[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remailer hating Nazis




"Anonymous ReMonger" wrote:

> > If you believe that any computer sytem is foolproof... you have a lot to
> > learn.  There is always a possibility that people will found out your real
> > identity and where you live, through a human error or a flaw in the
> > remailer.  (Right, toto?).
> 
>   Right, small, warm-blooded creature.
>  
>   There are a plethora of available avenues for surruptitious agents to
> exploit InterNet technology and methodology in order to reveal both your
> identity and the content of your communications.
>   To truly achieve anonymity and privacy, one should be prepared to use
> the strictest standards of paranoia, the full capabilities of privacy
> and anonymity tools, and personal methodologies aimed at thwarting
> unlikely and/or impossible surveillance techniques as well as the
> currently known methods.

And even then one must never trust it completely.  An appropriate degree
of paranoia means that not only must one use all the appropriate tools and
techniques, but that one must be prepared for the possibility that the
tools may fail. 

>   Beyond the mere technology itself, one must consider the possibile
> use of psychological manipulation of individuals and groups into a
> specific mindset that, combined with an analysis of the individual's
> natural psychological profile, can enable a surreptitious entity to
> move the individual toward patterns or processes which will make
> the technological tools of identity and information analysis more
> effective.

Following is a fairly obvious scenario, but still perhaps interesting:

Imagine that an agent X wants to find out the real identity of
somebody posting under the pseudonym A.  X can retrieve the list
membership through the mailserver.

X composes a post to the list designed to elicit a response from A,
perhaps flaming A, or criticising something dear to A.  They prepare n
variations of the post by inserting different spacing, spelling, or
phrasing and keep track of each variation.  They post one variation to
each member, relayed through toad.com.

If X is lucky, A will reply to the post (not noticing the slightly
unusual header), quoting some of the original matter.  By looking at
the spelling etc in the quoted part X can determine which original
version A received and hence what address they use to read the list.

Now this is by no means certain to work: A might not reply, they might
not quote enough material to allow the original to be identified, or
they might notice that the mail is not really from the list.  Even if
X can associate the reply with an original, they have no really
conclusive evidence, but then...

>   This fictitious example, if it came to pass, would serve to
> provide information to the agent which could be used to more
> effeciently target those who would be subjected to more restricted
> forms of surveillance, such as monitoring of the physical signals
> given off by their computer, keyboard, and monitor.

It has, perhaps, only a ten percent chance of success, but this is
nevertheless significant.  If A is posting anonymously just for the
convenience of not having his/her email address dredged up by search
engines, or from broadly-based monitoring this is perhaps OK.  If A
writes against people or governments that might retaliate, then A
should at least consciously accept the risks.

>   All in all, the small, warm-blooded creature is correct in
> implying that one should always keep a shotgun by their computer, in
> the firm knowledge that the dogs of war do not always bark to
> announce their omnipresence.

Nicely put.

> > Greets to all my friends in domestic surveilance.
> 
>   And greets to all of my friends who are watching your friends.

That's good to know.  Some of them need to be watched.

::Boots

  "You will find that the State is the kind of organization which,
   though it does big things badly, does small things badly too."  
                                        -- John Kenneth Galbraith