[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anonymity: A Modest Proposal



At 9:42 AM 10/18/95, Hal wrote:

>I think a remailer which forged headers would get people even angrier
>than one which was up front about what it was doing.  Forging headers is
>really considered antisocial by a lot of people on the net.  If you could
>do it safely, you wouldn't need remailers.  Since you need them, it's not
>safe, hence the message will probably get traced back to the remailer.
>This is prima facie evidence to get an account yanked at a lot of places.

        Of course. The problem is that protocols as implemented permit
header-forging: it's a practical fact of the net, and one that maybe
shouldn't be overlooked on (basically vague) 'moral' grounds, any more than
Netscape should say, "Well, you just _shouldn't_ screw someone with a
foo.foo.foo.foo... URL." Of course people shouldn't overflow your stack
intentionally--but they _can_, and the implications of that fact are
shaping the net as we speak. If the headers were forged in such a way as to
falsely and _credibly_ attribute a transmission to an actual uninvolved
third-party, that's one thing; but the existence of headers that are forged
so incompetently as to be traceable to their actual origin suggests that
forged headers might be worth meditating on. For example, what if two or
three dozen independently maintained Mixmasters in three or four countries
randomly forged headers (maybe even actually badly, or maybe craftily
"badly") so as to make the last link in a chain look like one (or "one") of
the other remailers; how would the Co$ cope with that?
        Anyway, you get the drift.


Ted