[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:




> Hi - I tried to use the anon.penet.fi remailer and got a warning that
> some people had hacked it to find out for which anonymous ID any user
> had.  It sounded like they would forge mail from the person they wanted
> to find out about, have it go through penet, and then go to themselves.
> Then they could look and see what anonymous ID it seemed to come from.

Precisely!

> This has been fixed by making people register a password with the remailer
> and then use it whenever they want to forward mail.

Yeah. A bit cumbersome, but at least it is an attempt to find a workable
compromise between security and ease of use. The password is only
required if you intend to mail to "unregistered" addresses.

	Julf