it posted all copies of each message to the "alt.anonymous.messages" news group instead of only sending one copy. Thank God for small favors. ;) ---------------------------------- Copies of Messages bogg posted to "alt.anonymous.messages" ---------------------------------- Copies Messages ---------------------------------- 4 5 3 8 2 10 1 1 ----------------------------------

From the first line: for 5 separate messages, all 4 copies of the messages sent through "bogg" were posted to the "alt.anonymous.messages" news group.

As you can see from the bogg data, usually more than a single copy made it through to the last remailer for the test cycles I noted. Using bogg as an example, I feel comfortable "jumping to the conclusion" that most of the "Black Hole" remailers, that failed to deliver messages to the alt.anonymous.messages" news group, usually received more than one copy of each message. I hope this helps improve the reliability of a network I've come to rely upon over the years... Keep up the good work! ----------------------------------------------------------------------------- Mixmaster II Reliability Issues & Test Results [Final Test] ----------------------------------------------------------------------------- 183 messages [4 copies] were sent through chains of 20 remailers with an overall & final remailer reliability of 30% or greater. This was truly a torture test that guaranteed every message an equal probability of crossing a broken chain. The results of this final test were in line with my earlier testing conducted in September & October. In a nutshell: choosing a low reliability for the remailers resulted in a greater number of messages reaching their intended recipient, which, in both tests, was the "alt.anonymous.messages" news group. This is because the "Black Hole" remailers were almost always rated, in mixmaster stats, at greater reliability than remailers that were the most successful at delivering my messages. The Mixmaster network had an overall improvement of 4% over my earlier testing, in which some batches of messages were sent through remailer chains with reliabilities of 98%, while other batches were sent through remailer chains with reliabilities of 50%. This time around, I used a reliability of +30%. I didn't bother tracking bad chain data this time around because I found the data inconsequential in my earlier testing. In both earlier & present testing, all messages had an equal probability of encountering a bad chain, and a chain of 20 remailers, in this test, virtually guaranteed it. Let me clarify the statement: "I found the bad chain data inconsequential in my earlier testing." It's not that the data aren't necessary in choosing a good chain. In fact, you can bet that the new Mixmaster client's ability to avoid bad chains was primarily responsible for all the 100% ratings in this testing cycle. [The developers really deserve a strong round of applause for their improvements to the Mix client & bad chain data.] The reason the bad chain data are inconsequential to the testing is that all messages have an equal probability of encountering a bad chain that may develop over the many hours, or days, it takes for the messages to navigate 20 remailers. My recommendations are the same as I previously outlined in my earlier test results, which I've included below... Thanks again to all the developers & remops! ---------------------- November test results: ---------------------- (November 19, 20 & 21) 183 messages (4 copies of each) ------------------------------------------------- Last Remailer | Sent | Arrived | % Reliability ------------------------------------------------- antani 14 0 0 cripto 8 0 0 futurew 12 0 0 george 6 0 0 hastio 4 0 0 bunker 8 3 38 paranoia 16 14 88 bigapple 14 13 93 dizum 10 10 100 edo 12 12 100 freedom 5 5 100 frell 12 12 100 itys 15 15 100 metacolo 8 8 100 panta 15 15 100 randseed 9 9 100 starwars 9 9 100 tonga 6 6 100 ------------------------------------------------- Total 183 131 72 ------------------------------------------------- -----