Roger, wilco. I can add at least some of these suggestions into 'igor'.
On Thu, 12 Apr 2001, Phillip H. Zakas wrote:
>
> if the problem is about keeping ourselves out of trouble re: statements or
> association with others on this list, I have some observations:
>
> first-
> if defeating traffic analysis is important, hiding message headers and using
> anonymizing services isn't going to help very much. the existing newsgroup
> system is trackable (even through anonymizing services). The scenario:
> someone watches mr. white. mr. white xmits a message to anonymizing service
> at 9:00pm. at 9:03pm the service routes message to newsgroup. unless the
> message is encrypted for the anonymizing service, decrypted (to reveal
> destination) by the anonymizing service, then delays delivery for a random
> amount of time (5 mintues to 5 hours) to the true destination, the message
> traffic or content could be pegged to a person.
> ...plus i don't fully trust anonymizing services because i haven't met the
> individuals running them, and i've not seen the technology to know there
> isn't a backdoor, etc.
>
> potential solution: need an anonymizing service with encrypted inputs and
> outputs, along with an encrypted gateway between the newsgroup and the
> anonymous service. perhaps several unrelated anonymizing services use the
> newsgroup's public key and only xmits traffic to the newsgroup service using
> that key...plus the key should change every week. and no one should be able
> to send messages directly to the newsgroup, even if the public key is known.
> of course all messages sent to an anonymizing service should be signed using
> the anonymizing service public key, and posters should not be allowed to
> post to the same anonymizing service more than 3-4 times before switching
> services. this can be done if we drop the notion of using a single nym for
> online messages. btw, would not use PGP for the sigs, either. we should be
> doing exactly what govts do...use proprietary algorithms which aren't
> published but are frequently changed. there is enough expertise on this
> list (i belive) to perform basic cryptanalysis on proposed algorithms, and
> if we change the system frequently enough it would cause cryptanalysts a
> tremendous headache -- becomes too expensive to manage if enough messages
> are encrypted over time. we don't need to create a new AES...just need to
> make sure there isn't ever enough traffic flow to crack one system before we
> switch methods/systems. (yep i'm one of those who actually think it's not so
> great to have publicly available algorithms...makes cryptanalysis much
> easier even when an algo. is theoretically unbreakable.)
>
> second-
> perhaps the lawyers in this group could provide a standard disclaimer which
> we could all attach to our sig....you know, something along the lines of
> 'this message is part of an ongoing satire...don't sue me or take me
> seriously...' is this possible?? i assume probably not, but it's worth
> investigating.
>
> third-
> isn't there something terribly anonymous about a huge mailing list like
> this? i mean if we all simply took care of ourselves and went to whatever
> lengths we needed to protect our own identities, why complicate the mailing
> list?
>
> if anyone is interested in exploring the first option above, i'd be willing
> to offer design suggestions or assist in coordinating a red team exercise
> against the system. let me know.
____________________________________________________________________
The ultimate authority...resides in the people alone.
James Madison
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ [EMAIL PROTECTED]
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------