[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Standard Headers for Anonymous Remailers



> From: [email protected] (Loyd Blankenship)
> 
> One of the big problems is anonymous bombardment of a 
> helpless newsgroup. This (and the problem of auto-screening anonymous
> mail) could be solved if there was a standard header keyword (or maybe 
> even a new header field) that could be screened from a newsgroup.
> [Any thoughts?]

Yeah, some thoughts,

> From: [email protected] (Greg Broiles)
> 
> If a significant fraction 
> of the net community responds to wider access to anonymity by filtering out 
> anonymous mail, my prediction (and suggestion :) is that people [...]
> will resort to mail which is non-obviously anonymous.

The possibilities for
	1) (more or less) anonymous posting,
	2) forged headers,
	3) general obnoxiousness
	4) automatic abuse of netnews facilities,
	5) secret or forged "identities",
all already exist on netnews.

Many have already been used in offensive action as in the following
recent examples (I'd welcome more data and pointers about these and
similar cases, and some of these may have been rumors only. I'm also
sure some good ones happened before my time :-)

1) anonymous posting services (penet),
2) forged headers are very popular of course, and do not really
surprise anybody anymore,
3) I'll avoid naming examples of direct obnoxiousness, thank you :-)
4) (semi-?)automatic newsgroup re-creation after rmgrouping (Becker),
4) post-moderation via cancel messages (who was that guy again?),
5) SRIA vote-taker, accused of being the same person as the main
proponent of the group (with syslogs as evidence),
5) "It was not me, I left my terminal logged on..."
5) suspect votes from generic accounts, all posted at the same time...

And some other mechanisms scream for new forms of abuse :-) It's amazing
that everybody is resisting the temptation...

The responses have been:
- A few flame wars (some pretty entertaining),
- The most exposed newsgroups, like religious groups, are systematically
moderated (to improve signal to noise ratio, but also to try to prevent
attacks),
- The most obnoxious people have been posting away under their own name,
proudly disdaining (that we know of) the possibilities of technology :-)
- and overall, the net as we know it goes on, with just some minor
flamage overhead.

So, as you can see, I'm pretty optimistic (I actually found most
of these actions at least interesting, if maybe ...errr... crude). I do not
think you really want to go to the trouble of really preventing people
from posting (more or less) anonymously if they want to simply because
that's too much trouble.

One the other hand, most offensive action on the net has in the past been
proudly done under the perpetrator's real name, or under Real Thin
disguise. Of course, if it's possible, it will happen, and so eventually
netnews will have to shut down for a few days under an attack of the
magnitude of the one that stroke down the Internet itself. And somebody
will end up in court...

It's not also that I deny groups the right to express their disgust towards
anonymous posting, but rather that I think they are wasting their time
until much more infrastructure is available for accountability (that may
not be so far away, but that's a different story).


A remailer "tag" would help (at least politically), but at this stage,
would be deceiving in that it does not really solve any user's problem
(if there ever was any). Still, delusion and all, it may make remailers
more socially acceptable... errr... tolerable :-) It could also create
a distinction between "nice" remailers (obediently tagged) and "naughty"
remailers (proudly un-tagged).

Pierre "What emphasys?".
[email protected]