|
Home > Archive > Anonymous Servers > February 2006 > Need an expert opinion
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Need an expert opinion
|
|
| Nomen Nescio 2006-02-15, 7:46 am |
| If all of my posts, like this one, and all of my anonymous mail is
TLS'd through Tor to the first remailer in a chain of 20 random
remailers, is there a chance of a snowball in hell of ever tracing
those postings or emails. Is it as iron clad as iron clad can get?
Is it so anonymnous and secure that one could bet one's life on it?
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
["Followup-To:" header set to alt.privacy.anon-server.]
On Wed, 15 Feb 2006 14:20:07 +0100 (CET), Nomen Nescio wrote in
Message-Id: <260bd4c7a784ee880ab7eecd045db3ee@dizum.com>:
> If all of my posts, like this one, and all of my anonymous mail is
> TLS'd through Tor to the first remailer in a chain of 20 random
> remailers, is there a chance of a snowball in hell of ever tracing
> those postings or emails. Is it as iron clad as iron clad can get?
> Is it so anonymnous and secure that one could bet one's life on it?
If I wanted to send a hugely important message, here's how I would do
it:
1) Make a list of all the remailers that support Ephemeral TLS.
2) Spend a few days injecting dummy messages to those remailers, using
STunnel or equivalent.
3) Send your real message using 6(ish) remailers. Hardcode the first
and second remailers using those from your TLS list. Set copies to 2
or 3.
4) Repeat step 2
IMO your method is too complex and differs from the majority of other
messages in too many ways. It's unusual for messages to traverse 20
remailers, and it's unusual for them to be injected from a Tor node.
The above steps ensure that you have Perfect Forward Secrecy in the
event that remailer keys are compromised in the future. The dummy
messages help to mask the injection of the real message. The chain of 6
is strong enough and the message stands a good chance of reaching the
destination without setting copies to something very high that would
stand out.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBQ/ M3rmoLu9HNUqmMAQqB8AgAk3ooRlofZc+t7xFxvz
aJSdnIflp3SaRO
4xkjptJfseL14jCLitoGfO+7PH8275YE5LLc4PdS
q3gAmp4FSdT/gV6Q4Tr5fmx9
GbTmjlUG9yl+yDdEFamdMJaHyzg71H0RUD7CUsFR
UCp0C3w0ZT4e3rZJ9Ige2EIJ
v0jwk5jwhZbRUa+6SEM+evYNqzzJ8yTigWvazG8t
ZyflkBGnxk0DbtHJ17rHsYAm
MwvOqP7VmVMetbiXTafEkiK+yAMdu3bwMZBRIRnu
c9Lv3FV3W2wSJxX/nG3hfMBh
iGEcHyiKqaJ/ HUPka5HuISf1IluhM0SXmBEPDXwvztpTTuS1NXl5
Ww==
=Anym
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| nemo_outis 2006-02-17, 11:08 pm |
| Nomen Nescio <nobody@dizum.com> wrote in
news:260bd4c7a784ee880ab7eecd045db3ee@di
zum.com:
> If all of my posts, like this one, and all of my anonymous mail is
> TLS'd through Tor to the first remailer in a chain of 20 random
> remailers, is there a chance of a snowball in hell of ever tracing
> those postings or emails. Is it as iron clad as iron clad can get?
> Is it so anonymnous and secure that one could bet one's life on it?
>
Yes, I'm so confident I'd trust your life with it :-)
Actually, no, it's clumsy to the point of being unworkable. Worse, it is
such an unusual pattern that you have self-selected yourself to stick out
like a sore thumb.
And remember this: The point where secure communications fail is seldom
the channel - it's more often the endpoints (e.g., no authentication, a key
has been leaked, your machine or the one at the other end is compromised,
the recipient blabs, the style and content of your message gives you away
as the author, etc.).
Regards,
PS FWIW Osama allegedly uses couriers.
| |
| anonymous@remailer.hastio.org 2006-02-17, 11:08 pm |
| On Wed, 15 Feb 2006 14:20:07 +0100, Nomen Nescio wrote:
> If all of my posts, like this one, and all of my anonymous mail is
> TLS'd through Tor to the first remailer in a chain of 20 random remailers,
> is there a chance of a snowball in hell of ever tracing those postings or
> emails. Is it as iron clad as iron clad can get? Is it so anonymnous and
> secure that one could bet one's life on it?
a tla can see that you downloaded a usenet post and that somebody replied
to it anonymously a day or so later.
they can spot stylistic quirks.
they can tell that you show knowledge of this or that in other posts, and
if you show the same knowledge in posts you want to keep anonymous, you
may have problems.
etc.
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.
| |
| Stephen K. Gielda 2006-02-17, 11:08 pm |
| In article <260bd4c7a784ee880ab7eecd045db3ee@dizum.com>,
nobody@dizum.com says...
> If all of my posts, like this one, and all of my anonymous mail is
> TLS'd through Tor to the first remailer in a chain of 20 random
> remailers, is there a chance of a snowball in hell of ever tracing
> those postings or emails. Is it as iron clad as iron clad can get?
> Is it so anonymnous and secure that one could bet one's life on it?
>
>
If you want the best anonymity that you can get, run a remailer. That
way you know for sure at least one isn't compromised, and one is all you
need.
/steve
--
The Missing Amendment
The Right To Privacy
http://www.themissingamendment.org
| |
| nobody@pboxlevel3.homelinux.net 2006-02-17, 11:08 pm |
| This is a Type III anonymous message, sent to you by the Winston Smith
Project Pboxmix mixminion server at pboxmix.winstonsmith.info. If you
do not want to receive anonymous messages, please contact pbox-
admin@winstonsmith.info. For information about anonymity, see
https://www.winstonsmith.info/pws or
https://e-privacy.firenze.linux.it.
-----BEGIN TYPE III ANONYMOUS MESSAGE-----
Message-type: plaintext
In <dsvd3e$71l$1@bananasplit.info> Zax <fleegle@bananasplit.info> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA512
>
>["Followup-To:" header set to alt.privacy.anon-server.]
>On Wed, 15 Feb 2006 14:20:07 +0100 (CET), Nomen Nescio wrote in
>Message-Id: <260bd4c7a784ee880ab7eecd045db3ee@dizum.com>:
>
>
>If I wanted to send a hugely important message, here's how I would do
>it:
>
>1) Make a list of all the remailers that support Ephemeral TLS.
>2) Spend a few days injecting dummy messages to those remailers, using
> STunnel or equivalent.
>3) Send your real message using 6(ish) remailers. Hardcode the first
> and second remailers using those from your TLS list. Set copies to 2
> or 3.
>4) Repeat step 2
>
>IMO your method is too complex and differs from the majority of other
>messages in too many ways. It's unusual for messages to traverse 20
That may be, but it is clearly impossible to know aside from unverifible
claims made by anonymous people.
Is it possible, at any point beyond the injection remailer, to determine how many
hops a message has been through or will go through? Answer: NO
Can you know that there aren't literally thousands of messages sent on
20hop chains every day. Answer: No
If anyone can answer 'yes' to either of these questions then Mixmaster should be
considered broken and immediately abandoned as unsafe.
>remailers, and it's unusual for them to be injected from a Tor node.
Thanks to Panta, it's not nearly as unusual as it once was.
-----END TYPE III ANONYMOUS MESSAGE-----
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
["Followup-To:" header set to alt.privacy.anon-server.]
On Wed, 15 Feb 2006 18:02:36 +0100 (CET), nobody@pboxlevel3.homelinux.net wrote in
Message-Id: <20060215170236.DE8A2438F1@pboxlevel3.homelinux.net>:
>
> That may be, but it is clearly impossible to know aside from unverifible
> claims made by anonymous people.
>
> Is it possible, at any point beyond the injection remailer, to determine how many
> hops a message has been through or will go through? Answer: NO
It's not possible at any point, including the injection remailer. My
point wasn't that it's possible to tell how many nodes the message
passes through, just that you lose reliability. Most people counter
this by sending a large number of copies. This could make you stand out
because your messages enter the network in bursts.
> Can you know that there aren't literally thousands of messages sent on
> 20hop chains every day. Answer: No
I know because most people want their messages to arrive. With the
exception of public forums, it's unlikely that the sender can check his
message reached the destination. He therefore needs reliability which
means lots of copies. Lots of copies is IMO not a good thing to do.
> If anyone can answer 'yes' to either of these questions then Mixmaster should be
> considered broken and immediately abandoned as unsafe.
Mixmaster works correctly in accordance with its specification, it isn't
broken. It doesn't provide the ultimate in anonymity, in part because it
allows the user too much choice on how to send a message. In anonymity
terms, choice is bad.
> Thanks to Panta, it's not nearly as unusual as it once was.
Agreed, Panta deserves lots of praise for his work.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBQ/ NkMmoLu9HNUqmMAQobTwgAmU8g6VEnjBMTJ09NoA
IvPCYessLToZMc
PIV8TKVy4Po+0ZuPGkEXwpV2RVgBCf3IrOHpgMgL
KlATvvXwui+tHleTiuI1s/V5
ACGk/ 4t5IBQuwRAOOrwXLf7AeeieRnLmz+50xtmdOZ4VW
EJlc+K6Gki87voIhu0/
ti70i5eJtSKk7d1QEIwfG6MnVvms/Sr3gY3z/ZBFO7mDaUJDzHOjS4sc7NnxnFK/
LNOU/ ryr5PTtTTr+CNdMfqMdnxoJJaQfCbK7oUhJrmYJy
GDQlQLDH6NFGEJWGiiQ
8pEA8swAu1n9uJgBXc+X/s4evH5dPGrAz1o4iyjgmGRhNtot3uhvJA==
=OofM
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| [Anon] Thor 2006-02-17, 11:08 pm |
| This is a Type III anonymous message, sent to you by the Mixminion
server at straylight.snikt.net. If you do not want to receive
anonymous messages, please contact ADMIN. For more information about
anonymity, see URL.
-----BEGIN TYPE III ANONYMOUS MESSAGE-----
Message-type: plaintext
> is there a chance of a snowball
> in hell of ever tracing those
> postings or emails. Is it as
> iron clad as iron clad can get?
> Is it so anonymnous and secure
> that one could bet one's life on it?
Regular social interaction sometimes
helps with this condition.
-----END TYPE III ANONYMOUS MESSAGE-----
| |
| StealthMonger 2006-02-17, 11:08 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Zax <fleegle@bananasplit.info> writes:
> It's not possible at any point, including the injection remailer. My
> point wasn't that it's possible to tell how many nodes the message
> passes through, just that you lose reliability. Most people counter
> this by sending a large number of copies. This could make you stand out
> because your messages enter the network in bursts.
NEVER send messages in bursts! Always send messages with absolutely
monotonous regularity, month in and month out, sending a dummy message
when you have no live one.
Here's the script from stealthmail 0.65 which I published here last
August. It likely will need modification to run in another setting.
#!/bin/sh
# SYNOPSIS
# outbeat
# DESCRIPTION
# outbeat : "Output Heartbeat" or "Output Drum-beat"
# Maintain a rigidly periodic sequence of mailings or postings, using
# dummy articles when there are no live ones to send. The live and
# dummy articles are supposed to be indistinguishable except to an
# intended recipient who has the correct decryption keys. The effect
# is to conceal live traffic in an ongoing stream of cover traffic, so
# that an observer cannot determine when or how much live traffic is
# being sent.
# The frequency of the output mails is determined by the "mail
# period", which can be set by the user. Once established, it defines
# an unending sequence of time-slots into the future, to each of which
# will be assigned a mail. If sending is interrupted for a time,
# perhaps because the Internet connection or the computer itself is
# down, the actual sending frequency is increased when the system
# comes back up, until synchrony is reestablished. Frequency during
# such catch-up phases is determined by the "catch-up period", which
# is also a user-controlled parameter.
# Notes on choosing the mail period and the catch-up period. The mail
# period should be short enough to accommodate all live traffic into
# the foreseeable future without unduly delaying any particular mail;
# however, it should be no shorter, to avoid accusations of abuse.
# The catch-up period has to be shorter, and is some compromise between
# making sure catch-up actually occurs often during up-times on the one
# hand, and being open to charges of abuse of the system on the other.
# outbeat is intended to be left running at all times. However, it is
# reasonably tolerant of restarts, as would be required for example if
# the computer is taken down and rebooted. It spends most of its time
# asleep.
# outbeat state is maintained in a directory $DIR, which must be
# writable by the user. On first-ever invocation, outbeat creates the
# necessary files and directories under $DIR. They are:
# next-slot A small file which always holds the absolute (since epoch)
# minute-count at which the next unsent mail should be or
# should have been sent.
# urgent A Maildir-style mail directory for urgent outgoing mail.
# normal A Maildir-style mail directory for routine outgoing mail.
# cover A Maildir-style mail directory for outgoing cover mail.
# See Bernstein's qmail documentation for a description of Maildir
# directories. A Maildir has subdirectories tmp, new, and cur. New
# articles can be constructed in tmp and moved to new when completed.
# Because all components of a Maildir are required to be in the same
# file system, such a move is an atomic operation, eliminating mail
# loss or duplication which can result from race conditions.
# urgent, normal, and cover form a priority queue for outgoing mail.
# The user constructs an article in normal/tmp/ or urgent/tmp/, then
# moves it to normal/new/ or urgent/new/. cover/tmp and cover/new are
# used in a similar way for cover traffic, except that whenever
# cover/new goes empty, this script calls a user-supplied program
# MAKE_COVER, which is supposed to create a new piece of cover traffic
# for use next time it's needed.
# Each time a mail is to be sent, outbeat selects a highest-priority,
# oldest article, sends it, and moves it to the cover/cur directory
# (renaming it to usually prevent clobbering a previous entry there).
# Sent articles all go to the same directory so as to erase record of
# which are live and which are dummy. (normal/cur and urgent/cur are
# therefore not used, and need not actually exist.) The user should
# delete old articles from cover/cur/ from time to time, so they don't
# pile up indefinitely. (They are useful for monitoring and debugging
# outbeat operation.) The sent article is also touch(1)ed to erase
# its original modification and access times, further obscuring its
# origin. Note the rename erases the original creation time.
# An article deposited in */new should be complete with headers. It
# is sent verbatim as standard input to "/usr/lib/sendmail -t", which
# should be implemented even in systems using other than sendmail as
# the MTA (true for example for qmail and smail).
export HOME=/var/lib/stealthmail
PATH="/usr/local/bin:/usr/bin:/bin:/var/lib/stealthmail/bin"
export PATH
# Directory where it all happens
DIR=/var/lib/stealthmail/outbeat
. /etc/stealthmail-conf
# Program to generate cover traffic
MAKE_COVER=/var/lib/stealthmail/bin/make-outbeat-cover
cd $DIR
# The loop is organized to do the right thing during normal, routine
# operation, but also to be somewhat graceful in case of one or more
# restarts during one sleep interval (as might occur while performing
# unrelated system maintenance) and for the one-time initialization.
# Arrange for immediate send unless next-slot is in the future. If
# this is a restart after a brief interruption, this could crowd
# multiple sends into less than one CATCHUP_PERIOD. Tough.
WAKEUP_TIME=$(cat next-slot)
while true; do
# Be sure that there's some cover traffic if needed:
if [ "$(ls cover/new/* 2>/dev/null)" == "" ] ; then
$MAKE_COVER $DIR
fi
SLEEPTIME=$(echo $WAKEUP_TIME 60 '*' $(date +%s) - p | dc)
if (( $SLEEPTIME > 0 )) ; then sleep $SLEEPTIME ; fi
# NB: Elapsed real time between here and the "sendmail" invocation
# below is world-visible, and should not be allowed to depend
# significantly on whether the mail to be sent is live or dummy.
# Minutes since 1970 Jan 1 00:00 :
NOW=$(echo $(date +%s) 60 / p | dc)
NEXT_SLOT=$(cat next-slot)
# Bring up the modem link if necessary.. (uses our own pon)
pon-if outbeat
# Give it a while to come up..
sleep 120
# Reload the configuration
. /etc/stealthmail-conf
if [ -e /var/lock/LCK..modem ] ; then
# Select the highest priority, oldest mail for sending..
SENDING=$(echo $(ls -tr urgent/new/* 2>/dev/null) \
$(ls -tr normal/new/* 2>/dev/null) \
$(ls -tr cover/new/* 2>/dev/null) \
| cut -d ' ' -f1)
# Use exim's -odqr in order to leave the message for dequeuing
# by the run-mail-queue below. Otherwise, the queue run in
# run-mail-queue will find the message already being processed
# and return immediately, leading to premature modem hangup if
# the news pull doesn't take enough time. The "-f '<>'"
# placates the ISP and causes the ISP to supply the sender.
if ( /usr/sbin/exim -odqr -t -f '<>' < $SENDING ) ; then
rm $SENDING
fi
# After a send, the next-slot time is advanced by one period
# regardless of whether the send was on time:
NEXT_SLOT=$(( $NEXT_SLOT + $MAIL_PERIOD ))
echo $NEXT_SLOT > next-slot
# Opportunisticly perform other network activity
if [ ! -f /var/lock/modem-user-pull-aam.lock ] ; then
pon-if pull-aam
/var/lib/stealthmail/bin/pull-aam &
fi
if [ ! -r /var/lock/modem-user-run-mail-queue.lock ] ; then
pon-if run-mail-queue
/var/lib/stealthmail/bin/run-mail-queue &
fi
fi
poff-if outbeat
# The time of our next wake-up call:
if (( $NEXT_SLOT - $NOW < $CATCHUP_PERIOD )) ; then
WAKEUP_TIME=$(( $NOW + $CATCHUP_PERIOD )) ; else
WAKEUP_TIME=$NEXT_SLOT
fi
done
# Implementation notes: Times are expressed in minutes partly because
# this was initially conceived as an "at" script, which uses minutes,
# and partly because seconds-counts since epoch are large enough to
# stress long-integer limitations in some installations.
# "at" was not used because it insists on writing to stderr no matter
# what, and because it doesn't accept simple seconds-since-epoch as
# the time the job should be run. Stupid translations would be
# required from tick-counts to "civil" time notations, just so at's
# algorithm could apply the reverse translation back to tick-counts
# again. So instead, one perpetual process is used, which spends most
# of its time sleep(1)ing.
# A down-side of this implementation is that some way has to be found
# to automatically start the job at boot time. (But to prevent floods
# of outbound mail it should only run while connected to the Internet,
# so it could be started from ip-up.)
# Modified 2004 Nov 11: added "touch $SENDING" to erase original
# create and access times; cleaned up documentation a bit.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 <http://mailcrypt.sourceforge.net/>
iD8DBQFD84zpDkU5rhlDCl4RAhXGAJ46G4FoNZ9/u3FxUqqs3c28MGpJ5gCgn+6Y
6LuwU5+TeDaEpLXZtmqBNcg=
=gVjw
-----END PGP SIGNATURE-----
| |
| Thrasher Remailer 2006-02-17, 11:08 pm |
| In article <dsvo7i$lgp$1@bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> ["Followup-To:" header set to alt.privacy.anon-server.]
> On Wed, 15 Feb 2006 18:02:36 +0100 (CET), nobody@pboxlevel3.homelinux.net wrote in
> Message-Id: <20060215170236.DE8A2438F1@pboxlevel3.homelinux.net>:
>
>
> It's not possible at any point, including the injection remailer. My
> point wasn't that it's possible to tell how many nodes the message
> passes through, just that you lose reliability. Most people counter
> this by sending a large number of copies. This could make you stand out
> because your messages enter the network in bursts.
>
>
> I know because most people want their messages to arrive. With the
> exception of public forums, it's unlikely that the sender can check his
> message reached the destination. He therefore needs reliability which
> means lots of copies. Lots of copies is IMO not a good thing to do.
That depends on how you handle them.
I use 6 to 12 copies in a chain like this:
*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,(e
xitremailer)
This results in 6 to 12 chains, with several different injection points.
the copies are NOT all sent at once, instead broken up over several hours.
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 15 Feb 2006 22:49:03 -0000, Thrasher Remailer wrote in
Message-Id: <DVBJGVLK38764.2773611111@reece.net.au>:
> I use 6 to 12 copies in a chain like this:
>
> *,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,(e
xitremailer)
>
> This results in 6 to 12 chains, with several different injection points.
> the copies are NOT all sent at once, instead broken up over several hours.
That's fine, I didn't know you had a client with that capability. I
would never create a chain that long, but it's simply a matter of
personal preference.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBQ/PLKWoLu9HNUqmMAQqqFQf/Qra9afgwQTg7yEpHxA9L2v6V+zjJXVO3
GD4B6oVbmJaquobWEaVQ2zM7shY9nckoCEvaG5/+ge89g6j9vdaKaK7LdQ6j08Zm
lYGrcr4eU3jnM3le+hcblBCugkuSzTRNU/HJDmMnb/DrY4Z1WiG6Wnab57K5KxRX
L8+m98XXQIfr3YZM1X34OEcaBm2DEnHdCAwQ0ByT
oN8aVNLtDeqAaSm4Yn62qwY7
bcfL36xvqM98oXToAubYHQ8XMaadLUq3Vyqu9zDY
3L5YuC/3NXqg9cynJzX3HIU2
6h/3oo/J6r24y9fQqJ1BAOP4vfbtBxzc4CZ4jjp4LigU/pKqAJbI1Q==
=1pxO
-----END PGP SIGNATURE-----
--
pub 1024D/8ED57743 2003-07-08 Bananasplit Operator
Key fingerprint = 796F 67E0 E890 A0BB BDAE EBB4 94A6 7A09 8ED5 7743
uid Admin <admin.bananasplit.info>
| |
| BiKiKii Admin 2006-02-17, 11:08 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
On 15 Feb 2006, Thrasher Remailer wrote:
>I use 6 to 12 copies in a chain
>
You may "use" 11,12,,,100 ; Mixmaster will not use more than 10.
if (numcopies > 10)
numcopies = 10;
BiKiKii
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQEVAwUBQ/PuoPRwi/QFFzi5AQEjywf/TVvPfTSiLaOq4ki7mjQfSnsMHhrM13MC
lMISuiS6JH5rDzlLOc/Eu1Amf9P6ZDtEFogMuFl5d/3OpoEWehXfwNkcX854ewWN
AiIxhn5tk3tOjMU6zVCfIRyG4PDaKiNOJemFIuaH
UhBqmsyhk5pVcL27BtgAdUdo
0qJQMH7D83p4udXK/HZLCZgv6tu318/oZfMSmguZROs6UBueTGpdy6KWctmst/AN
M+vWJmKFBsxHqSbOzN9AAcyv78dXeSFQBchZTPtK
S8VmmkMCGRCQpiOSLJw4QSng
YGnGVBMLy8+jA1FOEq617sQSE5NESZkc40rhh4MH
WYjdJbdu/QluTQ==
=c7K6
-----END PGP SIGNATURE-----
| |
| AnonUsenetReader 2006-02-17, 11:08 pm |
| > a tla can see that you downloaded a usenet post and that somebody replied
> to it anonymously a day or so later.
I think it's a good idea to find anonymous ways of downloading usenet news,
too. Sign up for a usenet provider that offers secure nntps, and use
an anonymous name, and pay with a money order. Even better, find a way
to access the anonymous nntps connection through Tor or at least a trusted
secure tunnel (also paid for anonymously with a money order).
If you can get Tor to work with a free usenet service, that might be a
good way to go, too, if there are exit servers that would support it.
I don't know of any free usenet servers offering nntps, but maybe
Tor would be enough.
| |
| Notan 2006-02-17, 11:08 pm |
| AnonUsenetReader wrote:
>
>
> I think it's a good idea to find anonymous ways of downloading usenet news,
> too. Sign up for a usenet provider that offers secure nntps, and use
> an anonymous name, and pay with a money order. Even better, find a way
> to access the anonymous nntps connection through Tor or at least a trusted
> secure tunnel (also paid for anonymously with a money order).
>
> If you can get Tor to work with a free usenet service, that might be a
> good way to go, too, if there are exit servers that would support it.
> I don't know of any free usenet servers offering nntps, but maybe
> Tor would be enough.
"I think it's a good idea to find anonymous ways of downloading usenet news, too."
It seems, to me, that this is one step past aluminum foil camouflage hats.
What's the point?
Notan
| |
| AnonUsenetReader 2006-02-17, 11:08 pm |
| On Thu, 16 Feb 06 04:20:46, Notan <notan@ddress.thatcanbespammed> wrote:
>"I think it's a good idea to find anonymous ways of downloading usenet news, too."
>
>It seems, to me, that this is one step past aluminum foil camouflage hats.
>
>What's the point?
>
>Notan
Hi Notan.
Of course each person needs to decide for themselves what is enough.
But for me, I think anonymous usenet news reading is one of the most
important things, almost more than anonymous email/posting or web
browsing.
Think about it: reading news is very similar to web browsing, except
it's even easier for an adversary to monitor, because it typically
all gets delivered from a single point (news server) to you
unencrypted. And it may even be a pay service that you signed
up for in your real name and paid for with a credit card.
That would almost make it easier to profile someone based on usenet
than web browsing. Maybe it depends on how much you use it
and what sorts of groups you frequent. You're reading a privacy
newsgroup. The nsa might wonder, why would somebody be
concerned about their privacy, reading about remailers and such,
unless they have something to hide. You don't have anything to
hide, do you?
--putting on my aluminum foil camouflage hat
| |
| Notan 2006-02-17, 11:08 pm |
| AnonUsenetReader wrote:
>
> On Thu, 16 Feb 06 04:20:46, Notan <notan@ddress.thatcanbespammed> wrote:
>
>
> Hi Notan.
>
> Of course each person needs to decide for themselves what is enough.
> But for me, I think anonymous usenet news reading is one of the most
> important things, almost more than anonymous email/posting or web
> browsing.
>
> Think about it: reading news is very similar to web browsing, except
> it's even easier for an adversary to monitor, because it typically
> all gets delivered from a single point (news server) to you
> unencrypted. And it may even be a pay service that you signed
> up for in your real name and paid for with a credit card.
>
> That would almost make it easier to profile someone based on usenet
> than web browsing. Maybe it depends on how much you use it
> and what sorts of groups you frequent. You're reading a privacy
> newsgroup. The nsa might wonder, why would somebody be
> concerned about their privacy, reading about remailers and such,
> unless they have something to hide. You don't have anything to
> hide, do you?
>
> --putting on my aluminum foil camouflage hat
<G>
Do you really think the NSA is monitoring what people are reading?
Clearly, you've got more confidence in them than most of us!
Notan
| |
| Thrasher Remailer 2006-02-17, 11:08 pm |
| In article <43F4B063.4B50B16A@ddress.thatcanbespammed>
Notan <notan@ddress.thatcanbespammed> wrote:
>
> Do you really think the NSA is monitoring what people are reading?
>
> Clearly, you've got more confidence in them than most of us!
>
> Notan
Does it matter? Even if this anonymity stuff is over the top, it can
still be fun. Did you never use invisible ink when you were a kid, or
make a decoder ring?
| |
| Notan 2006-02-17, 11:08 pm |
| Thrasher Remailer wrote:
>
> In article <43F4B063.4B50B16A@ddress.thatcanbespammed>
> Notan <notan@ddress.thatcanbespammed> wrote:
>
> Does it matter? Even if this anonymity stuff is over the top, it can
> still be fun. Did you never use invisible ink when you were a kid, or
> make a decoder ring?
As a geek, from way back, I admit that a bunch of it's pretty cool!
I've got security, on my computer systems, even though my wife and
I are the only ones in the house... I've got a pretty extensive
security system on my house, even though I live in the mountains,
where there's not a chance in Hell of being broken into...
I have to laugh, however, at the folks that are truly worried about
being watched, overheard, etc.
Life's just too short!
Notan
| |
| Thrasher Remailer 2006-02-17, 11:08 pm |
| In <997FYW9038765.1584722222@reece.net.au>, thrasher@reece.net.au wrote:
>In article <43F4B063.4B50B16A@ddress.thatcanbespammed>
>Notan <notan@ddress.thatcanbespammed> wrote:
>
>Does it matter? Even if this anonymity stuff is over the top, it can
>still be fun. Did you never use invisible ink when you were a kid, or
>make a decoder ring?
I started with simple substitution cyphers in 3rd grade for notes the teacher couldn't read. It was simple enough i could almost sight read it after a while.
| |
| Anonymous 2006-02-17, 11:08 pm |
| On Thu, 16 Feb 2006, Notan <notan@ddress.thatcanbespammed> wrote:
>AnonUsenetReader wrote:
>
><G>
>
>Do you really think the NSA is monitoring what people are reading?
>
>Clearly, you've got more confidence in them than most of us!
>
>Notan
You miss the other poster's point. It's not that I had confidence in them,
it's that I have zero confidence in them. What I have confidence in is
their ability to take things out of context, misconstrue thing, misread
signals, and in general, harrass the innocent while completely missing the
"bad guys".
There may be a few big juicy brains at the NSA, but the majority of them
are just like the rest of us, except with less honor, because they're
slopping at the taxpayer funded feed trough.
| |
| AnonUsenetReader 2006-02-17, 11:08 pm |
| Notan wrote:
> <G>
>
> Do you really think the NSA is monitoring what people are reading?
>
> Clearly, you've got more confidence in them than most of us!
>
> Notan
Most likely they are not, but I think there is a reasonable
chance that they may be, especially certain groups like this.
Best to expect the unexpected, so you can be prepared.
Even if you think it's a non-issue today, things could quickly
change, and it would be to your advantage to be prepared
ahead of time.
On the other hand, you can make the argument that taking
measures to obtain anonymity could make you stick out and
raise red flags, and you'd be best operating in the clear,
and just blend in.
I'm kind of a geek, though, and I enjoy this stuff just
for the sake of being able to do it.
When I started posting to usenet in the mid-90's, using
my real name, I never expected there'd be a company
archiving all of that and making it available to the
public at some future time, all easily searchable.
I've also seen enough first hand in regards to tracking
and data retention, that I prefer the anonymous approach
rather than the blending in approach.
--putting on my aluminum foil camouflage hat
| |
| Anonymous 2006-02-17, 11:08 pm |
| In article <260bd4c7a784ee880ab7eecd045db3ee@dizum.com>
Nomen Nescio <nobody@dizum.com> wrote:
>
> If all of my posts, like this one, and all of my anonymous mail is
> TLS'd through Tor to the first remailer in a chain of 20 random
> remailers, is there a chance of a snowball in hell of ever tracing
> those postings or emails. Is it as iron clad as iron clad can get?
> Is it so anonymnous and secure that one could bet one's life on it?
Given the responses and objections so far, am i safe to assume that
the above protocol will make it impossible, in this lifetime, to
discover my identity?
Yes or no, please, just a simple answer, will it do the job or not?
| |
| Anonymous 2006-02-17, 11:08 pm |
| In article <dsvd3e$71l$1@bananasplit.info>
Zax <fleegle@bananasplit.info> wrote:
> IMO your method is too complex and differs from the majority of
other
> messages in too many ways. It's unusual for messages to traverse 20
> remailers, and it's unusual for them to be injected from a Tor node.
How would anyone know the chain is 20 long but the sender?
If I don't inject from a Tor node, then it will be known that i am
sending remailer messages and the first remailer will have my ip
address. This information would serve as evidence against
deniability, yes?
| |
| Borked Pseudo Mailed 2006-02-17, 11:08 pm |
| Anonymous wrote:
> In article <260bd4c7a784ee880ab7eecd045db3ee@dizum.com> Nomen Nescio
> <nobody@dizum.com> wrote:
>
> Given the responses and objections so far, am i safe to assume that
> the above protocol will make it impossible, in this lifetime, to discover
> my identity?
>
> Yes or no, please, just a simple answer, will it do the job or not?
NO!
In fact it may make it EASIER to find out your identity than simply using
a normal number of remailers in a chain. You stick out. You're unusual,
and thus more visible.
It ALSO does nothing at all to deal with the number one problem with
anonymity. The user. Their "style and habits" if you will. These things
are so much more important than the difference between 5 and 20 remailers
that they make the number of remailers used a completely silly question
to begin with. After the magic number 3 you are mathematically so
anonymous your criteria are met regardless. At THAT point it becomes more
practical to attack other things, and that is PRECISELY what people do.
And PRECISELY why "style" is so much more important that using 20
remailers.
| |
| George Orwell 2006-02-17, 11:08 pm |
| Notan wrote:
> AnonUsenetReader wrote:
>
> "I think it's a good idea to find anonymous ways of downloading usenet
> news, too."
>
> It seems, to me, that this is one step past aluminum foil camouflage hats.
>
> What's the point?
HUH?
Are you suggesting what you download isn't important?
I think you're the crazy one. Just ask that 12 year old girl that got
dragged into court for downloading a few songs.
| |
| SimpleAnswer 2006-02-17, 11:08 pm |
| > Yes or no, please, just a simple answer, will it do the job or not?
no.
| |
| Borked Pseudo Mailed 2006-02-17, 11:08 pm |
| Thrasher Remailer wrote:
> In <997FYW9038765.1584722222@reece.net.au>, thrasher@reece.net.au wrote:
>
>
> I started with simple substitution cyphers in 3rd grade for notes the
> teacher couldn't read. It was simple enough i could almost sight read it
> after a while.
LOL!
The first book I had on the subject was named "Codes and secret Ciphers" I
think. About 100 pages. Covered everything from transposition ciphers, to
invisible ink... to "cryptanalysis" by way of character frequency and
stuff. I was about 9 or 10 I think, but I followed through from front to
back faithfully. Even saved my paper route money to buy the chemicals to
make the invisible inks and developers.
<sigh>
Anyone want to bet that some of those same chemicals are illegal today? I
remember getting a lot of them in a chemistry set with real, Pyrex beakers
and stuff.
Yes, I'm old. ;)
| |
| Fritz Wuehler 2006-02-17, 11:08 pm |
| In article <Xns976B5497DEB30abcxyzcom@127.0.0.1>
"nemo_outis" <abc@xyz.com> wrote:
>
> Nomen Nescio <nobody@dizum.com> wrote in
> news:260bd4c7a784ee880ab7eecd045db3ee@di
zum.com:
>
mail is[vbcol=seagreen]
get?[vbcol=seagreen]
it?[vbcol=seagreen]
> Yes, I'm so confident I'd trust your life with it :-)
>
> Actually, no, it's clumsy to the point of being unworkable. Worse,
it is
> such an unusual pattern that you have self-selected yourself to
stick out
> like a sore thumb.
I'm sorry, I don't understand. This is currently how I do it and
have been doing so since Tor came on line, so, it is quite workable
since it is the only method I use.
How would such a pattern be visable to anyone? since nothing is
visible end to end, only I would know of the pattern for a particular
message, so how would that "stick out like a sore thumb?"
| |
| Notan 2006-02-17, 11:08 pm |
| George Orwell wrote:
>
> Notan wrote:
>
>
> HUH?
>
> Are you suggesting what you download isn't important?
>
> I think you're the crazy one. Just ask that 12 year old girl that got
> dragged into court for downloading a few songs.
She wasn't dragged into court because of the content of the downloads,
but, rather, because the domnloads, themselves, were considered illegal.
(While I don't agree with this action, the prosecutors made their point!)
You're starting to mix your fruit!
Notan
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Borked Pseudo Mailed <nobody@pseudo.borked.net> wrote in
news:9073cb9a884d867fe40c9e2f23434c1a@ps
eudo.borked.net:
> Anonymous wrote:
>
>
> NO!
>
> In fact it may make it EASIER to find out your identity than simply
> using a normal number of remailers in a chain. You stick out. You're
> unusual, and thus more visible.
That doesn't make any sense. If remailers actually work as advertized,
then
it is not possible for anyone other than the person sending the message to
know how many hops are in a chain.
- --
http://peculiarplace.com
http://lurasbookcase.com
http://purrfectdomains.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32) - GPGshell v3.47
iQEVAwUBQ/XnsPu4FzRyppzVAQi5fQf/ZvjH9jt56fMKz5PYDP/QnWgpWku95X9f
g771ms/KUzsATZmmzId/ Lm1ZiU9K5lfgtEWCom5xaYmX7UyO9P9cFFaT3JTC
h2PN
msxlUoR6t4OrcQlnxc/ 89Ssi71fdgBybmOXIrEXkNk8jcBunCNrz7Idudi1
IzQmQ
tPJQEAskGsO0wRO+Do/ d1e8WWD8MkDslnIWTeqwtPxYTCV45oe4uJWoQXPO
xxsBu
AOdhzE9HyHYX7qe/CQx+H0tay+DK/KsJV4EHpKpgXxbJoPwrRIejFQbs+hvMM1CX
tA9TGluZh1izwZ7K8Za5/49fPQEd8dp6T4ld8QhNL5BBSPv5grpOkA==
=DhCk
-----END PGP SIGNATURE-----
| |
| donnie 2006-02-17, 11:08 pm |
| On Thu, 16 Feb 2006 10:03:31 -0700, Notan
<notan@ddress.thatcanbespammed> wrote:
>Do you really think the NSA is monitoring what people are reading?
>
>Clearly, you've got more confidence in them than most of us!
>
>Notan
#####################################
If they don't like what you're saying, they might start looking at
what you're reading.
| |
| nemo_outis 2006-02-17, 11:08 pm |
| Fritz Wuehler <fritz@spamexpire-200602.rodent.frell.theremailer.net> wrote
in news:9c1f89ae916e51d3082a2a54c9f92095@ms
gid.frell.theremailer.net:
> it?
[vbcol=seagreen]
[vbcol=seagreen]
> I'm sorry, I don't understand. This is currently how I do it and
> have been doing so since Tor came on line, so, it is quite workable
> since it is the only method I use.
The mechanics may work (although performance and reliability is likely to
be spotty) but the game isn't worth the candle: not only is your security
not materially improved, you have made yourself a prime candidate for a
partitioning analysis (the technical term for "stick out like a sore
thumb").
> How would such a pattern be visable to anyone? since nothing is
> visible end to end, only I would know of the pattern for a particular
> message, so how would that "stick out like a sore thumb?"
....since nothing is visible end to end...
What a rash assumption!
No, the "global passive adversary" is a standard threat model applied to
analyze such networks (other threat models include "the global active
adversary" - stronger - and the "widespead-but-not-global adversary -
weaker). These are abstractions of real-world adversaries such as the NSA.
Browse the papers at:
http://www.freehaven.net/anonbib/
including papers such as:
Low-Cost Traffic Analysis of Tor
http://www.freehaven.net/anonbib/cache/torta05.pdf
Regards,
| |
| Borked Pseudo Mailed 2006-02-17, 11:08 pm |
| Ed wrote:
>
> That doesn't make any sense. If remailers actually work as advertized,
They do work as advertised, but you apparently fail to be able to
understand that advertisement in any detail.
The vulnerabilities of the remailer network are known and have been
discussed to no end. Part of its design, its function, is to obscure
traffic by making that traffic look like all other traffic. Maek your
messages indistinguishable form my messages in any way. It's a loft goal,
and some theorize impossible to obtain while maintaining usability.
Yes, the remailer network is a "good enough" compromise.
When you do something out of the ordinary, the little flaws that don't
mean much to every day users begin to stick out. The somewhat predictable
latency of a message changes. Its apparent size inside the remailer
network (number of fragmented packets) changes. Several things "stick out"
that can make your messages distinguishable from others, especially if
your "pattern" is to do them all the time.
> then
> it is not possible for anyone other than the person sending the message
> to know how many hops are in a chain.
What makes you believe knowing an exact number of hops is necessary?
| |
| Borked Pseudo Mailed 2006-02-19, 8:22 am |
| Notan wrote:
> George Orwell wrote:
>
> She wasn't dragged into court because of the content of the downloads,
> but, rather, because the domnloads, themselves, were considered illegal.
Semantics games. The point is, whether it's the content or the act, or
whatever spin you care to give it to salvage irrelevant points, what you
download can be just as important to your security as what you upload.
> (While I don't agree with this action, the prosecutors made their point!)
>
> You're starting to mix your fruit!
No, you're injecting fruit into a discussion about on line security. The
two have nothing at all to do with each other.
| |
|
| Borked Pseudo Mailed wrote:
>
> <snip>
>
> Semantics games. The point is, whether it's the content or the act, or
> whatever spin you care to give it to salvage irrelevant points, what you
> download can be just as important to your security as what you upload.
>
>
> No, you're injecting fruit into a discussion about on line security. The
> two have nothing at all to do with each other.
You can't be arrested for *listening* to subversive rhetoric...
You can be arrested for *saying* it.
Notan
| |
| George Orwell 2006-02-19, 8:22 am |
| Notan wrote:
> Borked Pseudo Mailed wrote:
>
> You can't be arrested for *listening* to subversive rhetoric...
>
> You can be arrested for *saying* it.
Completely irrelevant. Again you try and interject something that simply
doesn't apply. We're not talking about listening to something, we're
talking about obtaining something, be it newsgroups posts, emails, music,
or whatever.
We're talking about whether or not obtaining those things, and how they're
obtained, can affect your privacy and security. Obviously they can. The
DMCA examples are only one current events example of that.
The point you're trying to evade with your word games is that downloading
material from Usenet is better done anonymously if it's real privacy
you're after. The premise that it doesn't matter is a false one, for a
number of very real reasons.
| |
| Thrasher Remailer 2006-02-19, 8:22 am |
| In <1f729de8e362fc2007e9515de7dc3f66@pseudo.borked.net>, nobody@pseudo.borked.net wrote:
>Ed wrote:
>
>
>They do work as advertised, but you apparently fail to be able to
>understand that advertisement in any detail.
>
>The vulnerabilities of the remailer network are known and have been
>discussed to no end. Part of its design, its function, is to obscure
>traffic by making that traffic look like all other traffic. Maek your
>messages indistinguishable form my messages in any way. It's a loft goal,
>and some theorize impossible to obtain while maintaining usability.
>
>Yes, the remailer network is a "good enough" compromise.
>
>When you do something out of the ordinary, the little flaws that don't
>mean much to every day users begin to stick out. The somewhat predictable
>latency of a message changes. Its apparent size inside the remailer
How can you tell this from 'dummy traffic'?
or from somebody else's traffic, 'dummy' or otherwise?
>network (number of fragmented packets) changes. Several things "stick out"
Like what? (not being sarcastic here, I really want to know, and HOW its going to be detectable at all when mixmaster msgs are all supposed to look the same?)
>that can make your messages distinguishable from others, especially if
>your "pattern" is to do them all the time.
I send anywhere from 500 to 1000 mixmaster messages per day, most of them long chain (10 to 20 hops) 'dummy' messages. My real traffic is a fraction of that and is not distinguishable from the 'dummy' traffic.
| |
| Thrasher Remailer 2006-02-19, 8:22 am |
| In <9073cb9a884d867fe40c9e2f23434c1a@pseudo.borked.net>, nobody@pseudo.borked.net wrote:
>Anonymous wrote:
>
>
>NO!
>
>In fact it may make it EASIER to find out your identity than simply using
>a normal number of remailers in a chain. You stick out. You're unusual,
>and thus more visible.
Eh? Wassat you say?
What's a "Normal" number of remailers in a chain? I'll just bet that depends on who you ask. Somebody told me once that 3 was 'normal', another person swore by 6, I personally use 15 and another poster claims 20 is ideal.
Please educate me, tell me HOW a longer chain makes me more identifyable.
| |
| anonymous@remailer.hastio.org 2006-02-19, 8:22 am |
| On Sun, 19 Feb 2006 00:45:37 +0000, Thrasher Remailer wrote:
> In <9073cb9a884d867fe40c9e2f23434c1a@pseudo.borked.net>,
> nobody@pseudo.borked.net wrote:
[vbcol=seagreen]
>
> Please educate me, tell me HOW a longer chain makes me more identifyable.
I would like to know that too.
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.
| |
| George Orwell 2006-02-20, 2:45 am |
| Thrasher Remailer wrote:
> In <9073cb9a884d867fe40c9e2f23434c1a@pseudo.borked.net>,
> nobody@pseudo.borked.net wrote:
>
> Eh? Wassat you say?
>
> What's a "Normal" number of remailers in a chain? I'll just bet that
> depends on who you ask. Somebody told me once that 3 was 'normal',
> another person swore by 6, I personally use 15 and another poster claims
> 20 is ideal.
>
> Please educate me, tell me HOW a longer chain makes me more identifyable.
Your messages are larger, and they take longer to get through the network.
They also might look completely different from your dummy traffic
depending on how it's generated (by the client or by Mixmaster). That
might not seem like much by itself, but it helps anyone who happens to
have the ability to observe both the entry and exit of your messages (your
ISP reading newsgroups messages for instance), and anyone who would
attempt a replay attack.
It's better to stay away from anything that might make you stick out. Use
a more conservative number of remailers and chains. Closer to the
defaults the clients come configured with, like many/most people do.
| |
| Thrasher Remailer 2006-02-23, 5:48 pm |
| George Orwell <nobody@mixmaster.it> wrote in
news:c9e7dfcbe1d33a57a228cc2447382a6e@mi
xmaster.it:
> Thrasher Remailer wrote:
>
>
> Your messages are larger, and they take longer to get through the
No, they aren't. All mixmaster messages are the same size, it's in the
specs.
> network. They also might look completely different from your dummy
> traffic depending on how it's generated (by the client or by
I generate dummy traffic with clients, with mixmaster, and with homebrew
batch files... the resulting dummy messages all look the same to me.
> Mixmaster). That might not seem like much by itself, but it helps
> anyone who happens to have the ability to observe both the entry and
> exit of your messages (your ISP reading newsgroups messages for
> instance), and anyone who would attempt a replay attack.
I doubt it. I send 5 to 20 msgs an hour, most of them dummy traffic. All
my ISP sees is encrypted blobs directed to a remailer's smtp courtesy of
stunnel and then there is latency to consider as well. Even if somebody
was watching newsgroup messages, they cannot correlate any of my outbound
packets with the posting of any message in any newsgroup. The chain of
traceability vanishes with the encrypted connection to the remailer's smtp.
> It's better to stay away from anything that might make you stick out.
> Use a more conservative number of remailers and chains. Closer to the
> defaults the clients come configured with, like many/most people do.
Hogwash! The software has capabilities, I intend to use them to the
fullest, long chains, cpunk latent-time and all the rest. I know how to
use every one of them to insure my anonymity. So does everyone else with
the brain cells enough to read and comprehend reliable, jbn, quicksilver,
stunnel, tor and mixmaster documentation.
|
|
|
|
|