[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RemailerNet
In message <[email protected]> Lance Cottrell writes:
> >If anyone cared enough, what they would do is (a) put up enough remailers
> >so that they were, say, a steady 80% of those announcing in the alt.x
> >group; (b) provide a good, reliable service nearly all of the time; and
> >(c) drive the other 20% out of business with a steady disinformation
> >campaign (rumors, complaints, etc) and other more aggressive tactics.
> >The FBI types running (a) and (b) would be well funded and they would
> >be the sort of steady, unimaginative people who run small businesses
> >well. The CIA field agents masterminding (c) would be very well
> >funded network freaks, some of them ex-hackers. They could operate
> >outside the USA and pay little or no attention to US laws. Pity the
> >poor 20% in the face of such attacks.
> >
> >Any traffic sent through this remailer network would have only a tiny
> >chance of getting through without being compromised. If you picked
> >5 remailers, the chances of all being non-FBI would be about .2^5,
> >3 in 10,000. The other 9,997 messages would be copied immediately
> >to Langley.
>
> I fear that you have the math wrong. The odds that the path would be compromised
> (that is all five nodes are FBI) is 1-(.8^5) = .67
Actually, the odds are better than this, .8^5, about 0.33. You will be
compromised "only" 1/3 of the time.
But if you are sending regular messages to another party, then traffic
analysis will quickly show that you are communicating, because even if
the boys at Langley are really dumb, you won't make send more than
two or three messages without having all the cherries lining up.
You will be protected if you have encrypted your messages, but using
a remailer network offers little additional protection.
> If I understand your system one compromised node is a total loss for that
> message.
No, as I have said elsewhere, I think that an 'empowered user' of RN0.2
can communicate with another empowered user through a completely
compromised network with little risk, so long as there are many other
such users. This is because the compromised gateways will not be able
to tell when and whether either of the users is actually communicating.
--
Jim Dixon