[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No subject



In-reply-to: Johan Helsingius' message of Tue, 23 Feb 1993 10:52:16 +0200.
	     <[email protected]>

-----BEGIN PGP SIGNED MESSAGE-----

> > Well, I don't agree that doubleblind is a great idea.
> 
> Neither do I. But many of the users of anon.penet.fi are
> not very computer-and-email-literate, and they have been using other
> services, providing double-blind. Unfortunate, but too late to change now...

Can you elaborate on those other services?  The Finnish remailer is the
only one I'm aware of.

Also, I'm confused about these "not very computer-and-email-literate"
users -- aren't they forced to use an X-Anon-Password header?

I'm surprised there hasn't been more ruckus about the default
behavior.  There must be many folks whose identities have been
inadvertantly exposed.

> What we can do is to provide better ways for those who *are* computer
> literate enough to use extra headers etc.

I don't think this will help.  With my mail environment, I have to go
to lengths to send an anonymous message, concocting X-Anon-To and
X-Anon-Password headers.  It's worth the effort, since this helps to
preserve the secrecy of my pseudonymous identity.

But the first time I mess up, and send an unfettered message to an
anon.penet.fi client, I am unmasked.

What I'm saying is that I'm hip to headers; it's the simple stuff that
trips me up.

And I still don't understand how the unfettered message gets past the
X-Anon-Password filter.

> > I think it's imperative that the sender use X-Anon-To to be
> > pseudonymous.  This is consistent with the principle of least
> > astonishment.
> 
> But in this case I feel the principle of least astonishment is overruled
> by the principle of least risk of accidental exposure.

I think the risk of accidental exposure is heightened by the default
behavior of the Finnish remailer.  Maybe we're using the same words to
describe different things.

> I think that hornet's nest needed to be kicked. But I am also
> disappointed that not enough people defend the need for anonymity in
> places like news.admin.policy.

Some of us gave up on USENET policy long, long ago.  Personally, I stick
to the alt.* groups.

> I think pseudonyms *should* be prominent - as you have noticed, anon.penet.fi
> adds an explicit warning at the end of every message.

In time, I hope such warnings will be unnecessary, as people grow
accustomed to the use of pseudonyms.

DEADBEAT

-----BEGIN PGP SIGNATURE-----
Version: 2.1

iQBFAgUBK4o0+PFZTpBW/B35AQGlcAF/UC0HNtSoIQe2arEoK5uzkjX+7fCwPUqC
l/2o0wifS7SLGLfoshQpd3vaczDktaBV
=TPtY
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
To find out more about the anon service, send mail to [email protected].
Due to the double-blind system, any replies to this message will be anonymized,
and an anonymous id will be allocated automatically. You have been warned.
Please report any problems, inappropriate use etc. to [email protected].
*IMPORTANT server security update*, mail to [email protected] for details.