|
Home > Archive > Anonymous Servers > August 2006 > How Did They Do It?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How Did They Do It?
|
|
| Borked Pseudo Mailed 2006-08-20, 1:12 pm |
| Suppose that the US or other first-world governments are concerned enough
about remailers that they want to read the traffic going through them.
One way is to have their agents run as many remailers as possible.
A second way is to get hold of the secret keys and passwords used by the
operators of the remailers.
In regard to the second way, they have about 40 remailers whose keys they
want. They might try a covert entry into the home (that's where most
remailers are run from if I have it right) of the operator, or they might
try an electronic 'breakin'.
I don't have a feel for the chances of any of these things succeeding, or
even if the government would want to bother, but it seems worth
discussing.
What do you think?
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
["Followup-To:" header set to alt.privacy.anon-server.]
On Sun, 20 Aug 2006 11:25:07 -0600 (MDT), Borked Pseudo Mailed wrote in
Message-Id: <5a9c8609af507a6bd1d107a506d7fa69@pseudo.borked.net>:
> One way is to have their agents run as many remailers as possible.
Agreed. Running lots of remailers is probably the best way to defeat
the system. Even then it's not easy as all traffic looks the same until
it hits the exit point. Pinger traffic alone is sufficient to make
tracking a message back from the exit point hard work.
> A second way is to get hold of the secret keys and passwords used by
> the operators of the remailers.
This only works for remailers where the MTA's don't use TLS encryption.
Traffic between those with TLS is encrypted with a one-time session key
that is destroyed after the communication is completed. This is called
Perfect Forward Secrecy. See http://www.noreply.org/tls for more info.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iQEVAwUBROiiE2oLu9HNUqmMAQrpVgf+KKsvwlrN
sNCUWpjyTM30aTZr/3jtAJKb
9DFFCz138Vl3gmHiPDCgWf8jPZHN0+kzfeGDaBrj
drwJd8uwFWSuQaSgLSfHSla7
Od7tidr/IZL6s3hhIGNcxLLVq74UQVZC/0JE6qRjVa+ajz2y1Kthm2cc2lWDrnkv
LPpQmAJ2tmM4HWmzNMJYS0cuHwKl2eu01XcV0//8aqRjyZqRloVUkYgBbgIvXanP
cDuPrvSNy52zz16LGi6yCakRRPor+obmqHMVf1gX
wzS6ZfUV80bjHdAaE9ZQLKB4
AXE08PUsRDXoxeta58Y2lTZTmAPrKHWQxKDFFwYK
bO5Ot10hjbFTQg==
=CFfO
-----END PGP SIGNATURE-----
| |
| Borked Pseudo Mailed 2006-08-20, 7:12 pm |
| Zax wrote:
> ["Followup-To:" header set to alt.privacy.anon-server.]
> On Sun, 20 Aug 2006 11:25:07 -0600 (MDT), Borked Pseudo Mailed wrote in
> Message-Id: <5a9c8609af507a6bd1d107a506d7fa69@pseudo.borked.net>:
>
> Agreed. Running lots of remailers is probably the best way to defeat
> the system. Even then it's not easy as all traffic looks the same until
> it hits the exit point. Pinger traffic alone is sufficient to make
> tracking a message back from the exit point hard work.
Along these lines, I have a question.
What would the collective opinion be regarding the generation of dummy
traffic? I realize Windows clients generate some for you, but on a *nix
system or as a matter of added security, if you're generating your
dummy traffic manually how much would you generate and what sort of
"pattern" would people suggest as a good rule of thumb? Some percentage
of real traffic? Something that sets a "level" and then tries to
maintain it by padding real traffic with bogus? Or just a random
smathering of activity based on whim.
If three's an FAQ for this I'd appreciate a LART. ;)
> This only works for remailers where the MTA's don't use TLS encryption.
> Traffic between those with TLS is encrypted with a one-time session key
> that is destroyed after the communication is completed. This is called
> Perfect Forward Secrecy. See http://www.noreply.org/tls for more info.
Excellent point.
| |
| Thomas J. Boschloo 2006-08-20, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Borked Pseudo Mailed wrote:
> Suppose that the US or other first-world governments are concerned enough
> about remailers that they want to read the traffic going through them.
>
> One way is to have their agents run as many remailers as possible.
>
> A second way is to get hold of the secret keys and passwords used by the
> operators of the remailers.
>
> In regard to the second way, they have about 40 remailers whose keys they
> want. They might try a covert entry into the home (that's where most
> remailers are run from if I have it right) of the operator, or they might
> try an electronic 'breakin'.
>
> I don't have a feel for the chances of any of these things succeeding, or
> even if the government would want to bother, but it seems worth
> discussing.
>
> What do you think?
Step one: create as many remailers as you want there to be at some point
in the future.
Step two: eliminate the competition
Step three: Remailers are still useful if you don't piss off the
American government at this point ;-)
This is why legislation and law enforcement may be the greatest threats
to the remailer network. TLA don't have to abide the laws as much as
most remops (take the NSA recently, it is even allowed to ignore the
constitution if the President thinks this is a good way to fight terrorism)
hi,
Thomas
- --
In a non-Democracy no one cares about your opinion.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBROjBDwEP2l8iXKAJAQECUwMfTqH+TYZj
jIkGFSq7vNLuvgnRQQkzWeNW
tCvGa8yAMFDubOhswlrEFiilQ+K3swM+FHJ8wKfZ
l5XUyCvOwywL0ooUPMJAd+sg
t11w1bZsWzU5652ilfZpTxwaTgCGHJ30Dz+Rmw==
=9MJ5
-----END PGP SIGNATURE-----
| |
| anonymous@remailer.hastio.org 2006-08-20, 7:12 pm |
| On Sun, 20 Aug 2006 12:49:57 -0600, Borked Pseudo Mailed wrote:
> Zax wrote:
>
>
> Along these lines, I have a question.
>
> What would the collective opinion be regarding the generation of dummy
> traffic? I realize Windows clients generate some for you, but on a *nix
> system or as a matter of added security, if you're generating your
> dummy traffic manually how much would you generate and what sort of
> "pattern" would people suggest as a good rule of thumb? Some percentage
> of real traffic? Something that sets a "level" and then tries to
> maintain it by padding real traffic with bogus? Or just a random
> smathering of activity based on whim.
Why not encourage flooding?
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.
| |
| George Orwell 2006-08-20, 7:12 pm |
|
On 20 Aug 2006 17:55:31 +0000 (UTC), Zax <admin@bananasplit.info> wrote:
>Agreed. Running lots of remailers is probably the best way to defeat
>the system.
Yes.
>This only works for remailers where the MTA's don't use TLS encryption.
>Traffic between those with TLS is encrypted with a one-time session key
>that is destroyed after the communication is completed. This is called
>Perfect Forward Secrecy. See http://www.noreply.org/tls for more info.
Not exactly. TLS raises the bar, but unauthenticated TLS is vulnerable to
a man-in-the-middle attack. I surveyed all of the TLS capable remailers
and none of them had their certificate signed by a CA. It's a free
service with CAcert.org, so I strongly encourage remailer admins to do this.
Based on public admission to having a domestic phone surveillance program,
we know the govt. has the cooperation of at least some common carriers;
ergo, they have man-in-the-middle capability with trivial effort.
With authenticated TLS, the issue gets back to whether or not the
government would/could break-in (electronic or physical) to steal
the private keys and/or instrument the remailer. The larger the network
of remailers, the more daunting that proposition becomes.
| |
| Nomen Nescio 2006-08-20, 7:12 pm |
| On Sun, 20 Aug 2006 22:00:05 +0200, Nomen Nescio wrote:
>
> This is why it's also good to avoid remailers with "anonymous"
> operators.
That is an interesting thought. How non-anonymous are the remailer
operators? I can think of only one, offhand, whose name I know, and that's
Zax, and that's because he has information about himself on his website.
How non-anonymous do you want remailer operators to be?
> In fact this is one of the most basic tenets of implementing
> any secure setup. Openness promotes security, secrecy detracts from it.
> An almost universal truth that can be aplied to any encryption,
> privacy, or anonymous setup.
| |
| traveler 66 2006-08-20, 7:12 pm |
| On Sun, 20 Aug 2006 22:50:20 +0200 (CEST), Nomen Nescio wrote:
[vbcol=seagreen]
> On Sun, 20 Aug 2006 22:00:05 +0200, Nomen Nescio wrote:
>
>
> That is an interesting thought. How non-anonymous are the remailer
> operators? I can think of only one, offhand, whose name I know, and that's
> Zax, and that's because he has information about himself on his website.
>
> How non-anonymous do you want remailer operators to be?
>
Twisty has some information up as well, but doesn't give to much detail.
| |
|
| ["Followup-To:" header set to alt.privacy.anon-server.]
On Sun, 20 Aug 2006 22:50:20 +0200 (CEST), Nomen Nescio wrote in
Message-Id: <a0b1a354d765cd98cb40d92a7147795f@dizum.com>:
> That is an interesting thought. How non-anonymous are the remailer
> operators? I can think of only one, offhand, whose name I know, and that's
> Zax, and that's because he has information about himself on his website.
Forgot I'd put that on my webpage. It's horribly out of date. :-)
You probably do know some other remailer operators:
randseed Len Sassaman
bunker Ben Laurie
austria Christian Mock
dizum Alex de Joode
tonga Lucky Green
I know a few others but it's not my place to disclose them. As a hint,
check out the THANKS file in the current mixmaster distro.
| |
| Borked Pseudo Mailed 2006-08-21, 1:14 am |
| Nomen Nescio wrote:
>
> That is an interesting thought. How non-anonymous are the remailer
> operators? I can think of only one, offhand, whose name I know, and that's
> Zax, and that's because he has information about himself on his website.
I know half a dozen operators fairly well from several years of hanging
out with them and running a remailer myself for a short period of time.
I know almost all of them by name.
With very few exceptions remailer operator identities aren't a big
secret, they're just not widely broadcast in certain public forums.
> How non-anonymous do you want remailer operators to be?
Completely. There's no reason for remailer operators to be anonymous in
the first place, nothing at all to be gained, and the more open they are
about their operations the more accountable and trustworthy they become.
| |
| Truncat 2006-08-21, 1:14 pm |
|
In my oppinion, if the remailers ever become a big headache for any
country they will just ban
them, this will not stop remailers but would reduce the number of
operators.
But then even if remailers were to be ban all over the World, I am
convinced someone somewhere
will find a way around it, some new system, people are very resourceful,
and then if the state
can put up with encryption which is much easier to use than remailers then
they also can put up
with a much less used service like remailers.
If I were to try an break the remailers network I would concentrate all my
efforts in breaking PGP/GPG
it is the lifeline.
| |
| Deuxpi Admin 2006-08-21, 1:14 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Not exactly. TLS raises the bar, but unauthenticated TLS is vulnerable to
> a man-in-the-middle attack. I surveyed all of the TLS capable remailers
> and none of them had their certificate signed by a CA. It's a free
> service with CAcert.org, so I strongly encourage remailer admins to do this.
It is not my point to contradict you, still a few remailers have their
certificates signed by a CA. Right now, a quick check from the SSL software on
the deuxpi remailer can verify the CA certificates on a few servers: cyberiad,
deuxpi, frell, and tonga (although it has expired). Note that I don't get always
exactly the same results than on http://www.noreply.org/tls/ (perhaps it doesn't
have the CAcert certificate in its path, for example.)
Setting up TLS on a Postfix mail server was quite an easy task. It essentially
sums up to getting the certificate and private key from a CA and adding a few
lines in the main.cf configuration file.
- --
Deuxpi Admin <deuxpi-admin@deuxpi.ca>
http://www.deuxpi.ca/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
iD8DBQFE6cyazQ0RLMqB8s4RAlQRAJ0XuHJzu9K2
ICYDxFHoHkKuOh6UZwCdFVfk
wzdSLtsrjedq0E50OypCxYk=
=GtRY
-----END PGP SIGNATURE-----
| |
| nobody@dantooine.homelinux.net 2006-08-22, 1:14 am |
| This is a Type III anonymous message, sent to you by the Winston Smith
Project Dantooine mixminion server at Dantooine.winstonsmith.info. If
you do not want to receive anonymous messages, please contact pbox-
admin@winstonsmith.info. For more information about anonymity, see
https://www.winstonsmith.info/pws or
https://e-privacy.firenze.linux.it.
-----BEGIN TYPE III ANONYMOUS MESSAGE-----
Message-type: plaintext
In <eccian$e7j$1@bananasplit.info> Deuxpi Admin <deuxpi-admin@deuxpi.ca> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>It is not my point to contradict you, still a few remailers have their
>certificates signed by a CA. Right now, a quick check from the SSL software on
>the deuxpi remailer can verify the CA certificates on a few servers: cyberiad,
>deuxpi, frell, and tonga (although it has expired). Note that I don't get always
>exactly the same results than on http://www.noreply.org/tls/ (perhaps it doesn't
>have the CAcert certificate in its path, for example.)
>
>Setting up TLS on a Postfix mail server was quite an easy task. It essentially
>sums up to getting the certificate and private key from a CA and adding a few
>lines in the main.cf configuration file.
I would be interested in seeing some tutorial info on making TLS available on a windows Mercury32 v4.01a mail server. I've managed to get it to work on POP3, but not on SMTP.
I'm aiming to have TLS as an option, with plain vanilla connections as a fallback.
-----END TYPE III ANONYMOUS MESSAGE-----
| |
| nobody@geonosis.homelinux.net 2006-08-22, 1:14 am |
| This is a Type III anonymous message, sent to you by the Winston Smith
Project Geonosis mixminion server at geonosis.winstonsmith.info. If
you do not want to receive anonymous messages, please contact pbox-
admin@winstonsmith.info. For information about anonymity, see
https://www.winstonsmith.info/pws or
https://e-privacy.firenze.linux.it.
In <op.temvhrgz5ngpqe@ascaron> Truncat <go@away.invalid> wrote:
>
>In my oppinion, if the remailers ever become a big headache for any
>country they will just ban
>them, this will not stop remailers but would reduce the number of
>operators.
>
>But then even if remailers were to be ban all over the World, I am
>convinced someone somewhere
>will find a way around it, some new system, people are very resourceful,
>and then if the state
>can put up with encryption which is much easier to use than remailers then
>they also can put up
>with a much less used service like remailers.
>
>If I were to try an break the remailers network I would concentrate all my
>efforts in breaking PGP/GPG
>it is the lifeline.
problem with that is you probably don't have access to a quantum computer to do the number crunching for you. PGP/GPG is not the problem, it's the algorithms they implement.
| |
| Anonyma 2006-08-22, 1:13 pm |
| On Tue, 22 Aug 2006, nobody@geonosis.homelinux.net wrote:
>
>In <op.temvhrgz5ngpqe@ascaron> Truncat <go@away.invalid> wrote:
>
>problem with that is you probably don't have access to a quantum computer
>to do the number crunching for you. PGP/GPG is not the problem, it's the
>algorithms they implement.
No one does.
| |
|
| This is a Type III anonymous message, sent to you by the Mixminion
server at laforge.system-e.dk. If you do not want to receive
anonymous messages, please contact simono@system-e.dk. For more
information about anonymity, see http://www.mixminion.net/.
In <caa0effdb51fe4c3f2566218202c2a18@deuxpi.ca> Anonyma <anon-bounces@deuxpi.ca> wrote:
>On Tue, 22 Aug 2006, nobody@geonosis.homelinux.net wrote:
>
>No one does.
>
And we're all thankful for that blessing!
| |
| Admin Twisty Creek 2006-08-23, 7:15 am |
| On Sun, 20 Aug 2006 14:03:26 -0700, traveler 66 <noreply@nym.alias.net> wrote:
>On Sun, 20 Aug 2006 22:50:20 +0200 (CEST), Nomen Nescio wrote:
>
>
>Twisty has some information up as well, but doesn't give to much detail.
True, but I also post to other newsgroups using a different from nick name. (I
have slipped up and used that nick here along with my admin key) I prefer to
retain some level of anonymity to protect myself against a common home break in.
I am a pretty well known collector of certain things that I wish to keep in my
possession 
Regards all from sunny Tulsa, OK
And to anyone from OK that might read this, you folks down here are some of the
most friendly and nicest people I have ever met in my life. Just one problem,
the 3.2 weasel piss beer 
|
|
|
|
|