No Subject

anonymous at extropia.wimsey.com anonymous at extropia.wimsey.com
Tue May 17 01:11:18 PDT 1994 

alk.politics.guns.usenet at decwrl.dec.com
Subject:  [ANON] War:  How Secure?
Reply-To: john.nieder at tigerteam.org
Bcc: v043948 at stortek.stortek.com
Bcc: mike at hopper.itc.virginia.edu
Bcc: ricky_g_williamson at aud.alcatel.com
Bcc: donb at netcom.com
Bcc: johng at rosevax.rosemount.com
Bcc: magnum at cs.umd.edu
Bcc: sybok at athena.mit.edu
Bcc: brunner%lakota at icarus.ssd.loral.com
Bcc: kolju at cc.lut.fi
Bcc: dan at hopi.dtcc.edu
Bcc: justice at mcs.com
Bcc: cypherpunks at toad.com
Bcc: alt.privacy.usenet at decwrl.dec.com
Bcc: charles.martin at f217.n125.z1.fidonet.org
Bcc: walter at netcom.com
Bcc: martin.greifer at f216.n914.z8.rbbs-net.org

[[Reply-To: john.nieder at tigerteam.org]]

[Please note that I wrote a 70+ line response to your message last
night, but was hit by an hour long power outage which destroyed the post
before completion.  Perhaps this is Pacific Gas & Electric's divine
method of remonstrating such excessive casting of pearls before swine,
but this is probably a question for theologists.  It also prevented me
seeing or taping _Kids in the Hall_, which was the greater tragedy.
What follows is an abbreviated recreation from memory:]

 -=> Quoting Syoung at pecanpi.atl.ga.us to John Nieder <=-

 Sy> Imposing?  Hardly.  The Moderator gets to do that, based on the input
 Sy> of everyone who cares to write - you, me, and even Sarah Brady, should
 Sy> she care to participate.

Note that the moderator censored my posts and that pro-anon netmail I
received that was posted to the group did not appear.
 
 Sy> Well, considering that I make a very nice living in the field of data
 Sy> communications and security, I think I'll stand by my statements. :-)
 
 Sy> The folks interested in getting information about this don't even have
 Sy> to break
 Sy> the coding; in many cases, just being able to do traffic analysis may
 Sy> be enough.  Keeping an eye on a handful of key systems could do it.

I'm amazed that you are being paid good money for supposedly knowing
about these things and do not know that the current generation remailers
incorporate several different schemes for making traffic analysis
virtually impossible at the remailer.  The only thing that can be
determined with any certainty is that an account sends or receives
encrypted messages from a remailer.  This isn't much to go on,
especially considering that the messages are frequently dummies, may
abort or split, do not correspond in size before and after entering the
remailer and are remailed in random order at random times.  Additional
precautions against traffic analysis may be implemented at the
originating and receiving accounts, by generation of artificial volume
or by chaining.

 Sy> I don't contend that it would necessarily be easy, but it can be done.
 
It's my opinion that no one short of the NSA can do it, but they are
estopped by charter from most of such activities (not that this
matters), could not do it economically or routinely and presumably have
more important fish to fry in any case.

It has been established by barium tests that the top level encryption
and remailer tech is immune from law enforcement from the FBI down,
barring physical security breach, tempest attack or user error.

All of which is beside the point, namely that most users need only
trivial anonymity adequate to protect their participation from being
known to nosey employers, administrators and soforth.  As I pointed out,
remailers in a non-anonymous mode are useful for many people.

 Sy> I agree.  In spite of your email address, it is obvious that you have
 Sy> no real experience or understanding of this arena.

You'd be surprised.  Really.  In any case I would personally use other
methods than remailers, particularly advanced steganography techniques,
for the transmission of truly serious communications, if I had any.

 Sy> Concentrating on
 Sy> the  supposed invulnerability of the encryption scheme, and ignoring
 Sy> the other  methods of attack, like traffic analysis, is the mark of a
 Sy> rank amateur. 
 
Indeed!  Note that no one I know does, certainly not the Cypherpunk
principals, and I never said they did.

|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|
| <john.nieder at tigerteam.org> * CP2A * PGP Key # E27937 on all servers |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
|"If you love wealth better than liberty, the tranquility of servitude |
|   better than the animating contest of freedom, go home from us in   |
|  peace.  We ask not your counsels or arms.  Crouch down and lick the |
| hands which feed you.  May your chains set lightly upon you, and may |
|posterity forget that ye were our countrymen."  --  Samuel Adams, 1776|
|=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-|
|BOYCOTT: Pepsico <KFC - Taco Bell - Frito-Lay - Pepsi-Cola> & Gillette|
|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|
---

More information about the cypherpunks-legacy mailing list