[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

need for more anon remailer sites



With the shutdown of PAX, if we are not going to roll over and let this type
of site go away, what we need is a large new group of such sites.

20-50 or more anonymous remailer sites that each gets used randomly and
occaisionally, with usernames that are not obvious such as "anon432", both
in the U.S. and elsewhere in the world, are whats needed. the list of sites
must remain fluid and unpredictable, and formats and conventions must also
variate so that no one can get "a fix" on it.

A person that wants to anonymously mail something can choose different sites
each time, or perhaps there may be a subsystem that chooses this for them,
WITHOUT the mail actually going there first, if a site is in charge of "ran-
domizing" the traffic.

I suggest using a truly covert approach of using non-account first names
and other interesting words that are indistinguishable from regular usernames
as anonymous temporary mailing names. This obviously is very tricky and would
have to be worked out carefully, since it may, even in the future, conflict
with an actual choice of a valid username for an anonymous site. But it can
be done. and we need to spare the .sig at the bottom that advertises the anon
service. that should be left to separate ads, not mixed in covert email itself.

One of the things that has gotten to me is to do secret acts in overt ways,
almost asking the Government to defy them! Secret things should be done
secretly. Once, if in the future, cryptographic email is so common as to make
this unnecessary, then we can relax it. But not completely. Secret should still
always be DONE IN A SECRET WAY.

I.e. using steganography and other covert procedures, fluid, nonfixed proce-
dures, to ensure no disturbance with rerouted and/or encrypted email traffic.
Yes this is security-by-obscurity, but it can work if it is just an adjunct
to other strong methods such as good ciphers and procedures that use proper
contingency planning.

PAX, most likely, did no contingency planning for what happened to it.
All things of this type need "what ifs" for every possible interference that
can happen, not that all possibilities would be addressed. But they should
all be looked at, if they can be thought of.

Suppose the ante goes up and all this stuff becomes actively illegal. What
then? If a large network is *already* in place, the risk is much lower than
trying to do something after the fact. And it would be a more mature network
of rerouting and encrypting sites, that have already learned from their mis-
takes.

we need --all--this-- to survive. otherwise it is all just a toy application
of covert technology.

norstar
The Northern Lights, Troy NY                                 |     
tnl dialins: +1 518 237-2163 @ 1200-2400 bps 8N1 $free     ` | /   
-------------------------------------------------------  --- * --- 
Internet: [email protected]                                  / | .   
Sysop of TNL Public Access UNIX                              |