On Mon, 31 Dec 2001, Bill Stewart wrote:
> Depending on the recipient, you might or might not be encrypting the message.
> But the important security you're protecting is the connection between
> the sender and the recipient.
Agreed, assuming that something in the text itself wouldn't be
identi
Depending on the recipient, you might or might not be encrypting the message.
But the important security you're protecting is the connection between
the sender and the recipient. Depending on the application,
the sender may be trying to prevent the recipient from knowing his address,
or the two o
On Sat, 29 Dec 2001, Bill Stewart wrote:
> Obviously there are some destinations that need to be exceptions.
> Usenet's easy - keep track of known mail2news gateways,
> and any time you send mail to Usenet, you need to put lots of disclaimers
> about it's remailed, it's probably forged, there's n
On Sat, 29 Dec 2001, Bill Stewart wrote:
> > At 09:01 PM 12/17/2001 -0600, Jim Choate wrote:
> The only way to get security is for the originator to do the encryption -
> otherwise, if ANY remailer in the chain is compromised,
Actually this isn't the 'only' way. ALL (!!!) that is required to k
[Various discussion about spammers using crypto to use remailers.
There's not much, but it's there. Encrypted-Outgoing-Only
reduces the problem a lot, since there aren't many people who'll
positively respond to encrypted spam :-) ]
At 08:15 PM 12/19/2001 +0100, Anonymous replied to Peter Trei:
>
At 09:01 PM 12/17/2001 -0600, Jim Choate wrote:
>On Mon, 17 Dec 2001, Trei, Peter wrote:
> > and sends the contents on to the next address (yes, this type of remailer
> > does not include nice features such as cover traffic).
>
>And it can't encrypt that outgoing traffic since it doesn't have the
Um, Blanc, that was a rethorical question. :) I don't really want to know
the "answer" -- it doesn't really matter.
--Kaos-Keraunos-Kybernetos---
+ ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\
\|/ :aren't security. A |shar
>From Sunder:
"Certainly power does corrupt, but you've got to think that at one point in
their lives before they became G men, they had it in mind that they were
doing something good and wholesome in working for Uncle Sam, and
protecting Americans and the American Way of Life (as defined by the
On Mon, 17 Dec 2001, Faustine wrote:
> Actually, I wouldn't be surprised if some of them did have nightmares about the
> Constitution. Not as a piece of paper dancing around on Mickey Mouse legs or
> whatever the hell you're getting at, but as an idea repersenting the rule
> of law that was going
On 19 December 2001, Peter Trei wrote:
>> Ben Xain[SMTP:[EMAIL PROTECTED]]
>> In fact, spammers currently *do* send mail encrypted to the remailers'
>> keys. It's a pain in the ass trying to filter the damn stuff out.
>First I've heard that. Frankly, I'm suprised.
>
>One solution, which I've lon
Last I heard, neither MAE East, nor MAE West were ever dragged into
court on co-conspiritor charges just because packets from some German
hacker kid hopped through their Cisco's.
--Kaos-Keraunos-Kybernetos---
+ ^ + :Surveillance cameras|Passwords are l
> One solution, which I've long advocated, is for the remailer to drop
> mail which has an unencrypted body after it's applied it's decryption
> key.
>
> Provided this is an announced policy, substantially increases the
> protection of the mail and the remop. It does mean that only people
> cap
> Ben Xain[SMTP:[EMAIL PROTECTED]]
>
> > On Tue, 18 Dec 2001, David Honig wrote:
> > > Can't spam be repelled by not forwarding email not encrypted to
> > > the remailer's key?
>
>
> In fact, spammers currently *do* send mail encrypted to the remailers'
> keys. It's a pain in the ass trying to
On 18 December 2001, Meyer Wolfsheim <[EMAIL PROTECTED]> wrote:
> On Tue, 18 Dec 2001, David Honig wrote:
> > Can't spam be repelled by not forwarding email not encrypted to
> > the remailer's key?
>
> Who is to say that spammers won't use remailer clients that automatically
> encrypt to the rema
David Honig wrote:
>
> At 02:42 PM 12/18/01 -0800, Meyer Wolfsheim wrote:
> >On Tue, 18 Dec 2001, David Honig wrote:
> >
> >> Can't spam be repelled by not forwarding email not encrypted to
> >> the remailer's key?
> >
> >Who is to say that spammers won't use remailer clients that automatically
>
At 02:42 PM 12/18/01 -0800, Meyer Wolfsheim wrote:
>On Tue, 18 Dec 2001, David Honig wrote:
>
>> Can't spam be repelled by not forwarding email not encrypted to
>> the remailer's key?
>
>Who is to say that spammers won't use remailer clients that automatically
>encrypt to the remailers' keys?
Yes
On Tue, 18 Dec 2001, David Honig wrote:
> Can't spam be repelled by not forwarding email not encrypted to
> the remailer's key?
Who is to say that spammers won't use remailer clients that automatically
encrypt to the remailers' keys?
Using remailer clients should be *easy*. Saying "this is too
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: "Faustine" <[EMAIL PROTECTED]>
Marcel wrote:
>Actually, I wouldn't be surprised if some of them did have nightmares about the
> Constitution. Not as a piece of paper dancing around on Mickey Mouse legs or
> whatever the hell you're getting at,
At 06:56 PM 12/17/01 -0600, Jim Choate wrote:
>On Mon, 17 Dec 2001, Trei, Peter wrote:
>
>> Yes, I have read the letter - they need to treat input from known remailers
>> differently due to worries over spam and flooding attacks, so they treat
>> other known remailers as priviliged sources of hig
--
On 17 Dec 2001, at 21:01, Jim Choate wrote:
>
> On Mon, 17 Dec 2001, Trei, Peter wrote:
>
> > Typical Choate, missing the point.
>
> Merry Christmas to you too.
>
> > A remailer simply gets sent a message,
> > applies it's decryption key,
>
> The same key it shares with everyone else (all
On Mon, 17 Dec 2001, Trei, Peter wrote:
> Typical Choate, missing the point.
Merry Christmas to you too.
> A remailer simply gets sent a message,
> applies it's decryption key,
The same key it shares with everyone else (all users to anon_1 use the
same key - bad!!! idea). Allows you to build
>>something similar to 'innocent until proven innocent'. > That's the only
defence against 'conspiracy'.
>> Typical Choate, missing the point. A remailer simply gets sent a
message, applies it's decryption key, and sends the contents on to the next
address (yes, this type of remailer does no
> Jim Choate[SMTP:[EMAIL PROTECTED]]
>
> On Mon, 17 Dec 2001, Trei, Peter wrote:
>
> > Yes, I have read the letter - they need to treat input from known
> remailers
> > differently due to worries over spam and flooding attacks, so they treat
>
> > other known remailers as priviliged sources of
On Mon, 17 Dec 2001, Trei, Peter wrote:
> Yes, I have read the letter - they need to treat input from known remailers
> differently due to worries over spam and flooding attacks, so they treat
> other known remailers as priviliged sources of high volume traffic.
>
> This does not invalidate my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: "Faustine" <[EMAIL PROTECTED]>
Marc wrote:
> My point was that without constitutional protection, it would be
>>infinitely easier for innocent people and arbitrarily-determined thought
>>-criminal "enemies of the state" to be shot right along w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: "Faustine" <[EMAIL PROTECTED]>
> My point was that without constitutional protection, it would be
>infinitely easier for innocent people and arbitrarily-determined thought
>-criminal"enemies of the state" to be shot right along with the real
>c
Peter Trei writes:
> Modulo the recent discussion of how some remailers
> treat traffic from other known remailers differently than
> mail from unknown addresses, remailers don't need to
> know about each other.
>
> If they don't know know about each other, and there is
> nothing on the machines
> --
> From: Nomen Nescio[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, December 17, 2001 1:10 PM
> To: [EMAIL PROTECTED]
> Subject: RE: CNN.com on Remailers
>
> Peter Trei writes:
> > Modulo the recent discussion of how some remailers
> &g
Leitl[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, December 17, 2001 11:17 AM
> To: Trei, Peter
> Cc: [EMAIL PROTECTED]; 'An Metet'
> Subject: RE: CNN.com on Remailers
>
> On Mon, 17 Dec 2001, Trei, Peter wrote:
>
> > If I were a remailer operator, I'
On Mon, 17 Dec 2001, Trei, Peter wrote:
> If I were a remailer operator, I'm not sure I'd like this. Active
> cooperation with another remaler operator means that if
> he/she/it does something illegal, you could be dragged in
How is this different from the current situation? Is usage of a specif
operators nefarious
activities.
Peter Trei
> --
> From: An Metet[SMTP:[EMAIL PROTECTED]]
> Sent: Saturday, December 15, 2001 11:17 PM
> To: [EMAIL PROTECTED]
> Subject: RE: CNN.com on Remailers
>
> > Remailer operators should have permanent encry
From: "Faustine" <[EMAIL PROTECTED]>
> My point was that without constitutional protection, it would be
infinitely
> easier for innocent people and arbitrarily-determined thought-crimanal
"enemies
> of the state" to be shot right along with the real criminals. In America
as it
> exists today, the
At 12:22 PM 12/16/2001 +0100, Eugene Leitl wrote:
>On Sat, 15 Dec 2001, Steve Schear wrote:
>
> > During your "rant" on re-mailers I mentioned the desirability of using
> > popular P2P services in conjunction with remailers, possibly as middleman
> > nodes. Len pointed out the problems with re-ma
How much would be gained by using DC-Nets for inter-remailer communication?
Generally, DC-Nets increase the traffic by a factor equal to the number
of nodes in the net. Suppose there were a core set of always-connected
remailers with about a dozen members, few enough to make a DC-Net
practical g
On Sat, 15 Dec 2001, Steve Schear wrote:
> During your "rant" on re-mailers I mentioned the desirability of using
> popular P2P services in conjunction with remailers, possibly as middleman
> nodes. Len pointed out the problems with re-mailer system stability if P2P
> clients were used as they c
At 10:39 PM 12/11/2001 -0800, Tim May wrote:
>On Tuesday, December 11, 2001, at 10:07 PM, Meyer Wolfsheim wrote:
>
>As we (again) discussed at this past Saturday's physical meeting, in Santa
>Cruz, a sparse set of users and messages is almost a toy system. Remailer
>traffic needs to go up by a l
On Sat, 15 Dec 2001, An Metet wrote:
> > Remailer operators should have permanent encrypted links to one another,
> > with constant (or at least message-uncorrelated) traffic volumes.
> > They can still use latency, message pools, and other features, of course.
> > But when it comes time to deli
> Remailer operators should have permanent encrypted links to one another,
> with constant (or at least message-uncorrelated) traffic volumes.
> They can still use latency, message pools, and other features, of course.
> But when it comes time to deliver messages to the next remailer in the
> list
On Sat, 15 Dec 2001, Anonymous wrote:
> Lucky Green writes:
> > A popular remailer will handle some 3,500 messages a day. But this
> > includes intra remailer-network traffic. How many of those messages are
> > messages entering and leaving the cloud is any remailer operator's
> > guess, since cu
Lucky Green writes:
> A popular remailer will handle some 3,500 messages a day. But this
> includes intra remailer-network traffic. How many of those messages are
> messages entering and leaving the cloud is any remailer operator's
> guess, since current remailer statistics software has no means t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: "Faustine" <[EMAIL PROTECTED]>
Marcel wrote:
> >>I think the Constitution was the biggest curse ever cast on you. Every
time
> >>something bad happens, you use these magic words like "entrapment" or
> >>"protected by the first ammendment" and s
From: "Faustine" <[EMAIL PROTECTED]>
> >>I think the Constitution was the biggest curse ever cast on you. Every
time
> >>something bad happens, you use these magic words like "entrapment" or
> >>"protected by the first ammendment" and so on, instead of shooting the
> >>criminals.
>
> And shooting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
From: "Meyer Wolfsheim" <[EMAIL PROTECTED]>
Marcel wrote:
> Smells like entrapment, though.
>>I think the Constitution was the biggest curse ever cast on you. Every time
>>something bad happens, you use these magic words like "entrapment" or
>>"prote
From: "Meyer Wolfsheim" <[EMAIL PROTECTED]>
> Smells like entrapment, though.
I think the Constitution was the biggest curse ever cast on you. Every time
something bad happens, you use these magic words like "entrapment" or
"protected by the first ammendment" and so on, instead of shooting the
c
Meyer Wolfsheim wrote in reply:
> > Do you know how many messages are going through the
> remailer network
> > now? How many do you think the average remailer processes in a day?
>
> I'm assuming 5-10K/day. I don't know what Tim and others
> discussed at the meeting that Tim references. Ask h
On Wed, 12 Dec 2001, Faustine wrote:
> I don't know, how about traffic analysis?
Yes, but see my previous post.
> Exploiting (publicly) undisclosed holes in the remailer software?
Same problem as traffic analysis if you are talking about compromising the
remailer. Doesn't work after the fact.
-BEGIN PGP SIGNED MESSAGE-
On Tue, 11 Dec 2001, Tim May wrote:
> The article was not completely silent on speculations about FBI/LEA
> efforts: Magic Lantern was mentioned as a way to get the keys.
His example was pretty far-fetched, though. Getting all the ISPs to log
all their mail so
On Wed, 12 Dec 2001, Faustine wrote:
> Underestimating your adversary never did anyone a bit of good.
Sure it does, it helps the ones who are underestimated.
--
Day by day the Penguins are making me lose m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Meyer wrote:
>"So far, U.S. and European authorities battling terrorism and cybercrime
>have apparently focused their surveillance elsewhere. The FBI and the
>National Security Agency, which monitors international telecommunications,
>declined to com
On Tuesday, December 11, 2001, at 09:41 PM, Len Sassaman wrote:
> On Tue, 11 Dec 2001, Tim May wrote:
>
>> [The "prompted a bunch of programmers to rethink" comment has it all
>> backwards. Chained remailers were deployed in 1992. The theory was
>> known from Chaum's 1981 paper, and the flaws in
"So far, U.S. and European authorities battling terrorism and cybercrime
have apparently focused their surveillance elsewhere. The FBI and the
National Security Agency, which monitors international telecommunications,
declined to comment on what strategy, if any, they have for dealing with
remaile
On Tue, 11 Dec 2001, Tim May wrote:
> [The "prompted a bunch of programmers to rethink" comment has it all
> backwards. Chained remailers were deployed in 1992. The theory was
> known from Chaum's 1981 paper, and the flaws in the
> Kremvax/Kleinpaste/Julf/Penet type of approach were widely known:
This article is so deeply flawed as to be laughable. Part of the article
is quoted below, with my comments/corrections in brackets.
'In 1993, the Finns developed an anonymous e-mail system that stripped
off the identification of an e-mail's sender before forwarding it to the
addressee.
[No, K
53 matches
Mail list logo
