[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Standard Headers for Anonymous Remailers



D. Owen Rowley wrote:

>I think that the design of privacy systems needs to take these
>dark-side issues seriously and do their best to minimise the potential
>for abuse. 

Yes, but it's more than just the privacy systems that need good
designs; applications like mailers could benefit from (say) digitally
signing every message and reporting the signature on a document rather
than where it came from.

At the risk of sounding like a broken record, I will quote some
private email I sent to another indiviual concerned with these things
(hopefully eveybody else who is going to post in about needing to
minimize abuses and stuff will read this and find out such things are
being worked on!)

>I hope this is because people really feel like schmucks taking
>anonymous pot-shots :-)  I mean, I wouldn't like to see anonymous
>remailers abused either.

>As I mentioned, a more "satisfying" solution to me is to be using a
>positive reputation system along with a pay-per-remail anonymous
>remailer.  The problem is infrastructure - there exist anonymous
>remailers, but right now positive reputations and pay-remailers aren't
>at the same level.  

>A good positive reputation system would require people to habitually
>sign their messages and posts, even if the key they used can't be
>traced (say, the username is a pseudonym).  Plus, you'd need software
>(built in to the mail software you use would be best) that reports
>signatures instead of email address.  This would allow you to see who
>sent the message (who signed it) rather than where it originated from.

>A good pay-remailer would charge enough per letter so as to make
>everyone think before firing off a letter in haste.

-- 
Karl L. Barrus: [email protected]         
keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 

"One man's mnemonic is another man's cryptography" 
  - my compilers prof discussing file naming in public directories