This is too much.

Eelbash freely admits he is running homemade remailer software.

This software is undoubtedly created without knowledge of fine points
of the mixmaster software. What the XXXX is wrong with him? He's now
developing his own because he 'can't make mixmaster work' and 'he
can't make mixmaster decrypt'. Is there something I'm missing? NO! He
see's nothing wrong with this.

I'll say right now, if you use his remailer you are XXXXing crazy.
Any remop who lists this untested, unproven remailer in their stats
is opening the door for other idiots who write their own software and
expect to come online with a week of testing. Who knows what anti-
privacy facilities could be included. This is rogue conduct.

Doesn't it seem odd that eelbash who hates remailer abuse always
wants to run a last hop with full from headers? Ya think maybe he
filters things he doesn't like? He has his own remailer software now.
There's nothing he can't filter. Do you think he's going to allow
anything that would generate heat for him?

Remops, if you list this man in you're stats you are opening the
network to total insanity. If you list him, you can kiss the network
goodbye.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----

Nomen Nescio wrote:
[snip]
> I'll say right now, if you use his remailer you are XXXXing crazy.
> Any remop who lists this untested, unproven remailer in their stats
> is opening the door for other idiots who write their own software and
> expect to come online with a week of testing. Who knows what anti-
> privacy facilities could be included. This is rogue conduct.

Before mixmaster there where lots of different software distributions
which together formed the cypherpunk network. Even Alex de Joode had his
own modified distribution for Replay that allowed to send two different
messages separated by a cutmarks directive (IIRC). Squirrel used the
same IIRC.

There is nothing wrong with different distributions. Some are better
than others. True. Eelbash Admin has proven he cannot code secure
software. True. No-one in their right mind would use Eelbash..
But having different branches of mixmaster software is not a bad thing
per sé.

Thomas
- --
"Forget it. I am taking my own chances now" - Dee, Mean Guns
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

 iQB5AwUBRii90gEP2l8iXKAJAQG86QMfVT3aXeXZ
oQbU66Q3nLobiOmmYxjaDAVh
 qFIS2rTBNJeFK+Xekp99wROy1N9cYdKnd7JNVoL+
b9thcjlp3TMfwhfqwFCAaPsW
TmMUWmHU2eyXuNAOXZSJt/kCubo79pS1BoxnSQ==
=kgA4
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Nomen Nescio wrote:
> [snip] 
>
> Before mixmaster there where lots of different software distributions
> which together formed the cypherpunk network. Even Alex de Joode had his

Of course there were. Remailers at that point in history were more of a
concept than a design specification, and they all used off the shelf
software to provide their low level functions. That's what remailers
were at the time.

Mixmaster changed that, and Mixminion is changing it even further. For
very good reasons. Cobbled together software isn't as reliable or
nearly as secure as well designed, competently operated applications.
There most certainly *is* something wrong with oddball nodes held
together with bubble gum and bailing twine existing on the network. The
baggage they carry with them is the very reason standardized software
and protocols exist today Thomas.

> own modified distribution for Replay that allowed to send two different
> messages separated by a cutmarks directive (IIRC). Squirrel used the
> same IIRC.
>
> There is nothing wrong with different distributions. Some are better
> than others. True. Eelbash Admin has proven he cannot code secure
> software. True. No-one in their right mind would use Eelbash..
> But having different branches of mixmaster software is not a bad thing
> per sé.

That might be true for word processors. It's definitely not true for
security oriented applications.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----

Anonymous wrote:
> "Thomas J. Boschloo" <nospam@hccnet.nl> wrote: 
>
> Of course there were. Remailers at that point in history were more of a
> concept than a design specification, and they all used off the shelf
> software to provide their low level functions. That's what remailers
> were at the time.
>
> Mixmaster changed that, and Mixminion is changing it even further. For
> very good reasons. Cobbled together software isn't as reliable or
> nearly as secure as well designed, competently operated applications.
> There most certainly *is* something wrong with oddball nodes held
> together with bubble gum and bailing twine existing on the network. The
> baggage they carry with them is the very reason standardized software
> and protocols exist today Thomas.

I have to disagree. There is a protocol specification like the RFCs for
usenet. Any application can implement that protocol (with MUSTs, SHOULDs
and MAYs) and the more the better because if one branch of software is
broken, others will ensure your privacy.

Right now, if a serious flaw is discovered in the server part of
mixmaster, a lot of good remailers are affected and all users having
used them are at danger of losing their 'privates' (sorry, bad SK joke)

Thomas
- --
"Forget it. I am taking my own chances now" - Dee, Mean Guns
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

 iQB5AwUBRij+LgEP2l8iXKAJAQFbNQMffFCuOX2W
AxpU3piRXlha3gTvIlvUF5Pc
xeFxbt2Qru1Nz+2/ 4aOIoSDktVOuzaFbGHvdW9RWIWXPjTdNh+yZgtLW
55p6wQZL
 1Axpww8pFwESmDdPNPmCm2dSuw18HPQTTSx9BA==

=ii4A
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
 
>
> I have to disagree. There is a protocol specification like the RFCs for
> usenet. Any application can implement that protocol (with MUSTs, SHOULDs
> and MAYs) and the more the better because if one branch of software is
> broken, others will ensure your privacy.

You're not disagreeing, you're restating exactly what I said. There was
a general "guideline" in place regarding what all remailers should do,
but remailers themselves used off the shelf software in a "cobbled
together" fashion to implement it.

You're confusing "RFC's", which are ideas, with the actual
implementations of an idea. Partly because my usage of "design
specification" was vague and lead you down that wrong road. ;)

> Right now, if a serious flaw is discovered in the server part of
> mixmaster, a lot of good remailers are affected and all users having
> used them are at danger of losing their 'privates' (sorry, bad SK joke)

This is a good thing. Not only does it mean serious flaws in a given
remailer are far more likely to be discovered, they can be fixed
efficiently. Without this sort of standardization there would be more
serious flaws, they'd be far less likely to be discovered, correcting
them would be hit and miss even in the best case scenario of them being
unearthed, and the overall security of the remailer network would be
considerably less than it is as a result.

Nothing is perfect. Flaws of all types are going to pop up from time to
time. Standardization makes them manageable. Willy-nilly bastardization
of even a good idea only promotes more, unmanageable problems. The idea
that flaws in a system have less impact when everyone just "does their
own thing" is way out of touch with reality.

And it doesn't even scratch the surface of "reality". So called serious
problems would be the least of our worries. It would be the relatively
minor problems that would cause the most trouble. I remember it
actually being that way in the good ol' days. Different PGP versions
causing breakage and huge "black holes" in the network, for instance.

There's absolutely nothing good about operators rolling their own
remailer software. If that weren't true the current remailer network
would be little more than the collection of third party utilities and a
few scripts that it started out as, and Mixminion wouldn't be removing
the last major chunk of outside influence. ;)

[ Post a follow-up to this message ]