BriarProject Messaging 1.0 Released
juan.g71 at gmail.com
Thu May 10 23:42:52 PDT 2018
On Thu, 10 May 2018 23:33:39 -0400
Steve Kinney <admin at pilobilus.net> wrote:
> Back around 1999 or 2000 I documented what I believed to be an
> ongoing, successful attack agaisnt the Mixmaster remailer network.
> First, I attempted to geolocate all the 'reliable' routers then
> active. I found a startling number of them in the State of Texas,
> suggesting one sponsor for all - therefore, capable of following the
> "bouncing ball" of high latency traffic in many chains.
> I found others in IP ranges assigned to various countries, including
> ones with "mutually hostile" political and economic relations. So I
> created chains that crossed mutually hostile borders and started
> sending test messages. I sent several batches over a period of about
> a week. NONE ever came back to me, indicating high likelihood of
> deliberate interruption of that traffic - the global adversary at
I must admit I haven't fully done my homework but as
far I understand the system, it's supposed to work if at least
one of the mixing nodes isn't compromised?
Cheap intuition tells me that a low bandwith, 'high latency'
system with long mixing chains has to be somewhat better than
the likes of tor. Then again, I haven't done too much rigorous
thinking on the matter so...
> So there's nothing new about the "ha ha fuck you" nature of allegedly
> anonymized comms on the networks. The only real security afforded
> would be in the "my adversary does not want to openly disclose this
> capability if he can avoid it" category, which is thin cover indeed...
And they don't need to disclose anything anyway. The nsa can
always tell the cops "the silk road server is here" and then
the cops will come up with some 'parallel construction' fairy
> IMO physical opsec is the only guarantor of anonymity on the networks:
> Hit and run comms with a scrambled MAC address via open routers, with
> due attention to avoiding surveillance on the way in and out,
yeah...so it's something that the very vast majority of mortals
can't do =/
and even if you can do that, it's mostly useful for sending
> seems to
> be the only option where /real/ hazards from State sponsored terrorist
> reprisals are on the table.
More information about the cypherpunks