StreetMail (triangulate this)
anonymous at mixmaster.nullify.org
Thu Oct 18 17:06:00 PDT 2001
In the view of imminent remailer takeover/shutdown, here is a scheme that can piggyback on any entry/exit point and provide rather decent anonymity. Until I do exhaustive trademark research, let's call it StreetMail.
It has nothing to do with crypto. It just exploits anonymity that (still) exists for people using public streets.
Background: cheap residential 802.11b access points have significant outdoor range and cost around $200 (orinoco rg-1100; proxym skyline; apple airport ($300)). Orinoco seems to be the best choice because it provides ready ability to attach antenna.
All these can be configured to allow access to anyone. Also, it can be specified which kind of traffic is allowed (say, only port 8000).
By directing these access points to use in-house http proxy (like squid) that is configured to allow ONLY access to remailers and throwaway accounts (hotmail, yahoo,etc) all other use of public access is effectively prevented.
If antenna is placed close to the window the range should be around 100-200 meters in the open. An interested party could drive in the range and pickup/send e-mail at will.
Unlike with traditional remailers, where one must trust the operator, here the terrorist user controls anonymity herself. Who has seen you ? If you just walk by with a laptop who can ID you ? (use the radio card that has programmable MAC, like Orinoco gold.)
Best of all, the operator is automagically exonerated, since she has no way of knowing who is connecting to the WLAN. Until operating WLANs becomes a crime, that is.
The disadvantages are obvious - today's few active remailers are reachable from anywhere on the net. The proposed solution requires access point, server and always-on link (like DSL) and there should be one location per, say, half million inhabitants. The only difference between StreetMail this and those that chose to offer their DSL to the public (http://www.seattlewireless.net) is that StreetMail is far more restrictive, so you don't have to worry about your freaky neighbour serving gigs of Illegal Bits.
Now, the above can be set up in about half hour. Further enhancements require access to AP development toolkits (or playing with unix drivers for radio cards instead):
- limiting a single remote MAC to preset time and volume (like once every 6 hrs and no more than 100 kb per session (this also creates liability because logs will exist)
- using internal remailer with random delay, so she can escape
- bouncing traffic via radio links with nearby nodes.
More information about the cypherpunks-legacy