[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Remailer security

On Mon, 9 Jan 1995, jRT wrote:
> The thing being, say you set up an anonymous-video-or-otherwise-remailer, 
> you have to ensure that people don't manage to get into that as such 
> would obviously give away the identities of all parties.  Given that 
> people can supposedly hack the DOD computer system, that doesn't seem so 
> unlikely, so are anonymous-remailers really all that safe?

This is why you want to use a remailer chain instead of just one remailer.
Hopefully, not all of the remailers in your chain are subverted by your 
enemy.  (They may all be subverted, but as long as not by people who 
cooperate with your enemy you're still ok :-)  Also, make your chains as 
heterogeneous as possible.  That is, include remailers that use different 
hardware, operating systems, remailer softwares, are in different 
countries, are controlled by different organizations, etc., so that one 
security hole will not compromise your entire chain.

I've kinda evaded the original question, which is about the (average?) 
security of the individual remailers.  Does anyone have a real answer?

Wei Dai
PGP encrypted mail welcome.  (I realize a PGP signature says this 
implicitely, but I left my key in another computer.)