[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Chained Remailing Strategy and Tactics
- To: [email protected]
- Subject: Chained Remailing Strategy and Tactics
- From: [email protected]
- Date: Wed, 29 Jun 1994 18:28:44 -0700
- Comments: This message is NOT from the person listed in the Fromline. It is from an automated software remailing service operating atthat address. Please report problem mail to <[email protected]>.
- Sender: [email protected]
--------------------------
In order to preserve anonymity and thwart traffic analysis in
chained remailings, it would seem useful to include a very BUSY
remailer in the chain, and try to ensure that the message arrives
at the busiest time of the day for that remailer, from a traffic
standpoint. Hitting a remailer at a slack time when, let's say,
only one message arrives over a period of several hours would
seem most unwise.
Can some of the major remailer operators make available some
"sanitized" traffic stats of average traffic by hour and day of
the week? The vox.hacktic.nl remailer sounds useful in this
regard, since it apparently uses a UUCP link, and batches up
accumulated messages, both incoming and outgoing. When are the
"best" times for chained traffic to arrive there?
Can someone familiar with remailer software answer something?
When a message is encrypted, using the "Encrypted: PGP" header,
will everything after the end of the encrypted message itself be
ignored? I ask, because this seems like a good place to
introduce "padding" into the message length to thwart detection
of identical messages, assuming that such extraneous material
wouldn't screw something up.
What's the best strategy for utilizing a given group of remailers
in a chain? Which ones would be most advantageous as the FIRST
link in the chain, since this is the one link that has direct
address to the originator's address.
How would "someone", hypothetically, follow the chain backwards?
Let's say that a message traveled down the chain A -> B -> C.
Couldn't someone with enough clout ask "C" where a certain
message (based on header data) originated, find out it was
relayed by "B", ask "B" for the source, etc. and trace it all the
way back to the source? What, if anything, would prevent that?
For the sake of argument, let's assume a worst-case scenario: a
chained message to "[email protected]" containing a
seemingly credible threat to harm the President of the United
States, or perhaps a chained message, ultimately posted to Usenet
via a mail-to-news gateway, containing the first part, with more
installments threatened, of certain highly classified U.S.
military secrets. IOW, a scenario where powerful agencies are
motivated enough to invest considerable resources in tracking the
culprit down.
While we might agree that in those two cases, the persons deserve
to be caught, what's to prevent a President or other highly
placed federal bureaucrat from MISusing those same resources on
something less critical, such as tracking down and persecuting
someone who anonymously posts "Clinton is a prick" or "Clipper
sucks"?
----------------------------