[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mail-to-news fun

To: Bill Stewart <[email protected]>, "Scott V. McGuire" <[email protected]>
Subject: Re: mail-to-news fun
From: Lance Cottrell <[email protected]>
Date: Thu, 6 Feb 1997 19:52:09 -0800
Cc: [email protected], [email protected]
Sender: [email protected]

It would be a trivial hack for Mixmaster. It allways knows if a message if
going to another remailer, or if this is the last hop, so it can add the
disclaimer only on the last hop.

	-Lance

At 4:06 PM -0800 2/6/97, Bill Stewart wrote:
>At 01:01 PM 2/6/97 -0500, Scott V. McGuire wrote:
>>On Wed, 5 Feb 1997 [email protected] wrote:
>>> People don't read mail headers or disclaimers at the bottom,
>>> and putting disclaimers like that into message text for
>>> email exposes the message to traffic analysis.)
>
>>How does putting it in the message expose it to traffic analysis but not
>>putting it in a header?
>
>Suppose you're sending a message on a remailer chain of
>you -> Alice->Bob->Charlie->Dave->Eve->Fred--> target
>and Bob puts lots of disclaimers in his remailer's outgoing messages.
>Anything Bob puts in a header will get stripped out by Charlie,
>so it's no problem.  However, if Bob tacks a disclaimer
>as the bottom text in the outgoing message, when Eve sends
>mail to Fred she'll also see the disclaimer that
>	The message was sent by an anonymous user
>	through the remailer at Bob's Remailer Shack.
>	Bob doesn't know who sent it, and doesn't keep records,
>	so he can't squash the user, but he can block mail to you
>	if you don't want any more anonymous email.
>	Don't believe everything you read!
>so she'll know to check the FBI Illegal Wiretap files for Bob.
>
>Some comments and backtracking
>0) Of course, if you want to avoid traffic analysis,
>sending unencrypted email is pretty stupid, and only the
>next hop is going to see a disclaimer that you append
>after the encrypted part of the message.
>
>1) Prepending the disclaimer to the message body is
>pretty unfriendly to the :: syntax, and not all that
>great for PGP encrypted messages either.  Pretend I
>really just suggested appending it at the end,
>since that's what I would have said if I'd been thinking :-)
>
>On the other hand, I suppose that you can see whether the
>next hop is a Type I remailer by looking for the :: or ##.
>
>2) Cutmarks would be a nice fix, but they require too much
>attention to detail to get right, in case the next hop
>is a remailer.
>
>So maybe you _should_ always put in the disclaimer,
>at the end, with a reminder to always encrypt your
>remailer-chain mail if you want to avoid traffic analysis :-)
>
>
>
>
>
>#			Thanks;  Bill
># Bill Stewart, +1-415-442-2215 [email protected]
># You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
>#     (If this is a mailing list, please Cc: me on replies.  Thanks.)


----------------------------------------------------------
Lance Cottrell   [email protected]
PGP 2.6 key available by finger or server.
http://www.obscura.com/~loki/

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------

Prev by Date: Re: WANTED: Tolerant, anonymity-friendly news admins
Next by Date: Re: lead remailer is shut down
Prev by thread: Re: mail-to-news fun
Next by thread: MA Electronic Records and Signature Act
Index(es):
- Date
- Thread