[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remailer Attack




At 01:19 PM 9/26/97 -0400, Anonymous (Monty Cantsin) wrote:
>No, the nym servers differ in two important ways.
>
>1. They use a reply block so your true identity lies encrypted beneath
>the public keys of several remailers.  I would rather the message went
>to alt.anonymous.messages.

This is an interesting idea.  I'm going to forward it to the
remailer-politics list and see what people there think of the idea.

>Also, by my reading of the "uptime" statistic in Raph's remailer
>chart, a reply block is not going to be very reliable for receiving
>mail.

The Redneck remailer, for instance, has a 99+% uptime rate.  The reason for
this being high is that it is run under a business model.  The connectivity
basically cannot go down.  There has only been 23 minutes of connectivity
downtime in the last year.  Redneck is run on a business quality network
with multiple backbone feeds.  But things break down after that.  Redneck
also runs on an underpowered 486 with no "hotfix" backup machine.  It is
not considered to be a mission critical piece of equipment.  I might notice
Redneck have a problem at 1:00 am, but it can wait until in the morning to
get fixed.  Situations like this, combined with software upgrades account
for downtime.

Back to your question of latency, the actual latency on Redneck is about
six seconds if chaining is not used.  This is "high" because the remailer
runs on an underpowered machine.  If the machine is not doing its thing for
any length of time, then the figure will go up dramatically, which is why
you see the two minute latency now.  Cracker however is *designed* to have
additional latency.  The figure shown is twenty something minutes, but
actual latency of an individual message cannot be determined. Conceivably,
it could be much higher or lower on any given message.  The latency could
be under 60 seconds during a busy time, or could be hours during a slow time.

>2. The nym servers advertise that the accounts are nyms through the
>choice of domain names.  So, presumably, people will respond with the
>same hostility that they respond to any other anonymous message. 
>I presume the remailer operators want to minimize the number of times
>somebody is defrauded through an anonymous account.

This is similar to the AOL effect.  It is often hard to have respect for an
unknown poster from AOL.  The remailer at EFGA is new.  I've come to
realize that this natural hostility towards a remailer is a good reason to
put the remailer on a separate domain.  We might do this.


  -- Robert Costner                  Phone: (770) 512-8746
     Electronic Frontiers Georgia    mailto:[email protected]  
     http://www.efga.org/            run PGP 5.0 for my public key