[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


To my mind, remailer vulnerability starts with the Net addresses used to  
send to them and send from them.  It seems to me that a fortress remailer  
must have solve two problems:

   1) Getting a message to the remailer without knowing the remailer's Net  

   2) Sending a message from the remailer without revealing a Net address.

Problem 1 can be easily solved by having users send messages to various  
new groups the remailer scans.  The messages would be encrypted with the  
remailer's public key.  The remailer continuously scans for new messages  
encrypted with its public key.  When it finds one, it decrypts it and  
processes it.

Problem 2 it the tricky part.  How can the remailer inject a message back  
into the public Net without revealing its Net-location?  If the remailer  
could sovle this problem, then why couldn't everybody use the same  
solution, eliminating the need for remailers?  The one possibility is that  
the solusion requires something that most average users can't do or can't  
acquire economically (i.e. most everybody can grow their own food, but why  

I haven't come up with any really good ideas here.  Here are a couple  

a) Using various hacker tricks to forge "From:" e-mail addresses.

b) Use short-lived addresses.  Set the remailer up some how so it can  
frequently acquire new e-mail addresses.  Each address would only be used  
to forward a limited number of messages, and then it would be abandoned.

[email protected]