[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Don't Kill the Messenger--A New Slant on Remailers



At 6:45 PM 10/20/95, Rev. Mark Grant wrote:
>On Thu, 19 Oct 1995, Timothy C. May wrote:
>
>> "You have a piece of mail awaiting at our mail delivery service. The
>> originator is unknown. The title of the message is "Tentacles of Medusa
>> Must Die!" You may retrieve this message by replying to this notification
>> with the word "Yes" anywhere in the Subject field. This message will be
>> kept for 60 days and then deleted."
>
>I suspect that I could easily hack this into Mixmaster in a day or two,
>but wouldn't it open you to attacks where Anonymous Fed, say, sends
>terrorist kiddy-porn through your remailer and busts your ISP during those
>60 days for possession ? I'm not sure if it would be better or worse than
>current setups from that point of view.

In the U.S. at least, the Electronic Communications Privacy Act (ECPA) says
that e-mail should not be looked at by third parties to a communication.
Yes, there are all sorts of wrinkles, such as whether an employer may look
at employee e-mail, blah blah. But I suspect the ECPA adequately protects a
mail deliverer against charges such as Mark describes.

("But under the ECPA I am not allowed to look at this e-mail, so how can I
held be liable for it?" Not even under Stratton-Oakmont is the deliverer or
holder of e-mail held liable for content or effects--the Prodigy case
involved the fact that Prodigy was moderating/censoring speech in public
forums, so, the judge averred, Prodigy could not claim it had no duty to
moderate or censor the speech of defamers. Roughly, as IANAL.)

>I might do it anyway, and set it up to only forward PGP-encrypted
>messages, but I certainly wouldn't be able to keep messages for 60 days
>with only a MB or so to spare.

Drives are cheap. I just saw a 1.2 GB for $195 (internal, PC). I suspect
that anyone sweating over having only a MB to spare shouldn't be running a
remailer.

(Not a slam against Mark, just a statement that there are certain minimal
capabilities I'd expect to see, and not having free disk space is a serious
problem.)

In any case, by the time "General Delivery Remailers" would be spreading,
disk space will be even cheaper. And a coupon- or stamp-based remailer
could of course then buy disk space as needed.

(If a 1000 MB drive costs $300 and is written off over 3 years, then the
storage cost is $0.10 per megabyte-year. For the average text message of
about 20 KB, the cost to store it a year is $0.002. The cost to store it
for 60 days is 6 times less. Even if disk drives cost more than I've
quoted, the cost is tiny, tiny, tiny. Connection costs are likely to
dominate. Large files may be a different matter--the math is easy to
do--but these are seldom the targets of remailers to unsuspecting parties.
In any case, easy to "expire" unretrieved larger files faster.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."