double anonymity via pax and penet

Karl L. Barrus barrus at tree.egr.uh.edu
Thu Jan 7 11:10:50 PST 1993 


Cypherpunks,

	I've been toying lately with "tying" the remailers at pax and
penet together.  Briefly, the anonymous service at anon.penet.fi
supports anonymous remailing (but you must register your id),
anonymous posting, and anonymous forwarding.  The remailer at
pax.tpa.com.au support anonymous remailing (runs pgp, must register
your key for encryption service) and anonymous posting.  For more
info, get the help files by mailing to help at anon.penet.fi and
anon.info at pax.tpa.com.au.
	Anyway, my idea is as follows: somehow get one of these
services to establish an id on the other one, and also establish a
path back to you.  Then, you should be able to receive mail by having
it sent to an anonymous id on one of the services, which will then
forward it to another anonymous id on the other service, which will
then forward to you.
	Of course, as cypherpunks, we have several of our own
cryptographically protected remailers, but I thought I'd explore using
these others ones also.
	If you don't have an id already established on either service,
you can get one by simple trying to use it (for example, posting a
message).  Since the remailer at anon.penet.fi allows anonymous
forwarding (using the % notation), I established a double system as
follows: (for convenience I shall reveal the anonymous id's I was
assigned by this test procedure; @penet shall mean @anon.penet.fi and
@pax shall mean @pax.tpa.com.au)

I mailed to anon.post.alt.test%pax.tpa.com.au at anon.penet.fi from
barrus at tree.egr.uh.edu.

This went to anon.penet.fi, where I was allocated an anonymous id for
barrus at tree.  The id I was given for barrus at tree was an5022 at penet.
Then, penet forwarded to anon.post.alt.test at pax.tpa.com.au (because of
the % notation), which resulted in two things: a post to alt.test, and
the establishing of an id on pax for the anonymous id on penet -
anon.435 at pax.  After a few minutes, I recieved acknowledgment of my
post to alt.test, sent from penet.  So pax sent the acknowledgement to
the anonymous id at penet, which then sent it to me - barrus at tree.  I
also watched for my post to alt.test to appear, which it did.
	So now, mail sent to anon.435 at pax gets forwarded to me via
penet.
	Then, I tried the process in reverse.  I sent to the anonymous
pax allocated from my other account (elee9sf at menudo.uh.edu).  I sent
from the other account because I already have an anonymous id for that
one, and I wanted to keep new account allocation to a minimum, but as
it turns out I think I messed up.  Anyway, the mail I sent made it to
barrus at tree (via pax and penet), but I was allocated another anonymous
id from penet (an5030 at penet), and the notice came to elee9sf!
	After thinking about it some more, I realized that what that
acknowledgement must be.  When I mailed to anon.435 at pax from elee9sf,
I wasn't allocated an anonymous id because I have one.  So pax sent
the message to an5022 at penet.  But penet hadn't seen a message from
anon.435 at pax, so it allocated another id, and sent to acknowledgement
back to anon.435 at pax.  But for some reason, the remailer at pax didn't
send this to an5022 at penet - it jumped it and responded to my account
elee9sf at menudo.uh.edu.  So the pax service seems fairly intelligent.
Or there is a bug :-)
	Then, I tried to mail to anon.435 at pax from barrus at tree.  I
thought I would be assigned an anonymous id at pax for barrus at tree,
but I wasn't.  Actually, for some reason, I was mailed the
acknowledgement of yet another anonymous id, an5047 at penet!
	But, my original goal was to establish an anonymous id on pax
which would forward to an anonymous id on penet (and vice versa), and
I succeeded:

  mail sent to anon.435 at pax goes to barrus at tree via penet
  mail sent to an5030 at penet goes to elee9sf at menudo via pax

as an unplanned effect:
  mail sent to anon.437 at pax goes to elee9sf at menudo via penet
  mail sent to an5047 at penet goes to barrus at tree via pax

	These are the anonymous id's I beleive I've generated because
of this procedure: an5022 at penet, an5030 at penet, an5047 at penet (I don't
understand this one), anon.435 at pax, anon.437 at pax (I don't understand
this one either).  I figured I would use four id's: one from penet for
barrus at tree, one from pax for barrus at tree, one from penet for pax, and
one from pax for penet.
	For some reason, when I mail to anon.437 at pax or an5047 at penet
from barrus at tree, the mail doesn't arrive in either of my accounts.
So I'm still trying to sort out this mess before I mail to the
administrators at both sites, explain what happened, and have these
various id's deleted.  Anybody with an id already established on pax
or penet is welcome to mail to me at anon.208 at pax or an5030 at penet to
help me figure out if it worked (I've run out of accounts to test this
from and I don't want to involve elee7h5 at rosebud where I'm running a
remailer).
	I think the step I may have erred was mailing to anon.435 at pax
from elee9sf, where I have an id.  Maybe by mailing from barrus at tree I
would have been assigned an id, and recieved acknowledgement of an id
from penet for the id at pax, and possibly an5047 at penet wouldn't have
been generated.
	Some uses of this I can think of are of course mailing via
cypherpunk remailers to the first link in the pax/penet remailers
chain.  This would hide our remailers from others, since pax and penet
are well known anonymous services.  I haven't thought of a way to send
messages (other than posting to usenet) via pax/penet.  So I could
post a message, as described above, and collect responses via a double
anonymous reply.  
	Anyway, what do you think??  Any ideas or suggestions?

/-----------------------------------\
| Karl L. Barrus                    |
| barrus at tree.egr.uh.edu (NeXTMail) |
| elee9sf at menudo.uh.edu             |
\-----------------------------------/

More information about the cypherpunks-legacy mailing list