CDR: Re: -C-P- Re: would it be so much to ask..

Asymmetric all at biosys.net
Tue Sep 19 22:03:47 PDT 2000 

At 13:47 09/19/2000 -0700, Tim May wrote:
>(P.S. Lose the toad.com address. Get a clue. Or, since you appear to be a 
>luser, "loose the toad.com address.")

You keep sending to it yourself.  Mind explaining what the problem is?


>And how many anonymously-remailed messages to this list have ever, in all 
>the years of this list, included reply blocks? No more than a small 
>handful, as I recall seeing.

Exactly my point.


>"the remailers allowed return mail" is terribly misleading, and probably 
>arises out of ignorance of what reply blocks are and why they are so 
>difficult to use, rather than imprecision in language.

I did rather mean pseudo-anonymous remailer, and the other response 
indicating I was talking about Julfs' remailer was correct.  It's not as 
though his was the only one that existed either, just the most popular.. 
likely among the most popular BECAUSE it kept this database and allowed 
responses; If the database it was using had been encrypted with a key known 
only to the remailer software itself, then it would have been easier for 
him to refuse to give up the information that he was ordered to produce.

As for my being naive as you claim in a second here, who is really being 
naive here?  You think that just because the remailer doesn't maintain an 
active database of nym mappings that it's immdiately impossible for it to 
be reversed?  You implicitly trust anyone who says "here, use my remailer, 
I guarantee it's anonymous?"  Get with the program.  One fucking line on a 
console, in a firewall rule, anywhere along the way could fuck you into 
losing your anonymity, unless the message was sent encrypted to the 
remailer, and that's just to start with.


>As for "I can't believe they exist just to totally isolate...", with your 
>claim that forging headers is apparently a good alternative, you are naive 
>and ignorant.
>
>Do you think that the anonymous poster who posted the RC4 code here 
>several years ago should simply have done some kind of Port 25 hack 
>instead of using a remailer?
>
>Do you think that the folks who distributed the CoS NOTS files should have 
>used header forgings instead of using Cypherpunks remailers? (As the 
>educated amongst you know, the CoS efforts to force Julf to disclose the 
>mapping ultimately failed to produce the source when Julf's mapping only 
>pointed back to a Cypherpunks-type remailer being run at that time by C2Net.)

I think that using a forged header is just as reliable as using an 
anonymous remailer, and just as anonymous if done right.  There is no "port 
25" hack involved.  It's as simple as setting whatever email software you 
use to use X as it's smtp server, and then entering a nonexistant return 
address somewhere else.  At best, you'll be totally anonymous.  At worst, 
as is the case with any remailer, some log somewhere could exist that a 
connection to the server took place from w.x.y.z and may even contain the 
to and from addresses used.  In general though, sysadmins are very stupid, 
and seldom go to the trouble of logging this kind of information for 
successful email messages.. typically only failures are logged.

So what is more naive?  To assume the fact so plainly evident in everyones 
face that the vast majority of sysadmins out there are lazy and stupid and 
then just pick one at random and do as I suggested, or to pick one of the 
"anonymous remailers" that make an outright claim to be anonymous, but that 
you have no way of verifying?  One sounds like a shot in the dark with a 
very good chance at hitting something, the other one sounds like an ideal trap.

On another note, if you're clued in enough to even know what an anonymous 
remailer is, where they can be found, and how to use them, I'm sure that "A 
port 25 hack" as you oh-so inaccurately put it would be something easy for 
you to do as well.


>If you don't get it, you have no business trying to architect the 
>structure of our list.

I made a suggestion.  You people that responded so caustically maybe are 
tired of hearing the same suggestion over and over again.  I'm tired of 
getting spam that wastes my time, my bandwidth, space on my mail server, 
and any other number of various and sundry resources.

If I "whine" about getting spam... well so be it.  Just know that you all 
whine about my messages, with far more useless messages, and far less 
reason to be at all upset.

Who are the real whiners here?


-------signature file-------
PGP Key Fingerprint:
446B 7718 B219 9F1E 43DD  8E4A 6BE9 D739 CCC5 7FD7

"I don't think [Linux] will be very successful in the long run."
"My experience and some of my friends' experience is that Linux is quite 
unreliable. Microsoft is really unreliable but Linux is worse."
-Ken Thompson, Interview May 1999.

http://www.freebsd.org
FreeBSD - The Power to Serve

http://www.rfnj.org
Radio Free New Jersey - 395 streams - 96kbps @ 44.1khz

More information about the cypherpunks-legacy mailing list