On Sat, Mar 23, 2002 at 12:23:17PM -0800, Morlock Elloi wrote: > The number of programmers that would publish a usable package which > has not even theoretical means of being traced to them is very > limited. Even signing it and keeping the key is a risk. > > [...] > > The fact that such even never happened supports this view.
Historically there were some relatively significant packages anonymously published: eg Pr0duct Cyphers' magic-money, Henry Hastur's PGP Stealth; possibly there are others which have not especially tried to draw attention to the fact that they were strongly anonymously published. The bit-police would then find that out later if and when they tried to trace the author, and when the trail is years cold, the remailers used and their keys long gone. Shades of the scientologists bumping into a long dead nymserver account probably pointing at a newsgroup after obtaining an email address from penet.fi. Though perhaps less fun the latter kind of low profile anonymity seems like an even better idea; it's not like you're going to notice the difference. Adam
