Traceable Infrastructure is as vulnerable as traceable messages.

Sampo Syreeni decoy at iki.fi
Sun Aug 5 06:07:14 PDT 2001


On Sat, 4 Aug 2001, Tim May wrote:

>Entrance and exit mixes can easily be set to be Usenet or other Net-based
>public posting and reading places. Kind of hard for the U.S.G.  or the
>F.S.U. to shut down a newsgroup replicated across the world in many
>places.

Yes, broadcasts and mixnets have different tolerance to different kinds of
attacks, with benefits of synergy. But saying they're unassailable simply
because they work fine, now, is short-sighted.

AFAICS, it's likely a matter of priorities -- currently anonymity does not
pose a significant threat to governments. If that changes, the heat will
intensify, possibly to a point where means currently unimaginable could be
employed (e.g. national firewalls, regulation of nonconduct, creative
interpretation of laws on criminal collaboration, RICO, whathaveyou).

Besides, what happens in the US currently has a lot of weight in the global
Internet. Causing a netsplit between the US and the rest of the world is
enough to severely harm most online services out there. Criminalization of
online conduct in the US may be all it takes to make an anonymous online
economy too cumbersome to hack.

>I see no particular reason why it will suddenly become cheap ("repeat ad
>nauseum") for lawyers to shut down tens of thousands of Web sites,
>publishers, mailing lists, message pools, and Democracy Walls.

For remailers, mandatory filtering at the ISP level? For broadcasts, you
track all the receivers and correlate to arrive at likely suspects.

>Especially, by the way, if those entry and exit sites are in other
>countries.

If they can pass CALEA, they probably could force internet exchanges to
filter remailer traffic, given favorable public opinion. All you need is a
view of anonymity proponents as anti-state anarchists intent on protecting
known dangerous criminals (thus, collaboration), and a couple of high
profile trials where remailers successfully protect the identity of
terrorists or child molesters. The fuss about Osama bin Laden and
encryption/stego might well be the first step in such a campaign.

As for foreign remailers, a number of governments might be pliable enough to
overlook US originated DoS attacks on them after having been convinced that
anonymity is a real threat not only to the US, but to each and every nation
state.

Now, the above is of course fiction, for now at least. But keeping such
widescale attacks on the infrastructure part of the threat model is not,
IMHO, a bad idea. The discussions on stego, disposable remailers, physical
broadcast technology and the like are part of that, and serve to lay the
groundwork in case shit one day does hit the fan.

Sampo Syreeni, aka decoy, mailto:decoy at iki.fi, gsm: +358-50-5756111
student/math+cs/helsinki university, http://www.iki.fi/~decoy/front





More information about the cypherpunks-legacy mailing list