Newbie comments. (fwd)

Kelly Goen kelly at netcom.com
Tue Feb 23 21:39:13 PST 1993


Forwarded message:
> From cypherpunks-request at toad.com  Tue Feb 23 15:40:37 1993
> From: J. Michael Diehl <mdiehl at triton.unm.edu>
> Message-Id: <9302232326.AA26860 at triton.unm.edu>
> Subject: Newbie comments.
> To: cypherpunks at toad.com
> Date: Tue, 23 Feb 93 16:26:08 MST
> X-Also-Known-As: Thunder
> X-Goal-In-Life:  To make a lot of money -- Wanna make a donation?
> X-Mailer: ELM [version 2.3 PL8]
> 
> I've been listening to this list quietly for about 2 weeks. Althought the
> signal to noize ration as been a bit low lately, ;^) it's been very interesting.
> 
> I like the idea of alt.whistle.blowers, and support anything that promotes
> privacy, and Constitutional rights.
> 
> But I have a (newbie?) question.  Isn't it true that, at the network level, it
> is still possible to tell where a message came from and where it's going.  That
> is, given the proper motivation, couldn't "and entity" sniff out all of this 
> information and find out which machine a particular message came from.  And 
> from logs at that machine, which The Entity  naturally has access to, It could
> find out who send the message.  Just wondering.....


 Hi there, 
        well acutally at the network interface level all sorts of tricks are
available... for example at the smtp daemon level all
a snooper has to do is the following

telnet toad.com smtp

when the sendmail banner is seen then
type
VRFY cypherpunks
That will yeild yet another line referring to cypherpunks-real
which verifying will obtain ALL the mail addresses on this cypherpunks mailing
list... I have a small fragment of perl which does the same
trick recursively for every address on the cypherpunks mail list...
why did I write such a thing... well I am writing a mail list to PGP
key server extractor so I can automatically extract keys for members of
cypherpunks-real... I didnt think of the privacy issue until
some moments after I debugged the perl script and got it working...
Similiar open holes exist at EVERY level of the Network and associated
daemons and software, Johh and I have discussed this earlier via email
and he as well as I dont feel its a REAL exposure as the means to
protect yourself is well at hand...
AND yes ALL network traffic can theoretically be traced thats
when crackers and security admins start playing games with
connection laundries and firewall as well as early warning systems...
there are constraints to real world tracing... the Firewalls mailing
list at Firewalls at GreatCircle.COM discusses these and other
issues having to do with security at the network interface level

> 
> Major suggestion:  We need a FAQ!
> 
> Well, that's about it.  I'm still trying to get up to speed with pgp.
> 
> +----------------------+----------------------------------------------------+
> | J. Michael Diehl ;-) |  I thought I was wrong once.  But, I was mistaken. |
> |                      +----------------------------------------------------+
> | mdiehl at triton.unm.edu| "I'm just looking for the opportunity to be        |
> | Thunder at forum        |            Politically Incorrect!                  |
> | (505) 299-2282       |                        <me>                        |
> +----------------------+----------------------------------------------------+
> 

    cheers
   kelly
-- 






More information about the cypherpunks-legacy mailing list