[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
re Telecoms Bill
-----BEGIN PGP SIGNED MESSAGE-----
>Well, if "cypherpunks write code", is there any code we should be
>writing in response to this?
:I'm not familiar with SSL protocols, but something that would anonymize
:web page access and keep it entirely encrypted (not just credit card or
:forms transactions) would be good.
I think the first problem would be how to hide a sites true location. For
example, if I have a domain called xxx.offensivestuff.org, how would I hide the
sight so that while it is freely accessable to those who are looking for it,
yet not allow a goverment agency to home in on the geographical locations via
trace route.
I remember reading a number of articles about floating sites, the only problem
is with the way Internet routing tables are structured, given that the site
would constantly spoof different ip's to make it harder to track, or maybe even
hacking some of the routing tables on the larger gateways, it could cause all
sorts of problems with traffic. ie domain xxx.offensivesutt.org has the
routing information for www.fluffybunnies.com, but if xxx.offensivestuff.com
moves, then that routining information is invalid. resulting in numerous
broadbad broadcasts trying to determine the correct route to
www.fluffybunnies.com.
Additonally, a number of bogus proxie servers could be set up to confuse
traffic analysis in attempting to determine what the true endpoint of a
transfer is.
At some point, the data could be encrypted by a proxie server, and sent to the
final destination. Thus just like e-mail is reordered by remailers,
HTTP/FTP/Telnet connections can be shuffled around to foil analysis.
Of course, this approch would result in a slower connection and more packet
hops.
:Encrypted/truly anonymous ftp would be nice (though some folx would
:understandably have problems with truly anonymous uploads, and crypto
:export restrictions in the US could be problematic legally).
Under the forementioned technique, it would not be problematic technically.
:I think there is already work on encrypted telnet (stel) by the CERT/IT
:people.
I have seen an SSL telnet client source code on hactic I think.
:On the non-net side of things, implementing encrypted BBS/communications
:and file-transfers is useful. I'm told PGP-Phone is supposed to support
:encrypted communications/file-transfers... so a host-script language that
:enables a simple BBS would be nice.
I like this idea, but I am not sure how the laws work. For example if a BBS
had subscribers sign a voucher stating that they were not agent of a goverment
agency, would it hold up? would lying constitue entapment?
If not, then yes, encrypting the data would provide protection becasue no one
would be able to detect what was being passed. under this approch
information gained by wiretapping would not be usefull.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMRau2EUffSIjnthhAQHnhgP/SgH4SA6yKRlkgnJ198jw2SBaZ5SqsNRF
YYtyHWeWcGqf30ghoe20Bvfug7oaJrB5jO+fqJ6DiL5Wp2onmWL6MTrReEpt7q1t
8ESRgyO/ndVDBhiQHWxLY1tynVBJxUbCrxvMHyPtpTIRXQtZsFlM6Iw8lndbnUbK
RofiuhFzDlU=
=n9n+
-----END PGP SIGNATURE-----
Regards,
Michael Peponis
PGP Key Avalible form MIT Key Server,or via finger