[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cfs & remailers



Bill O'Hanlon writes:

> I half-expect Eric or Tim to jump in here to point out that this is one
> of those situations where you have to define who your enemy is, and to make
> sure that your efforts apply to the situation.

Well, if they won't, I will :-)  You have to define your threats,
or at least think about them a bit.

> I run a remailer on a home Unix machine via a  phone line UUCP feed. [...]
> block the following foes: my service provider and any node upstream of it,
> thieves/misguided law enforcement types, and phone taps.  Encrypting something
> that I receive in the clear over an insecure line isn't useful.

It's still useful - it lets you protect yourself against attackers who
seize your machine but aren't actively wiretapping.  For instance,
the thugs who raided Steve Jackson Games, etc.  Wiretapping is a lot of work,
and takes a better argument to a fancier judge than simple search warrants.

Even if you are wiretapped, it lets you protect messages that got there
before the wiretap started - it's not surprising to have messages stick around
for a week in a uucp environment, and there are all your UUCP databases.

There's also a legal problem to be addressed, since nobody's established whether
remailer operators are common carriers or co-conspirators or RICO-racketeer
(probably depends on the quality of lawyers you can afford.)  
Encrypting your disks makes it *much* harder for them to examine your system 
until you've had time to get  a lawyer and do things in front of the judge 
instead of on their own in some back room.

			Bill Stewart