Anonymous flooding

[Theodore Ts'o]

   Date: Wed, 24 Feb 1993 15:11-EST
   From: Marc.Ringuette at GS80.SP.CS.CMU.EDU

   I wonder if full crypto anonymity as we envision it will be stable?
   I'm very concerned about the problem of anonymous users intentionally
   flooding the network with garbage in order to bring it to its knees.
   Current practice, in the non-anonymous world, is to trace excess
   traffic to its source and stop it from being generated.  This will no
   longer be possible when true anonymity is available.

I think the real problem won't be flooding, but the bad name full crypto
anonymity will get when lusers start abusing the system to send
harrassing email and hide behind the protection of an anonymous
remailer.

At MIT, we're considering to start up an anonymous remailer, but with
the proviso that if we get a complaint about a particular pseudonym is
used to send harassing email, or email with threatening violence, and
some other well-defined occassions, that we would reveal, to the proper
authorities, the email address used for sending replies back.

A warning to that effect would be sent back to an email address the
first time the anonymous contact service saw that particular email
address, and assigned it a pseudonym address for replies.  This way,
users would have the proper expectations of privacy.

Ultimately, I think this is the only way that anonymous remailers will
be able to function.  Otherwise, the public outcry the first time one of
these remailers are abused will cause these full remailers to be
shutdown, or otherwise cut off from the net.

						- Ted