Re: Remailers an unsolveable paradox?
-- On 4 Sep 2004 at 21:50, Nomen Nescio wrote: > The ratio of remailer use to abuse is painfully low because > there's no way to actually communicate. You can broadcast but > not recieve, because no system exists to receive mail > psuedononymously. This is not communication. > > Remailer use is restricted to when senders don't care about > listener, which means rants, death threats, and the abuse > of spam. The only systems for receiving mail are at best some > college student's unimplemented thesis. alt.anonymous.messages provides a channel for people who wish to receive messages without themselves being identified. If I want to receive a message without providing and email address that can be traced, I ask the recipient to post in in the newsgroups such as alt.anonymous.messages. For obvious reasons people who read alt.anonymous.messages, or think they might need to read it in the future, download the newsgroup in its entireity. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG fzparMQ1YGMHFGGQ4eabvrdbfX3oQPnGSeUNNkuX 4UV3sPQUJdBwqav34D5pBXRBNtLg+GX5dxE+YM5P8
Re: Remailers an unsolveable paradox?
Tyler Durden wrote: The hascash idea is OK, and obviously will work (as of now...the dividing line between human and machine is clearly not static, and smarter spam operations will start doing some segmentation analysis and then find it worthwhile to pay up). But the kind of person that may have legitimate need of a remailer may not understand and/or trust what would probably be necessary to use hashcash. And OK "that's their tough luck", but then I always feel there's safety in numbers. Since you already have to use a special client to inject email to the remailer network, they would have no need to understand hashcash. It would just happen. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
Re: Remailers an unsolveable paradox?
This is a Type III anonymous message, sent to you by the Mixminion server at mercurio.mixmaster.it. If you do not want to receive anonymous messages, please contact [EMAIL PROTECTED] -BEGIN TYPE III ANONYMOUS MESSAGE- Message-type: plaintext Nomen Nescio <[EMAIL PROTECTED]> wrote: > The ratio of remailer use to abuse is painfully low because there's no way > to actually communicate. You can broadcast but not recieve, because no > system exists to receive mail psuedononymously. This is not communication. Mixminion (http://www.mixminion.net) supports secure two way communication. The current release uses an insecure mix algorithm which facilitates debugging. This will change. -END TYPE III ANONYMOUS MESSAGE-
Re: Remailers an unsolveable paradox?
On Sat, Sep 04, 2004 at 09:50:14PM +0200, Nomen Nescio wrote: > Let's take our shining example of truth and freedom, the whistle-blower. > When they send out mail to the media or whomever, one of two things happens: > they see the story published or they don't. If not, there's no idea why: was > it received? Did the media want more information? Did they need more > support? Do they want to verify it? Do they want to help the whistle-blower? > Even if the story is published, whistle-blowing is kneecapped: it can't be > supported, or expanded on, or debated in any but the most rudimentary > fashion. It's easy. The whistleblower says: if you want more info, post your questions encrypted with this PGP key I just generated to alt.test.messages with a subject that contains "Fluffy Bunnies", and I will reply to you. Of course they'll want to trash that key pretty quickly afterward, since it's "proof" that they where the whistleblower. Obviously that is more technical that many journalists could handle, but nothing saying it can't be largely automated with a web frontend stuck on it. And don't most/all remailers support responder blocks? -Jack
Re: Remailers an unsolveable paradox?
> We want to be able to provide the means for whistleblowers and > others to communicate in a secure and anonymous fashion. Yet we need > to make sure we're not abused too much since sooner or later laws > will catch up with the remailers should abuse sky-rocket. The ratio of remailer use to abuse is painfully low because there's no way to actually communicate. You can broadcast but not recieve, because no system exists to receive mail psuedononymously. This is not communication. Remailer use is restricted to when senders don't care about listener, which means rants, death threats, and the abuse of spam. The only systems for receiving mail are at best some college student's unimplemented thesis. Let's take our shining example of truth and freedom, the whistle-blower. When they send out mail to the media or whomever, one of two things happens: they see the story published or they don't. If not, there's no idea why: was it received? Did the media want more information? Did they need more support? Do they want to verify it? Do they want to help the whistle-blower? Even if the story is published, whistle-blowing is kneecapped: it can't be supported, or expanded on, or debated in any but the most rudimentary fashion. It doesn't matter if remailers disappear, they've already failed.
Re: Remailers an unsolveable paradox?
Spam is the least of the problems for remailers when it comes to abuse. You should be more concerned about possible liability for illegal messages. In a way, spam has actually made the remailer operator's life easier as people today are used to receiving annoying and obscene email. Ten years ago, when I ran a remailer, people were genuinely shocked to receive unsolicited pornography. Yes, it's hard to believe today, but in those quaint times, when the Internet was in black and white, most users got only a few email messages a day and they were all from their friends, family and co-workers. As far as spam, next-generation remailers should incorporate hashcash, www.hashcash.org, to make sending an anonymous message relatively costly. Let it take a minute or more to generate the "stamp" necessary for a message to enter the remailer system and spam will not be a problem, while legitimate users will have no barrier. Hal
Re: Remailers an unsolveable paradox?
Variola wrote... >Making sure we have robust remailing services in one shape or >another and at the same time have some kind of at least indirect >acceptance from legislators and also a low degree of spam flowing >through are essential goals. Any legislator seeking to control how people use a communications medium needs killing. Well, although the sentiment is appreciated, I'm not sure it's well applied in this case. What this guy seems to be saying is that it's better to 'solve' the SPAM problem now rather than waiting for legislators to use Spam as a reason to try to shut down the remailers (and this seems distinctly possible particularly if George W makes it to his 3rd term!). I don't think the guy is looking for state-ish 'OK', but pointing out that things get a lot more difficult if/when remailers or their use is outlawed. Like back in the day when I used to toke on a regular basis...I sure was going to keep scoring nicklebags and whatnot, but my count would probably have been better at my potstore if it were legal. (And yes, a potstore...there's tons of them in NYC with plexiglass walls and a few canned food props lying around. You stand in line and order your nickel/dime bag just like buying tokens.) The hascash idea is OK, and obviously will work (as of now...the dividing line between human and machine is clearly not static, and smarter spam operations will start doing some segmentation analysis and then find it worthwhile to pay up). But the kind of person that may have legitimate need of a remailer may not understand and/or trust what would probably be necessary to use hashcash. And OK "that's their tough luck", but then I always feel there's safety in numbers. -TD _ Get ready for school! Find articles, homework help and more in the Back to School Guide! http://special.msn.com/network/04backtoschool.armx
Re: Remailers an unsolveable paradox?
> What are the possible solutions for the remailers? Make all > remailers middleman only and adding the ability to opt-in for Open wireless access points. No one said you are entitled to mail anonymously from the comfort of your home/office. Stop whining. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail
Re: Remailers an unsolveable paradox?
At 01:30 PM 9/1/04 +0200, Nomen Nescio wrote: > Yet we need >to make sure we're not abused too much since sooner or later laws >will catch up with the remailers should abuse sky-rocket. You need a Bill of Rights that specifies freedom of expression, and judges that understand it. Since you appear to be European, where eg singers can be busted for singing political songs, these ideas may be foreign to you. > Using techniques like Hashcash should be >more or less mandatory even today to make it harder to mailbomb or >send large amounts spam? Why is it not? Because when someone tells us that something is *mandatory*, we tell them to fuck off, and we put them on our watch list. OTOH nothing prevents you from 1. implementing a hashcash-based node 2. automatically filtering what you receive. >Regardless of what any hardcore cypherpunk or old-timers in the >remailer community may think about any ideas imposing restrains on >the useability of remailers something just have to be made about the >abuse of the system. Will no one think of the chiiildren? >Making sure we have robust remailing services in one shape or >another and at the same time have some kind of at least indirect >acceptance from legislators and also a low degree of spam flowing >through are essential goals. Any legislator seeking to control how people use a communications medium needs killing. >The average naive and ignorant redneck will never ever understand >the principal arguments for free speech that makes remailers useful. That's why mob rule^H^H^H^H democracy loses to the constitution. If you don't have the latter, you suffer the former. >The average american do not think and analyze what is told to him. Well duh. >Since providing a true non-censoring remailing service and at the >same time safeguard against spam and abuse are therotically >incompatible I guess remailers are indeed a paradox waiting to be >shut down sooner or later by politicians if we're not open to at >least discuss some aspects of how these services are operated. Why not use one of those "are you human" visually-distorted checks that various websites use? That is robust to automated spam. Adding *voluntary* hashcash to remailer injection nodes is another layer of defense in depth against spammers. BTW, while spam is abuse, is a threatening message really abuse, or just uncomfortable feedback?
Re: Remailers an unsolveable paradox?
Nomen Nescio wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Are remailers an unsolveable paradox? Yes. Adios, Lemuria. Hate to see you go, but I understand completely. -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not "It's just this little chromium switch, here." - TFS SpamAssassin->procmail->/dev/null->bliss http://www.rant-central.com
RE: Remailers an unsolveable paradox?
Some good points, Johnny. I'm not convinced Spam and the remailers are inherently incompatible. Or at least, I'm thinking there's a sort of uncertainty principle that should work between legit remailable messages and spam. it may be a tricky business, but I suspect that the need of spammers to send out huge numbers of messages may be exploitable. Hell...they may in some ways be an asset if handled correctly: Much easier to hide remailed messages in larger torrents than in sparsely trafficked remailer networks. And of course, it may be that the need to sell goods (ie, from a specific URL) means that anonymity is not so useful, particularly if there are time+bandwidth constraints on portions of the network (eg a remailer has a max bandwidth that gets throttled back if there's a large woosh of traffic in a certain period of time). So I don't think the problem is unsolvable, but I agree with your essential point that it needs looking into. -TD From: Nomen Nescio <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Remailers an unsolveable paradox? Date: Wed, 1 Sep 2004 13:30:01 +0200 (CEST) -BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are remailers an unsolveable paradox? We want to be able to provide the means for whistleblowers and others to communicate in a secure and anonymous fashion. Yet we need to make sure we're not abused too much since sooner or later laws will catch up with the remailers should abuse sky-rocket. Once upon a time all email servers were open relays. This was a friendly time and spam wasn't invented. As time changed the focus turned on securing the relaying procedures and has continued until this day. Yet as we know the flow of spam (most of it coming directly or indirectly from US) continued to increase, despite even existing legislation today. What are the possible solutions for the remailers? Make all remailers middleman only and adding the ability to opt-in for delivery outside the network? Having a network of middleman remailers and some nymservers that only delivers to other nymserver or opted-in servers will at least provide some means for people to communicate between themselves. It would in practise destroy the ability to contact anyone outside the network though, making the network an isolated place for a few. Using techniques like Hashcash should be more or less mandatory even today to make it harder to mailbomb or send large amounts spam? Why is it not? Regardless of what any hardcore cypherpunk or old-timers in the remailer community may think about any ideas imposing restrains on the useability of remailers something just have to be made about the abuse of the system. I also predict that the abuse will increase so time is ticking in a sense. Making sure we have robust remailing services in one shape or another and at the same time have some kind of at least indirect acceptance from legislators and also a low degree of spam flowing through are essential goals. The average naive and ignorant redneck will never ever understand the principal arguments for free speech that makes remailers useful. The average american do not think and analyze what is told to him. You will probably today find millions of americans who believe that Saddam and Al-Qaeda did business just because Bush and the administration lied about that initially, even though it's more or less confirmed today that those links were not there. The rednecks also vote however (to some extent) and that's why it will be a piece of cake to strike against the remailers if the politicians would like to. And they will, if and when serious abuse were to happen more often utilizing remailers. What would happen if it was found (or simply suspected or claimed) that some terror deed was planned using remailers? How long time would it take for us to see new laws being proposed? Not long. And don't forget that anyone (like Tom Ridge himself) could send bogues messages through the system trying to Since providing a true non-censoring remailing service and at the same time safeguard against spam and abuse are therotically incompatible I guess remailers are indeed a paradox waiting to be shut down sooner or later by politicians if we're not open to at least discuss some aspects of how these services are operated. Johnny Doelittle -BEGIN PGP SIGNATURE- Version: Tom Ridge Special v1.01 iQA/AwUBQTWdszVaKWz2Ji/mEQJlUwCfT/jWnw/p2ydTJTKMYKA5/hs+Dm8AoNoE r9bl2EtJ3CQpZPgfkSPfGBWB =B8dt -END PGP SIGNATURE- > Effective today, Lemuria will be going middlemen. > > Sometime around the middle of the month, Lemuria will go away. > > This is final. > > > The main reasons are that I've lost my faith in the usefulness of > the remailer network. I have indications that the remailer network > is > being massively abused, on the scale where the legitimate mails are > a tiny fraction that w
Remailers an unsolveable paradox?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Are remailers an unsolveable paradox? We want to be able to provide the means for whistleblowers and others to communicate in a secure and anonymous fashion. Yet we need to make sure we're not abused too much since sooner or later laws will catch up with the remailers should abuse sky-rocket. Once upon a time all email servers were open relays. This was a friendly time and spam wasn't invented. As time changed the focus turned on securing the relaying procedures and has continued until this day. Yet as we know the flow of spam (most of it coming directly or indirectly from US) continued to increase, despite even existing legislation today. What are the possible solutions for the remailers? Make all remailers middleman only and adding the ability to opt-in for delivery outside the network? Having a network of middleman remailers and some nymservers that only delivers to other nymserver or opted-in servers will at least provide some means for people to communicate between themselves. It would in practise destroy the ability to contact anyone outside the network though, making the network an isolated place for a few. Using techniques like Hashcash should be more or less mandatory even today to make it harder to mailbomb or send large amounts spam? Why is it not? Regardless of what any hardcore cypherpunk or old-timers in the remailer community may think about any ideas imposing restrains on the useability of remailers something just have to be made about the abuse of the system. I also predict that the abuse will increase so time is ticking in a sense. Making sure we have robust remailing services in one shape or another and at the same time have some kind of at least indirect acceptance from legislators and also a low degree of spam flowing through are essential goals. The average naive and ignorant redneck will never ever understand the principal arguments for free speech that makes remailers useful. The average american do not think and analyze what is told to him. You will probably today find millions of americans who believe that Saddam and Al-Qaeda did business just because Bush and the administration lied about that initially, even though it's more or less confirmed today that those links were not there. The rednecks also vote however (to some extent) and that's why it will be a piece of cake to strike against the remailers if the politicians would like to. And they will, if and when serious abuse were to happen more often utilizing remailers. What would happen if it was found (or simply suspected or claimed) that some terror deed was planned using remailers? How long time would it take for us to see new laws being proposed? Not long. And don't forget that anyone (like Tom Ridge himself) could send bogues messages through the system trying to Since providing a true non-censoring remailing service and at the same time safeguard against spam and abuse are therotically incompatible I guess remailers are indeed a paradox waiting to be shut down sooner or later by politicians if we're not open to at least discuss some aspects of how these services are operated. Johnny Doelittle -BEGIN PGP SIGNATURE- Version: Tom Ridge Special v1.01 iQA/AwUBQTWdszVaKWz2Ji/mEQJlUwCfT/jWnw/p2ydTJTKMYKA5/hs+Dm8AoNoE r9bl2EtJ3CQpZPgfkSPfGBWB =B8dt -END PGP SIGNATURE- > Effective today, Lemuria will be going middlemen. > > Sometime around the middle of the month, Lemuria will go away. > > This is final. > > > The main reasons are that I've lost my faith in the usefulness of > the remailer network. I have indications that the remailer network > is > being massively abused, on the scale where the legitimate mails are > a tiny fraction that would be better served using other means. > > There are two main reasons for my thoughts. One is I have looked at > the bounces I receive, and compared their numbers to my statistics. > According to that data, without having run a statistically > significant analysis, the major traffic coming through Lemuria is > Spam, with > threats and harrassment a second. I realize that in the no-bounces, > the fraction of legitimate mails will be higher, but even assuming > a factor of 10, it is still a negligable part. > > Second, I've the mail attached below yesterday. In case you can't > read german, it is essentially spam advertising the mixmaster > software and some book and/or software I haven't tested, might be a > mixmaster > client, might be a trojan. This is a sign for me that the anonymous > remailer network is being used systematically for abuse, on a large > scale. I don't want to be a part of that. > > As mixmaster has no features whatsoever to prevent this crap, and > the "encrypted only" switch doesn't do wha
Re: Remailers an unsolveable paradox?
Remailers remain effective when you run your own as the first hop and accept no incoming remail. To be sure, if everyone did that no remailer would accept remails. Shhh.