[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The Remailer Crisis
Tim urges recently that we need to do something about the "remailer crisis."
I remember Sameer once mentioning that he could set up remailer-in-a-box
accounts for possibly anonymous 'sponsors' who'd be the legal owners therefore
indemnifying Sameer (the tolerant sysadmin) of responsibility. I know he allows
'remail-to-yourself' blind-server accounts for $10 / meg or something. That's
probably a bit expensive for a sponsor of a public remailer (any stats on
average remailer traffic?). I never did here any more from sameer or anyone
else about remailers-in-boxed-accounts. I for one would be willing to 'sponsor'
a remailer account on any system with a small fee - I can't run my own as my
private site looks at the world through PPP.
I suggest that 'sponsored' remailers are a better way of making remailers
economically viable for people like Sameer, who are the real, if not nominal,
administrators. Though I hardly use remailers, those who do would probably
make better (and more easily executed) use of their money if they sponsor
remailer accounts on Cypherpunk ISPs like c2, rather than pay a (truenamed,
legally vulnerable) operator for any single remailer.
Sameer's blind-server code can come in use to make any link between the
sponsor and her sponsored account very hard to detect.
The advantages of sponsoring remailer-site operators to create remailing
accounts, rather than pay an individual remailer operator, are many:
1. innocent until proven guilty - presumably sponsors do use remailers a lot;
but not necessarily. So the payment transaction can be via truename, rather
than via some complicated anonymous means, and still leave the sponsor
unimplicated
2. legal - an operator of a single remailer is vulnerable - technically, if
not root, and legally otherwise. an administrator of a Cypherpunk ISP is
not, and does not have the legal right to monitor a customer's traffic,
and with blind-servers even detailed logging don't lead back to the
owner of an account, the sponsor, from any _specific_ remailer (though
a pool of sponsors exist for a pool of remailer account)
3. technical - it's not possible to ban a single remailer, as they may be
_many_ on a site. If the site is much more than just remailers, it's not
really possible to ban the entire site.
4. traffic analysis - more remailers addresses will make traffic analysis
harder, and chaining more fun - you could chain through multiple accounts
on a single site with little loss in reliability (though you'll still want
to go through more sites)
5. remailer explosion - more reliable remailers (due to the '-in-a-box', more
users, wider distribution
Comments?
-----------------------------------------------------------------------------
Rishab Aiyer Ghosh "In between the breaths is
[email protected] the space where we live"
[email protected] - Lawrence Durrell
Voice/Fax/Data +91 11 6853410
Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA