[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Don't Kill the Messenger--A New Slant on Remailers

At 07:45 PM 10/20/95 +0100, "Rev. Mark Grant" <[email protected]> wrote:
>> "You have a piece of mail awaiting at our mail delivery service. The
>> originator is unknown. The title of the message is "Tentacles of Medusa
>> Must Die!" You may retrieve this message by replying to this notification
>> with the word "Yes" anywhere in the Subject field. This message will be
>> kept for 60 days and then deleted."
>I suspect that I could easily hack this into Mixmaster in a day or two,
>but wouldn't it open you to attacks where Anonymous Fed, say, sends
>terrorist kiddy-porn through your remailer and busts your ISP during those
>60 days for possession ? I'm not sure if it would be better or worse than
>current setups from that point of view. 

One way to deflect this attack is to encrypt the message for storage
using a symmetric-key algorithm with a randomly generated session key,
and send the session key to the recipient with the notification.
You still have 300 MB of planted kiddy-terrorist narcopornography on your
but it's encrypted and you can happily tell the judge that you _can't_
decrypt it because you don't have the key.  The Feds _could_ get the
keys by eavesdropping on your outgoing correspondence or using
your system to send the material to themselves (or a conveniently employed
child), but at least you're not storing it in plaintext.

More of a problem with this system is that it's only useful for terminal
remailers; to use it in the middle of a chain, the next remailer would
need to be configured to auto-accept such messages, or else your remailer
would need to have a list of known remailers and use direct delivery
for all mail sent to them.
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281