Re: Databasix conspiracy theories

[Andy Dustman <andy@neptune.chem.uga.edu>]

Note that these comments apply primarily to the cracker remailer. 

On Tue, 11 Nov 1997, Anonymous wrote:

> Maybe the next time Gary, Linda, or Paul send a remailer operator a
> complaint, the operator will know what to expect next. 

I did get one complaint from Gary Burnore about stuff being sent directly
to him. He wasn't a jerk about it, and I haven't heard a peep out of him
since.

> thing that's not so random is the high percentage of words that are
> related to DataBasix, such as "DataBasix", "Burnore", and "Wotan".  I'm
> almost waiting for Gary Burnore to give the remailer and mail2news
> operators a "helpful" suggestion that they could curb most of this
> "abuse" by simply blocking any anonymous posts containing any of those
> three keywords. <g> Or perhaps he's done so and politely been turned
> down. 

He's never asked us, at least. Although, when spam-baiting started hot and
heavy this summer, another Databasix employee did suggest that his address
should not appear in posts. I made it quite clear we don't check for
specific names, words, or addresses, and that he was a legitimate topic of
discussion. Never heard back after that, and this was several months ago.

> Perhaps the next wave of attacks on remailers will not consist of
> attempts to shut them down altogether but to progressively cripple them
> by getting certain features disabled, one by one.  This seems to have
> already started.  The strategy seems to be to fabricate a form of
> "abuse", anonymously through remailers, for which the seemingly
> "logical" solution is to disable a certain feature.  This has already
> proven successful with header pasting, for example.  Now you can't post
> to Usenet and set the From: address to that of your own 'nym. 

If you really want the post to have the From: address of your nym, send
the post with your nym and not with the remailer as the last hop. The
point of anonymous remailers is to be anonymous. If you want to use a
psuedonym, use a nymserver.

>  I'm not even certain that you can set a Reply-To: address any more. 

You can at cracker. However, you can't post in From:, Sender:, Received:,
and a couple other "identifying" headers. 

>  If the "camel" can get his nose under the tent and convince operators
> to start filtering on the *CONTENT* of the Subject: line or body of
> usenet posts, the anti-privacy nuts will have scored a major victory. 
> In fact, from reading Jeff Burchell's posts, it looks like Gary and his
> DataBasux-ers had initially convinced Jeff to do exactly that.  But, in
> a symbolic victory for freedom of speech, he removed those filters for a
> week before he finally shut down Huge Cajones altogether. 

Cracker does have a spam-bait mangler which is somewhat simpler than the
scheme Jeff used. In a nutshell, if there are an inordinately large number
of addresses (compared to other text), the addresses are mangled, i.e.,
president@whitehouse.gov becomes president <AT> whitehouse <DOT> gov.
Still human-readable but useless for address harvesters. No posts get
dropped or filtered out under this scheme, and no keywords or particular
addresses are looked for.

Andy Dustman / Computational Center for Molecular Structure and Design
For a great anti-spam procmail recipe, send me mail with subject "spam".
Append "+spamsucks" to my username to ensure delivery.  KeyID=0xC72F3F1D
Encryption is too important to leave to the government. -- Bruce Schneier
http://www.athens.net/~dustman mailto:andy@neptune.chem.uga.edu   <}+++<