Date: Wed, 14 Feb 96 07:03:43 EST
Errors-To: Comp-privacy Error Handler <owner-comp-privacy@uwm.edu>
From: Computer Privacy Digest Moderator <comp-privacy@uwm.edu>
To: Comp-privacy@uwm.edu
Subject: Computer Privacy Digest V8#014
Computer Privacy Digest Wed, 14 Feb 96 Volume 8 : Issue: 014
Today's Topics: Moderator: Leonard P. Levine
Re: One Person's War on Junk Mail
An Apology
Big Brother is Listening In
Re: AOL Mail Retention
Re: Telecomm Bill Translation
Privacy, MV Registry Records
Access to DMV Records by Rental Car Companies
GM unlocks your car with a phone call
Re: whois, netfind, finger,etc.
Anonymous Remailers are a Virus Spreading Online
Info on CPD [unchanged since 11/22/95]
----------------------------------------------------------------------
From: Ming Of Mongo <ming@exo.com>
Date: 08 Feb 1996 01:45:50 -0800
Subject: Re: One Person's War on Junk Mail
Organization: Secret World Government
References: <comp-privacy8.10.2@cs.uwm.edu>
Dennis G. Rears wrote: As far as shipping it back in the reply
envelopes or suing in small claims court; I am astonished that
people have the time to spend doing this. The (supposed) cure is
worse than the disease but if it makes people feel better.
I know exactly what you mean. I Don't think I would go to all that
trouble either, But I am glad someone has the time.
It's the little things that kill you. They say a cigarrete takes ten
minutes off your life. I wonder how much you loose to a lifetime of
annoying junk mail... If its an hour its too much.
Personally I am the type of person to make the grand gesture, and take
the grand risk, and to completely ignore something like junk mail. But
there is a lot of evil out there that depends on all of us saying "not
big enough to worry about.
But it adds up:
junk mail,
5 minutes of ads per ten minutes of tv/radio,
potholes in the street,
incomprehencible phone company surcharges,
unenforcable laws,
watered down sodas at fast food places,
source code without comments,
badly behaved children at the beach with boomboxes running
around kicking sand everywhere...
--
Ming of Mongo
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 08 Feb 1996 13:47:30 -0600 (CST)
Subject: An Apology
Organization: University of Wisconsin-Milwaukee
[moderator: This person posted to a lot of groups due to a mailer
misunderstanding. I am removing his name from this posting because it
is not necessary to further embarrass him. But his posting contains a
few warnings that we all might take.
1) He did not understand his maiing software.
2) The posting below contains a newsgroup list, which he indicates is
his entire newsgroup list and that is now visible for all to see. I
removed many of the newsgroups.
A movie I once saw about a tap dancing magician said that a good motto
for a magician is to "know your rabbit". It holds here too.]
To: comp-privacy@uwm.edu
From: name removed to protect the guilty
Newsgroups: alt.sex.stories, alt.sports.football.pro,
alt.tasteless.jokes, comp.society.privacy, soc.men, soc.penpals,
talk.atheism, talk.environment, clari.news.crime.abductions,
clari.news.sex, clari.sports.football.nfl.games,
clari.sports.local, [...]
Subject: Apology
X-Newsreader: WinVN 0.99.6
I have received a lot of mail concerning my posting.
I didn't mean to post to almost ANY of these groups but WinVN
(which I don't know how to use that well) accidentally posted to
all of my subscribed newsgroups. (I've got it figured out now)
I'm sorry for the trouble and believe me my mailbox won't let me
forget it.
I DO understand Usenet rules and manners but please understand that
this was an honest mistake and not a deliberate SPAM.
Sorry for the inconvienence and thank you for your understanding.
------------------------------
From: kwn@ingenioeren.dk (Kurt Westh Nielsen)
Date: 08 Feb 1996 12:46:58 GMT
Subject: Big Brother is Listening In
Organization: Customer at DKnet
Europe:
Danish legislation concerning tapping telephone call - both data- and
spoken - is about to change. It might become easier for the Police to
listen in if a recent proposal turns into an actual law.
Of course it sounds ok to catch criminals - but is it possible ? - and
if not why then a new law ??
My questions: Are encryption techniques so advanced now, that it is not
practically possible do decode encrypted tcp-ip traffic over a phone
line ?
Is it a commonly applied strategy for hackers to install encryption
software on invaded servers, so the communication going through the
hackers' modem to the first machine in the line og target machines is
encrypted.
How common is software to encrypt data-communication (not speaking of
mail messages) ?
Is it indeed possible for the Law equipped with the right technology
(which is ?) to tap into (encrypted) datacommunication ?
Thanks for your time - comments will deeply valued
------------------------------
From: PHILS@RELAY.RELAY.COM (Philip H. Smith III, (703) 506-0500)
Date: 08 Feb 96 08:16:16 EST
Subject: Re: AOL Mail Retention
References: <199602071932.NAA10030@blatz.cs.uwm.edu>
Aaron Zaugg <relief@indirect.com> said: While this may be skirting
the true issue with AOL's mail retention without user's consent, I
wonder if there isn't an easy way around this.
I do not use AOL, but more than likely a user should be able to
edit their e-mail messages. I doubt that AOL is going to save a
back up of every message you edit. Therefore replacing any mail
you want to delete with a bunch of spaces or any other character
you wish should block anyone's attempts to read such e-mail with a
very minimal inconvienience.
Right, assuming that AOL uses only one set of backup tapes, this will
certainly do it.
Umm...even on a home PC, three sets of tapes are a *minimum*. For a
real data center, cycling through a set of several thousand tapes
(using a bunch per backup) is more likely, with offsite backup,
periodic (or every-time) twinning and permanent retention of one of the
twins, etc.
Despite being aimed at the home market, presumably AOL has figured out
how to run a real data center by now (if not, I know several people who
will happily educate them at several hundred $$$/hour), so I kind of
doubt that what is being proposed here will achieve anything other than
to waste an AOLer's time.
...phsiii
------------------------------
From: jon healey <jhealey@buffnet.net>
Date: 08 Feb 1996 09:41:22 -0600 (CST)
Subject: Re: Telecomm Bill Translation
In response to comments by Gary McGath and Monty Solomon, the only new
law in the following section:
(B) makes a telephone call or utilizes a telecommunications device,
whether or not conversation or communication ensues, without
disclosing his identity and with intent to annoy, abuse, threaten,
or harass any person at the called number or who receives the
communications;
is the additon of the words ``or utilizes a telecommunications
device.'' The rest already was part of the US Code.
------------------------------
From: Robert LeRoux Hernandez <rlhern@civiljustice.com>
Date: 09 Feb 1996 08:17:47 -0800
Subject: Privacy, MV Registry Records
Organization: The Internet Access Company
DOE v. MASSACHUSETTS REGISTRY OF MOTOR VEHICLE:
CALL FOR POTENTIAL AMICI CURIAE
In the annals of invasive privacy invaders, our state motor-vehicle
registries are particularly remarkable. Often bellicose,
sanctimonious, and unencumbered by democratic or spiritual scruples,
they are the razor's edge of the modern police state, and they have it
all. They have guns, police powers, and computers linked together
across the country. And for those of us who drive, they have custody
of our private personal data...
Which they turn around and sell or give away! They do this in the name
of open government or whatever ails you. They hand it out to people
that most of us wouldn't let into our homes, for example hack media
reporters, private investigators, stalkers, nosy neighbors, hucksters,
government agents, and personal data wholesalers. Our names, home
addresses, social security numbers, dates of birth, etc. are being
delivered in gigabyte quantities to all manner of government agencies
and to commercial bulk mailers.
Eleven years ago, a small group of us in Massachusetts discovered these
facts and brought suit. We obtained a landmark decision in state
Appeals Court and an injunction which lasted five years. The case, Doe
v. Registrar of Motor Vehicles, is now entering its third and perhaps
most decisive round of appellate review. We already know that the
Boston Globe -- the area's largest so-called newspaper (recently
downsized, corporately taken over, and pulped down) -- will be sending
its lawyers instead of its reporters to this round of proceedings. The
Globe's lawyers helped to defeat us last time in lower Court.
We are confronting a very powerful adversary in court proceedings with
national implications, and it is lonely up there. Accordingly, WE
INVITE AND URGE PRIVACY ADVOCACY GROUPS TO CONSIDER PARTICIPATING AS
AMICI CURIAE IN THIS IMPORTANT CASE. Our brief filing deadline is
3/25/96. For further information, e-mail the plaintiffs' attorney,
Robert L. Hernandez, at rlhern@civiljustice.com or call plaintiff
organizer Stan Robinson at (508) 358-2282.
------------------------------
From: Paul Robinson <paul@TDR.COM>
Date: 09 Feb 1996 11:53:48 EST
Subject: Access to DMV Records by Rental Car Companies
Organization: Tansin A. Darcos & Company/TDR, Inc. Silver Spring, MD USA
According to a report over the radio, a little-noticed provision of one
of the crime bills which have come out allows a rental car company to
check your driving record.
According to the report, two or three incidents - an accident or
certain types of tickets - is enough to cause you to be blacklisted.
Where are the problems in this?
1. There is no announcement of this practice; you're not likely to
find out until you get to the counter and can't rent a car.
2. There is no appeals process available.
3. There is no means available to provide for corrections or to
determine where or how the error occurred in the event you are caught
short by this happening.
4. No consideration is made as to the severity of the offenses or
whether you were even at fault in the accident; if the information is
there, you walk.
Questions:
5. What proof do we have that those who are inquiring into the
database are authorized to do so, that they are actually looking up the
record for that customer, and what privacy protections do we have
against unauthorized inquiries? Do we have the right to
password-protect our own account?
6. What protections do we have against the risk of erroneous data in a
report?
7. Is this the same data as is available at a DMV or DPS office, and
if not, in what way is it different?
7. Are there rights under law to get errors corrected? For damages
for inconvenience due to errors? Any right to collect damages for
misconduct if knowingly false information is placed in a database? Or
for failure to timely followup inquiries and remove errors? Government
agencies are not known for speed in action unless, like with large
organizations, damages and fines are available to those who are injured
due to error, negligence or misconduct.
Advice:
1. Whenever making a reservation for a car at a rental agency, book it
with multiple agencies, then once you have the car, cancel or
reschedule the ones not needed. (I do this because I have been
extremely inconvenienced when there are conditions imposed at the
rental counter I couldn't meet when I'd booked a car and made plans
weeks in advance; if I had known about them beforehand I could have
done something about them.)
2. If you get caught short in any circumstances, try another agency if
(as is usually the case) asking for a supervisor doesn't help.
3. When making a reservation, ask if they do checking of one's driving
record. If they do, and you want or must use that particular agency,
then ask them to check your record in advance so you can know if there
are any problems.
4. Get a copy of your driving record so you can know if there are any
errors or inaccurate reports. In Maryland, where I live, a 3-year
report costs $5 if uncertified, and $8 if certified; a full-report of
everything on file is $10 and $15, respectively. (My report showed
nothing at all.)
5. The above could also apply to certain issues regarding credit
reports, for the same or similar reasons.
--
Paul Robinson
------------------------------
From: Jerry Rainko <rainman@mich.com>
Date: 10 Feb 96 11:03 EST
Subject: GM unlocks your car with a phone call
The following is an internal GM Newsline announcement from 2/9/96.
GM ANNOUNCES ONSTAR .... General Motors today is expected to
announce at its annual Chicago Auto Show press luncheon, a new
on-vehicle communications technology called OnStar -- the most
comprehensive and user-friendly services and communications package
in the industry. OnStar integrates on-board advanced vehicle
electronic architecture with Global Positioning System (GPS)
satellite technology and a cellular phone. These comprehensive
technologies link the driver and the vehicle with the OnStar
Customer Assistance Center, where advisors will provide
person-to-person help using the latest computer databases to
instantly offer personalized information and services.
With the touch of a button -- OnStar creates what may be the
easiest-to- use feature GM has ever introduced. For instance, if a
driver's car breaks down, has a flat tire or runs out of gas, the
driver simply presses the customer service button on the cellular
telephone to reach the Customer Assistance Center. The Customer
Assistance Center advisor then dispatches the nearest service
provider to the vehicle's location. Or, if there is an emergency,
the driver simply needs to touch the emergency services button on
the cellular phone, and the Customer Assistance Center advisor
locates the vehicle's position on a digital map and alerts the
nearest emergency services provider. OnStar also eliminates the
need to call a locksmith. If a driver has locked the keys in the
car, a toll-free number will connect the driver with the Customer
Assistance Center advisor who will send a cellular data call to the
automobile that instructs the vehicle to unlock itself at a
specified time. OnStar's user-friendly technologies
What really caught my eye was the "ability" to bypass a locksmith by
calling into the Customer Service Center to have them unlock the car.
They however don't mention how secure this type of communication is.
If everything seems to go right, check your zipper.
--
Jerry Rainko
rainman@mich.com
------------------------------
From: Hugh Giblin <ulysses@acpub.duke.edu>
Date: 13 Feb 1996 15:34:59 -0500 (EST)
Subject: Re: whois, netfind, finger,etc.
I have a strong sense that this question has been much discussed in
previous issues of CPD but I am coming in late so I need to ask. Is
there any way one can keep their e-mail identity private unless they
chose to not do so in the messages they send?
--
Hugh Giblin
[moderator: What Mr Giblin is addressing is the question of the
equivalent of callerid for email, and the equivalent of 'per line
blocking' for that feature. 'per call blocking' already exists in the
form of anonymous remailers, addressed at length below. This would be
a new feature. Let's talk about it.]
------------------------------
From: Declan McCullagh <declan@eff.org>
Date: 12 Feb 1996 20:53:29 -0800 (PST)
Subject: Anonymous Remailers are a Virus Spreading Online
Given this paper's Rimmesque, hysterical tone, unsupported assertions,
and wildly inaccurate conclusions, I'd like to think it's a joke.
Unfortunately, I think it's for real.
-Declan
// declan@eff.org // I do not represent the EFF // declan@well.com //
http://www.strassmann.com/pubs/anon-remail.html
Harvard University, Kennedy School of Government
Information Infrastructure Project
Symposium on the Global Information Infrastructure:
Information, Policy & International Infrastructure
Cambridge, MA, January 28-30, 1996
Risk-Free Access Into The
Global Information Infrastructure
Via Anonymous Re-Mailers
by Paul A. Strassmann, US Military Academy, West Point; and Senior
Advisor, SAIC and William Marlow, Senior Vice President, Science
Applications International Corporation (SAIC)
Quoted portions are excerpted from Raph Levien's Remailer List.
-------------------------
The Context
By far the greatest threat to the commercial, economic and political
viability of the Global Information Infrastructure will come from
information terrorists. Information terrorism has ceased to be an
amateur effort and has migrated into the hands of well organized,
highly trained expert professionals. Information terrorist attacks can
be expected to become a decisive element of any combined threat to the
economic and social integrity of the international community. Nations
whose life-line becomes increasingly dependent on information networks
should realize that there is no sanctuary from information-based
assaults. Commercial organizations, especially in telecommunications,
finance, transportation and power generation offer choice targets to
massive disruption.
Information terrorism, as a particularly virulent form of information
warfare, is a unique phenomenon in the history of warfare and crime.
For the last two hundred years the theory of warfare has been guided
by "force-exchange" equations in which the outcome was determined by
the rate of attrition of each opposing force. In information attacks
these equations do not apply because the attacker remains hidden and
cannot be retaliated against.
Since biblical times, crimes have been deterred by the prospects of
punishment. For that, the criminal had to be apprehended. Yet
information crimes have the unique characteristic that apprehension is
impossible, since even identification of the criminal is not
feasible. Information crimes can be committed easily without leaving
any telltale evidence such as fingerprints, traces of poison or
bullets.
Changes Introduced By Anonymous Re-Mailers
The introduction of Anonymous Re-mailers into the Internet has altered
the capacity to balance attack and counter-attack, or crime and
punishment. The widespread use and easy access to acquiring the
capacity to launch anonymous messages and software has so far not
received adequate attention from a policy and legal standpoint. This
topic is sufficiently technical that it has been largely avoided by
experts who have so far concentrated on debating social, legal,
political and economic consequences of the Global Information
Infrastructure. Yet, unless there is a thorough understanding of the
technologies that make the Anonymous Re-mailers sources of a
pathological danger, there is little hope that effective preventive
measures and safeguards can be put in place.
In many respects, the avoidance of technical discussions about some of
the pathological aspects of the Internet remind me of the state of
medical diagnosis prior to the recognition that bacteriology,
prophylactics and inoculation can be only applied following the
acceptance of rigorous, analytic and experimental disciplines.
Our Agenda
The purpose of this paper is to bring to the attention of policy-makers
some of the relevant facts about Anonymous Re-mailers. All of the
material quoted here comes from public sources which are easily
accessible to anyone. The wide-spread current uses of Anonymous
Re-mailers should be sufficient warning that this topic cannot be
considered any more as something hidden, confidential or inappropriate
for public discussion.
We find many similarities in the initial denials to the threats from
AIDS by the medical and public health establishment. We are dismayed
by the avoidance of a candid assessment by public officials about the
vulnerability of the Global Information Infrastructure to destructive
information epidemics. The purpose of this paper is to increase the
awareness of potentially deadly risks that may inhibit the potential
gains from the creation of a global information community.
What Is A Re-Mailer?
A re-mailer allows anyone to post messages to newsgroups or to
individuals while remaining anonymous. The identity of the sender is
hidden from the recipient and remains practically untraceable.
An anonymous re-mailer is a program that runs on a computer somewhere
on the Internet. When you send mail to the re-mailer address, the
re-mailer takes your name and your address off of the mail message and
forwards it to its next destination. The recipient gets mail that has
no evidence of where it originally came from, at least not in the
headers. You might give away your secret identity in the body of the
message, but that would be the sender's own fault.
Anonymous re-mailers can be "chained" so that a message is passed on
from one anonymous re-mailer to another, in two or more separate
anonymous "hops" as a way of making physical tracing or monitoring
increasingly difficult.
One of the most prominent anonymous re-mailers is <anon.penet.fi> is in
Finland. It is frequently used by the Russian (ex-KGB) criminal
element. <Anon.penet.fi> assigns a numeric identification to each
address from which it receives mail. Internet recipients can reply to
that secret number. <anon.penet.fi> will also assign to them another
anonymous number, and then forward the reply. This creates a
double-blind situation where two people could have an ongoing exchange
and never know who the other person was. This method of communication
is favorite for engaging services of cybercriminals and for authorizing
payment for their acts through a third party.
<Anon.penet.fi> can be also used to post a message to Usenet as well.
The message can be read by thousands of people, and anyone can send an
anonymous reply to the secret Finnish identity. The readers of this
paper can easily avail themselves of these services without any special
training. Detailed instructions for the use of a remailer service are
usually included in the "help" software posted in the remailer's files.
For example:
To get an anonymous re-mailer address follow the following
instruction. First, you should send mail to:
<help@anon.penet.fi>. You'll get back a nice help file
automatically. Next, send mail to <ping@anon.penet.fi>. This will
allocate your number--from now on you'll be something like
<anXXXXXX@anon.penet.fi>, where XXXXXX is your number. Once you
have received your anonymous address you can use it like your
normal e-mail address.
These capabilities are not trivial, but a source of an exhaustive body
of software and communications know-how which can be learned best by
consulting one of the many tutorials about this topic, such
as<ftp.csua.berkeley.edu:
/pub/cypherpunks/re-mailer/hal's.remailer.gz>:
Cyberpunk re-mailers allow a person to send mail with no trace of
identity. To use a re-mailer simply do the following:
* Add the header Request-Remailing-To: and sending to one of the
addresses listed below. These headers must be typed in exactly. Mail
without these headers is either rejected or delivered to the re-mailer
administrators.
* If you cannot add the required headers, place two colons (::) on the
very first line of your message, then on the next line type
Request-Remailing-To: and the address you want to send anonymously to.
* Skip a line, and then begin the message. By using this method you can
send the message through more than one re-mailer which will certainly
ensure that it will be anonymous.
* Many re-mailers only allow one recipient per message. A number of
standard Cyberpunk Re-mailers are available.
There is a wealth of easily accessible step-by-step instructional
material available on the Internet how to use re-mailers and how to
evade countermeasures or possibility of detection from any source.
Re-mailer operators are in frequent contact with each other and exhibit
many of the fraternal habits that previously were shared between
amateur radio operators. Some of the most interesting sources of
information are:
Andr=8E Bacard's anonymous re-mailer FAQ is an excellent nontechnical
introduction.
For a different take on Net anonymity, see L.Detweiler's home page.
Tools
* Private Idaho is an anonymous re-mailer utility for Windows, supporting
PGP, the cypherpunks re-mailers, and Mixmaster, and the <alpha.c2.org>
alias server. It too automatically configures itself based on this
re-mailer list.
* <ChainMail> is a re-mailer chaining utility for Mac users, by Jonathan
Rochkind. To use it, you need Eudora, MacPGP, and applescript, in
addition to a number of applescript scripting additions.
* <Privtool> is a PGP-aware mailer that also supports Mixmaster.
* The Community ConneXion has put the Web-premail gateway on its SSL
server. That means that you can send anonymous email from the Web
without exposing your message in the clear on the connection between
your Web browser and the gateway.
* Sameer Parekh's NEXUS Berkeley / Community ConneXion has a web page set
up for sending anonymous mail from your Web client.
* Michael Hobbs has set up Web gateway to premail. Now you can send
anonymous email directly from your Web browser. Don't use this for
extremely sensitive stuff, though, because it isn't quite as secure as
running premail yourself (in particular, the connection between your
Web browser and the gateway is not encrypted).
* A good source for re-mailer information is the Anonymity, re-mailers,
and your privacy page compiled by "Galactus". This is also the best
place to look for information about anon.penet.fi.
* Matt Ghio's re-mailer list is available by fingering
re-mailer.help.all@chaos.taylored.com. This file also has all the
public keys for PGP-friendly re-mailers. Matt also has a pinging
service similar to this one, available by fingering
re-mailer-list@chaos.taylored.com.
* Chaos is having problems getting recognized on the Net. Try
re-mailer.help.all@204.95.228.28 and see if that works any better.
Newer information can be gotten by sending mail to
mg5n+re-mailers@andrew.cmu.edu.
* Help for the Alpha alias server (also available in a plain email
version. This is the best way to create an alias for anonymous replies
to mail. Not only is it the most cryptographically secure, but you get
to pick the alias nickname of your choice. The email addresses are of
the form <alias@alpha.c2.org>. Highly recommended.
* Usura's home page has a bunch of re-mailer related stuff on it,
including a help page on chaining re-mailers.
* The Armadillo re-mailer now has its own Web page.
* Crown re-mailer help and statistics.
* Ecafe re-mailer has its own Web page, including quickie info about how
to use the re-mailer without encryption or any other extras.
Other resources
* You want to send secure mail to someone, but don't know their key.
Where are you going to get it? Try the keyserver at MIT.
* Vince Cate's Cryptorebel and Cypherpunk page has pointers to lots of
cypherpunk resources.
* John Perry's jpunix page has info on his MX service for hidden
re-mailers, as well as cool links for Mixmaster and other stuff.
* Lance Cottrell's home page, which has his Chain script, the Mixmaster
re-mailer client (including Sun binaries!) as well as other cypberpunk
related topics.
* Vince Gambino's re-mailer page has a good collection of re-mailer help
files.
Where Do You Find Re-Mailers?
Computers that offer remailing capabilities are operated by individuals or
organizations as a public service, almost always at no charge because it
costs so little to set one up. They are available globally. We offer a
partial list of re-mailers:
$remailer{"extropia"} =3D "<remail@extropia.wimsey.com> cpunk pgp
special";
$remailer{"portal"} =3D "<hfinney@shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} =3D "<hal@alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} =3D "<nowhere@bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} =3D "<remail@c2.org> eric pgp hash reord";
$remailer{"penet"} =3D "<anon@anon.penet.fi> penet post";
$remailer{"ideath"} =3D "<remailer@ideath.goldenbear.com> cpunk hash
ksub reord";
$remailer{"hacktic"} =3D "<remailer@utopia.hacktic.nl> cpunk mix pgp
hash latent cut post ek";
$remailer{"flame"} =3D "<remailer@flame.alias.net> cpunk mix pgp.
hash latent cut post ek reord";
$remailer{"rahul"} =3D "<homer@rahul.net> cpunk pgp hash filter";
$remailer{"mix"} =3D "<mixmaster@remail.obscura.com> cpunk mix pgp
hash latent cut ek ksub reord ?";
$remailer{"syrinx"} =3D "<syrinx@c2.org> cpunk pgp hash cut reord
mix post";
$remailer{"ford"} =3D "<remailer@bi-node.zerberus.de> cpunk pgp hash
ksub";
$remailer{"hroller"} =3D "<hroller@c2.org> cpunk pgp hash latent
ek";
$remailer{"vishnu"} =3D "<mixmaster@vishnu.alias.net> cpunk mix pgp.
hash latent cut ek ksub reord";
$remailer{"robo"} =3D "<robo@c2.org> cpunk hash mix";
$remailer{"replay"} =3D "<remailer@replay.com> cpunk mix pgp hash
latent cut post ek";
$remailer{"spook"} =3D "<remailer@valhalla.phoenix.net> cpunk mix
pgp hash latent cut ek reord";
$remailer{"rmadillo"} =3D "<remailer@armadillo.com> mix cpunk pgp
hash latent cut";
$remailer{"ecafe"} =3D "<cpunk@remail.ecafe.org> cpunk mix";
$remailer{"wmono"} =3D "<wmono@valhalla.phoenix.net> cpunk mix pgp.
hash latent cut ek";
$remailer{"shinobi"} =3D "<remailer@shinobi.alias.net> cpunk mix
hash latent cut ek reorder";
$remailer{"amnesia"} =3D "<amnesia@chardos.connix.com> cpunk mix pgp
hash latent cut ek ksub";
$remailer{"gondolin"} =3D "<mix@remail.gondolin.org> cpunk mix pgp
hash latent cut ek reord";
$remailer{'alpha'} =3D '<alias@alpha.c2.org> alpha pgp';
$remailer{'gondonym'} =3D '<alias@nym.gondolin.org> alpha pgp';
Much of the knowledge about the characteristics of these
re-mailers is available from <remailer-list@kiwi.cs.berkeley.edu>
Role Of Encryption
For added protection, users of Anonymous Re-mailers tend to encrypt their
messages just in case one of the remailing links are compromised. PGP
(Pretty Good Privacy) encryption is favored because it is freely available
and easy to use. A typical digital signature would look like this:
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMPDy4WV5hLjHqWbdAQEqYwQAm+o313Cm2ebAsMiPIwmd1WwnkPXEaYe9
pGR5ja8BKSZQi4TAEQOQwQJaghI8QqZFdcctVYLm569I1/8ah0qyJ+4fOfUiAMda
Sa2nvJR7pnr6EXrUFe1QoSauCASP/QRYcKgB5vaaOOuxyXnQfdK39AqaKy8lPYbw
MfUiYaMREu4=3D
=3D9CJW
-----END PGP SIGNATURE-----
For responses the sender will choose a passphrase. This phrase will be used
to encrypt messages sent back to you. The encryption will be single-key
encryption, not PGP's normal public-private key encryption. The reason for
this is that public key encryption is usually not necessary in such cases.
Single-key encryption does not require a database (such as in the widely
used <anon.penet.fi> database for mapping aliases onto addresses), thus
increasing the security of communications among anonymous users.
When a recipient responds to the e-mail, his response will be encrypted
with the sender's pass-phrase. The sender can read the response by
saving it to a file and using PGP on it. PGP will ask for the
passphrase, enter the sender's reply, which will make it possible for
the recipient to see the response to the e-mail. This feature allows
both parties to be securely encrypted, protecting privacy and anonymity
in both directions.
How Reliable Are The Re-Mailers?
The knowledge about the characteristics, reliability and
trustworthiness of re-mailers is widely distributed through various
bulletin boards. These are consulted by persons deeply immersed in
Internet-related developments. There is an agile and very active
global community that keeps track of the average latency time, uptime
of frequently used re-mailers. They post their findings, which in many
cases is superior to what a commercial customer is likely to find out
about their own data center performance, or about the service quality
offered by Compuserve, America-On-Line of Prodigy. Here is an excerpt
from such a bulletin:
hacktic remailer@utopia.hacktic.nl **** ******* 7:10 99.85%
c2 remail@c2.org -.-++ ++-.-+ 2:10:42 99.83%
rmadillo remailer@armadillo.com +++++ ++++++ 37:03 99.69%
flame remailer@flame.alias.net ** * ******* 14:55 99.64%
mix mixmaster@remail.obscura.com _ _-__...-++ 17:40:48 99.21%
amnesia amnesia@chardos.connix.com -+ +--+--- 2:04:43 99.20%
ecafe cpunk@remail.ecafe.org ## ##-## #-- 1:26:54 99.06%
extropia remail@extropia.wimsey.com .- -.----_. 13:48:11 99.04%
replay remailer@replay.com + +** ***** 5:36 98.84%
shinobi remailer@shinobi.alias.net -- -- - - + 54:43 98.78%
spook remailer@valhalla.phoenix.net * ***** - * 35:07 98.36%
vishnu mixmaster@vishnu.alias.net ** #-*# 7:44 98.20%
bsu-cs nowhere@bsu-cs.bsu.edu # # ##.# 28:07 97.78%
gondolin mix@remail.gondolin.org - --_.---- 9:45:55 97.62%
wmono wmono@valhalla.phoenix.net ** * * 12:23 97.57%
hroller hroller@c2.org #*+### -.. # 1:37:24 96.71%
ford remailer@bi-node.zerberus.de ._...--._. 21:21:22 95.83%
portal hfinney@shell.portal.com ########*# 27:36 95.55%
alumni hal@alumni.caltech.edu # # * + 25:47 95.29%
penet anon@anon.penet.fi . -- -- 13:55:20 87.78%
rahul homer@rahul.net +* *+**+* # 4:34 93.71%
robo robo@c2.org #-## 5:59 27.86%
History key
# response in less than 5 minutes.
* response in less than 1 hour.
+ response in less than 4 hours.
- response in less than 24 hours.
. response in less than 2 days.
Specialization Of Services
The operators of various re-mailers are specialized in that they cater
to select communities of Internet dwellers. They offer unique services
to customers who are seeking different degrees of anonymity.
Cognoscenti in the field can readily identify remailers who offer
meets diffferent tastes and preferences. Here is an example of remailer
characterizations:
<cpunk> A major class of remailers. Supports Request-Remailing-To:
field.
<eric> A variant of the cpunk style. Uses Anon-Send-To: instead.
<penet> The third class of remailers (at least for right now).
Uses X-Anon-To: in the header.
<pgp> Remailer supports encryption with PGP. A period after the
keyword means that the short name, rather than the full email
address, should be used as the encryption key ID.
<hash> Supports ## pasting, so anything can be put into the
headers of outgoing messages.
<ksub> Re-mailer always kills subject header, even in non-pgp
mode.
<nsub> Re-mailer always preserves subject header, even in pgp
mode.
<latent> Supports Matt Ghio's Latent-Time: option.
<cut> Supports Matt Ghio's Cutmarks: option.
<post> Post to Usenet using Post-To: or Anon-Post-To: header.
<ek> Encrypt responses in reply blocks using Encrypt-Key: header.
<special> Accepts only pgp encrypted messages.
<mix> Can accept messages in Mixmaster format.
<reord> Claims to foil traffic analysis by reordering messages.
<mon> Re-mailer has been known to monitor contents of private
email.
<filter> Re-mailer has been known to filter messages based on
content. If not listed in conjunction with <mon>, then only
messages destined for public
<alpha> Supports nyms according to the protocol used by
alpha.c2.org. This list will be featuring reliability and latency
measurements soon for these nymservers.
A fascinating example of specialization is a re-mailer service
advertising the capacity to defeat "traffic analysis" used by
intelligence agencies. All mail to each destination is first sent
through <remail@sitename> which is a standard "cypherpunk" re-mailer
with PGP with a few added features. The outgoing mail is not forwarded
immediately upon receipt. Outgoing messages are stored in a pool until
five minutes after each hour, when all messages in the pool are
re-transmitted in a random order, ignoring the order in which they came
in. Each message from the re-mailer is sent through a random path of
other re-mailers in the re-mailernet. This usually involves between
five to 20 "hops" from one re-mailer to another. In each case care is
taken for at least one of the "hops" to be in a country with especially
relaxed laws concerning electronic messages. Such measures would
greatly complicate any tracing that may be contemplated by a
law-enforcement agency.
Why Re-Mailers?
E-mail is as fast and casual as a voice phone call, but can be stored
and retrieved with infinitely greater efficiency than paper letters or
taped conversations. An e-mail message can be re-broadcast the world
over, by anyone who comes across a copy of the transmission. Parts of
any message can be extracted, edited and easily modified. Meanwhile,
the e-mail address of the originator remains a label of its origin. If
the storage of that message is not protected - and it rarely is - it
can be accessed by anyone who takes the trouble to rummage through
any of the many archived computer records that may have received such
message. A casual e-mail exchange, with an identifying address, can be
then used to compromise the originator. As e-mail traffic takes over an
ever increasing share of personal communications, inspection of e-mail
traffic can yield more comprehensive evidence than just about any
wire-tapping efforts. E-mail-tapping is less expensive, more thorough
and less forgiving than any other means for monitoring personal
communications. Without protection of privacy, browsing through e-mail
archives would become the preferred way for gathering evidence in law
enforcement cases. It would also be used as the favorite means for
collecting incriminating statements by lawyers engaged in civil
litigation.
In casual e-mail exchanges it is easy to make an error. When the
message is archived it could be used to haunt a person for decades
afterwards. A message intended for a particular individual may be
passed on to hundreds or even thousands of others. Unless its origin
is anonymous, all e-mail can be traced through identifying addresses
that preserve the name of the originator - as well as the names of
those who forwarded it - wherever the message traversed. Unless a
message is handled anonymously, a trace is left about everyone who
received it or passed it on. It would be like a letter that not only
identifies the name and address of its author, but also fingerprints of
anyone who ever touched it.
It is one of the fundamental strengths of the Internet that it offers an
almost universal capacity for free expression of ideas. A person's opinions
can be sent anywhere in the world in a matter of minutes, with the
originator's name displayed at the top. Is it consistent with the rights to
individual privacy and freedom of expression to have one's name clearly
associated with a message than may be easily disseminated to unintended
recipients?
The issues here are the rights to the freedom of speech and to the
rights to personal privacy. Having the right to free speech may work
well in the case of verbal expression, but it may cease to have its
intended purpose in face of retaliation that may take place decades
later. In a system that theoretically can have infinitely large memory
and indefinitely long remembrance, the freedom of expression and become
abused and perverted by a government that does not respect individual
rights.
With the widespread acceptance of Internet-mediated communications it
was recognized that the simplest way of securing privacy is through
anonymity. That's how anonymous re-mailers came into being. Given the
technical characteristics of Internet, there is nothing to prevent
anyone to set up a private (or public) anonymous remailing service. Any
attempt to prohibit or regulate the use of anonymous re-mailers is
technically unfeasible. In a democratic society it becomes politically
unacceptable to suppress remailers as potential sources of criminal
acts. Such absolute prohibitions would never pass through a legislative
process in a free society.
Conclusion
Anonymous re-mailers are here to stay. Like in the case of many
virulent diseases, there is very little a free society can do to
prohibit travel or exposure to sources of infection. The best one can
do is to start treating the pathologies inherent in the Internet in the
same way as we have learned to deal with infectious epidemics. That
calls for constructing new institutions and processes that are
analogues to inoculation, immunization, prophylactics, clean water
supply, sewers, hygiene, early detection of outbreaks of diseases,
quarantine, the offices of health examiners, the Center of Disease
Control and the World Health Organization.
The introduction of most of these restrictive means, imposed mostly by
government, were often opposed by those who saw in public health
injunctions infringement of individual rights. In due course an
informed electorate found it expedient to accept most of the sanitary
measures for disease control a bargain that was well worth it.
The history of public health teaches us that suppression of any disease
must be preceded by a thorough understanding of its behavior, its
method of transmission and how it creates its own ecology. As in the
case of smallpox, yellow fever, flu epidemics, AIDS or malaria, it
will take disasters before the public may accept that some forms of
restrictions on the electronic freedom of speech and privacy may be
worthwhile.
It was the purpose of this paper to explain the characteristics of
anonymous remailers as one of the potential sources of infectious
threats to the well-being of our information-based civilization. We
trust that this will be seen as a useful contribution to an already
raging debate of how to find a balance between the desirable and the
dangerous.
Paul@Strassmann.com and William_Marlow@cpqm.saic.com will be pleased to
respond to identifiable commentators on the points of view expressed
herein=
------------------------------
From: "Prof. L. P. Levine" <levine@blatz.cs.uwm.edu>
Date: 30 Jan 1996 18:45:30 -0600 (CST)
Subject: Info on CPD [unchanged since 11/22/95]
Organization: University of Wisconsin-Milwaukee
The Computer Privacy Digest is a forum for discussion on the effect of
technology on privacy or vice versa. The digest is moderated and
gatewayed into the USENET newsgroup comp.society.privacy (Moderated).
Submissions should be sent to comp-privacy@uwm.edu and administrative
requests to comp-privacy-request@uwm.edu.
This digest is a forum with information contributed via Internet
eMail. Those who understand the technology also understand the ease of
forgery in this very free medium. Statements, therefore, should be
taken with a grain of salt and it should be clear that the actual
contributor might not be the person whose email address is posted at
the top. Any user who openly wishes to post anonymously should inform
the moderator at the beginning of the posting. He will comply.
If you read this from the comp.society.privacy newsgroup and wish to
contribute a message, you should simply post your contribution. As a
moderated newsgroup, attempts to post to the group are normally turned
into eMail to the submission address below.
On the other hand, if you read the digest eMailed to you, you generally
need only use the Reply feature of your mailer to contribute. If you
do so, it is best to modify the "Subject:" line of your mailing.
Contributions to CPD should be submitted, with appropriate, substantive
SUBJECT: line, otherwise they may be ignored. They must be relevant,
sound, in good taste, objective, cogent, coherent, concise, and
nonrepetitious. Diversity is welcome, but not personal attacks. Do
not include entire previous messages in responses to them. Include
your name & legitimate Internet FROM: address, especially from
.UUCP and .BITNET folks. Anonymized mail is not accepted. All
contributions considered as personal comments; usual disclaimers
apply. All reuses of CPD material should respect stated copyright
notices, and should cite the sources explicitly; as a courtesy;
publications using CPD material should obtain permission from the
contributors.
Contributions generally are acknowledged within 24 hours of
submission. If selected, they are printed within two or three days.
The moderator reserves the right to delete extraneous quoted material.
He may change the Subject: line of an article in order to make it
easier for the reader to follow a discussion. He will not, however,
alter or edit the text except for purely technical reasons.
A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18].
Login as "ftp" with password identifying yourid@yoursite. The archives
are in the directory "pub/comp-privacy".
People with gopher capability can most easily access the library at
gopher.cs.uwm.edu.
Web browsers will find it at gopher://gopher.cs.uwm.edu.
---------------------------------+-----------------------------------------
Leonard P. Levine | Moderator of: Computer Privacy Digest
Professor of Computer Science | and comp.society.privacy
University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu
Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu
| Gopher: gopher.cs.uwm.edu
levine@cs.uwm.edu | Web: gopher://gopher.cs.uwm.edu
---------------------------------+-----------------------------------------
------------------------------
End of Computer Privacy Digest V8 #014
******************************
.