Re: An idea for refining penet-style anonymous servers

[Olmur <olmur@dwarf.bb.bawue.de>]

-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Alan" == Alan Bostick <abostick@netcom.com> writes:

[.....]

Alan> There is a way that attackers who have seized or copied the
Alan> database can search it - by trying it out on anonymous IDs, or
Alan> user addresses, until they hit paydirt.

I think that's exactly where the problem lies.  The advantage of your
proposal is, that for an honest SysOp your system makes it easier not
to look on the database, but I assume that Julf isn't interested in
the contents of the database anyways..

But for a real attacker it's just a small inconvinience, nothing more.


Alan> So what do people think of this scheme of mine?  Are there
Alan> drawbacks or weaknesses that I'm not seeing?

I think it's similar to a postmaster running a script to automatically
removing the actual message from a bounced mail, before she looks at
it.  But I don't think it's really making penet-style servers more
secure.


Have a nice day, and hope your flu cured now!

Olmur
- --
"If privacy is outlawed, only outlaws will have privacy" --- P. Zimmermann
      Please encipher your mail!  Contact me, if you need assistance.

finger -l mdeindl@eisbaer.bb.bawue.de for PGP-key
         Key-fingerprint: 51 EC A5 D2 13 93 8F 91  CB F7 6C C4 F8 B5 B6 7C



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: latin1
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMYEyKA9NARnYm1I1AQFZaQP/Q6jt+o1oDLysFTcxkitZF5aaQbwNa0Z6
Ud/oJqeTZvVtbltbJ7CIAIQCHydYLnBcxbeAw3EJDPpMYXaVz0Lsd00cdggD8Uh4
nY6dc4MaWvU0Kv1QUsdBlsIzpPwqvB9+WnXFQxcu/DONQT5pNkkzJWRGoHNj6+f4
kr31q2gniis=
=M/jY
-----END PGP SIGNATURE-----