[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freehaven-dev] Mixminion anonymous remailer enters alpha
Mixminion is a design and implementation effort to build an improved
and documented mix network for the Internet. We have a design document
describing our intuition and the start of a security argument; a
specification (in progress) with byte-level details of how to implement
a Type III (Mixminion-compatible) remailer; and a working alpha that
implements a subset of the spec.
Please check it out at http://mixminion.net/ and let us know what you
think. Below I've included the latest release notes.
Thanks,
--Roger
==============================================================================
This is Mixminion version 0.0.2.1.
CONTENTS:
I. Overview
II. What's new in this version
III. How to upgrade
IV. How to install
V. How to send messages
VI. How to run a server
VII. How to report bugs and suggestions
VIII. Future interoperability
IX. How to contribute
I. OVERVIEW
===========
Mixminion is the standard implementation of the Type III anonymous remailer
protocol, which lets you send very anonymous email. This best-of-breed
remailer uses conservative design approaches to provide security against most
known attacks. We chose a simple, extensible design so that we can provide a
robust core system and then experiment with new research features such as
dummy policies, directory servers, and reputation systems.
You can find the latest information at http://mixminion.net/, or on the
mailing list, archived at http://archives.seul.org/mixminion/dev/. Please
consider subscribing, especially if you're going to run a node.
This is a testing alpha release. You will probably only want to use it if
you are technically inclined, curious, and interested in helping the
Mixminion development effort.
WARNING! Do NOT use this release if you require strong anonymity. It has
known deficiencies, including some that make it possible for an adversary
to trace your message through the system.
II. WHAT'S NEW IN THIS VERSION?
===============================
NEW IN VERSION 0.0.2.1:
- BUGFIX: A nasty bug is fixed that could, under just the right
circumstances, send the server into an infinite loop and fill up your
hard drive. If you're running a server, you *should* upgrade.
- Server log messages are more reasonably structured.
- setup.py is more clever about half-installed Python.
- "list-servers" now supports the same directory-download options as
does "send".
NEW IN VERSION 0.0.2:
- A real SMTP exit module to relay messages via a local MTA. Blacklisting
is supported by address, by username, by host, by entire domain, and
by regular expression.
- Integrated directory support for clients.
- Automatic path selection, along with a better user interface to specify
paths.
- You can now enable Cottrell (DynamicPool) and Binomial Dynamic Pool
batching, though they are disabled by default to make the system more
testable.
- Servers resist certain trivial DoS attacks more strongly. In
particular, you should no longer be able to send zlib bombs or flood a
server with open connections.
- Clean build process under FreeBSD.
- Ability to run server as a daemon.
- Slightly better documentation and error messages.
- Better resistance to newline corruption of server descriptors.
- Other bugfixes and performance improvements too numerous to mention.
NEW IN VERSION 0.0.1:
- You can run a rudimentary server that can deliver to other Mixminion
servers, that can use Mixmaster to deliver to any external address,
or that sends SMTP directly to a preconfigured set of addresses.
- You can send anonymous email via these servers.
STILL NOT IN THIS VERSION:
- There is no client interface for sending replies or generating reply
blocks (the code is written but not exposed).
- We could use some man pages.
- IP-based restrictions don't work.
- No automatic key generation or server publication.
- No support for distributed directories.
- MMTP does not exactly follow the specification yet.
- Other stuff too numerous to mention; see TODO.
III. HOW TO UPGRADE FROM MIXMINION 0.0.1
========================================
Just follow the installation instructions below. :)
Be aware that the client command line has changed significantly since version
0.0.1, and there are important new options in the server configuration file.
IV. HOW TO INSTALL MIXMINION
============================
The quick version.
------------------
<download and unpack http://www.mixminion.net/dist/Mixminion-0.0.2.1.tar.gz>
% cd Mixminion-0.0.2.1
% make download-openssl
% make build-openssl
% make
% make test
EITHER:
% su
Password:
# make install
OR:
% make install PREFIX=~
The verbose version.
--------------------
1) You must have Python version 2.0 or later installed on your system. The
binary may be called "python", "python2", "python2.X", or something else.
If you don't have Python >=v2.0, go install it. You can find source and
binary distributions at http://www.python.org/.
2) If you have OpenSSL version 0.9.7beta3 or later, go to step 4.
Otherwise, continue.
3) Run "make download-openssl".
4) Run "make build-openssl". If this step fails, OpenSSL didn't build
correctly on your system. Go read contrib/openssl/INSTALL, and make
OpenSSL build.
5) Run "make". If you get any errors, please report them to
<nickm@freehaven.net>.
6) Run "make test" to run Mixminion's unit tests. If you get any errors,
please report them to <nickm@freehaven.net>.
7) Run "make install" to install Mixminion. You may need to be root to
execute this command. By default, Mixminion will install itself relative
to your python distribution. If you want to install somewhere else (e.g.
/home/miniond/), run "make install PREFIX=/home/miniond".
A script called "mixminion" will be created in the 'bin' directory
relative to your prefix, or in the same directory as the python
executable if no prefix is provided. To make sure that everything was
installed correctly, you can run "mixminion unittests".
V. HOW TO SEND MESSAGES VIA MIXMINION
=====================================
Just run one of the following command lines:
mixminion send -t <email address> -i <filename to send>
OR mixminion send -t <email address> (to read from stdin)
OR mixminion send -t <email address> -i - (also reads from stdin)
Mixminion will then take the following steps:
A) Download and validate the latest server directory.
(But only if you haven't done so since midnight GMT.)
B) Select a path that ends at a server with SMTP support.
(Currently, this defaults to 4 hops.)
C) Read your message.
D) Construct a Type III Mix packet containing your message.
(For more information, see the links at http://www.mixminion.net/)
E) Send the message to the first server in your path.
To see a list of currently known servers, type:
mixminion list-servers
To force a reload of the server directory, type:
mixminion send -t <address> [-i <file>] -D yes
To send a message _without_ reloading the directory, type:
mixminion send -t <address> [-i <file>] -D no
To reload the directory without sending a message, type:
mixminion send -D yes
OR mixminion update-servers
To force a path of a given length, type:
mixminion send -t <address> [-i <file>] -H <number of hops>
You can change the default by editing ~/.mixminionrc
To specify a path manually, type:
mixminion send -t <address> [-i <file>] -P <path>
The argument <path> must be a comma separated list of either:
(a) Server nicknames as given by 'list-servers'
(b) Paths to files containing server descriptors [more info below]
For example, to send a message through the servers Foo, Bar, Baz, and
Quux, you would type "-P Foo,Bar,Baz,Quux."
If you only care about the servers at the beginning or end of your
path, you can include a wildcard, like this:
-P 'Foo,*' [Path that starts with Foo]
-P '*,Foo' [Path that ends with Foo]
-P 'Foo,Bar,*,Quux' [Path that starts with Foo and Bar,
and ends with Quux]
{ADVANCED} By default, the swap point will be halfway through
the path (rounding up). To specify a swap point explicitly, use
a colon in your path, as in:
-P 'Foo,Bar:Baz,Quux' [Swap headers at server Bar]
--swap-at=<n> [Swap headers at the n'th server]
If you don't know what a swap point is, don't worry. :)
To send a dummy message, specify "drop" instead of an email address, as in:
mixminion send -t drop
mixminion send -t drop -P '*,Foo'
mixminion send -t drop -H 8
If you need to use a proxy server to use the web you can specify it using the
http_proxy environment variable:
export http_proxy=http://proxy:3128/
mixminion send -D yes
VI. HOW TO RUN YOUR OWN MIXMINION SERVER
========================================
1) Create a copy of the "etc/mixminiond.conf" file from the
mixminion distribution and place it where you like. Mixminion will
automatically look in ~/.mixminiond.conf, ~/etc/mixminiond.conf, and
/etc/mixminiond.conf. However, you can store it anywhere.
2) Edit mixminiond.conf to reflect your own system settings.
3) Run your server for the first time:
"mixminion server -f <path to mixminiond.conf>"
(The -f flag and path is only necessary if you placed the
configuration file somehwere other than ~/.mixminiond.conf,
~/etc/mixminiond.conf, or /etc/mixminiond.conf.)
5) To try out your server, clients will need a copy of your server
descriptor, which should be stored in $SERVER_HOME/keys/key_*/ServerDesc.
For example, if your mixminiond.conf contains the following line:
Homedir: /home/mixminion/spool
Then your first server descriptor will be stored in:
"/home/mixminion/spool/keys/key_0001/ServerDesc".
Mixminion supports a global directory of server descriptors. Until you
are listed in that directory, clients can import your ServerDesc file
(if they have a copy) by hand by running:
mixminion import-server <filename>
6) When you're ready to advertise your server, email your server descriptor
(PGP-signed, if possible) to <nickm@freehaven.net>. I'll try out your
server for a while and then add it to the directory.
WARNING: We don't have statistics yet, so the system isn't robust in
the presence of unreliable servers in the directory. Please let me
know if you're going to take down a server, and please don't publish a
server if you don't think you can keep it up for a good while.
{This step will be more automated in later versions.}
VII. HOW TO REPORT BUGS AND SUGGEST NEW FEATURES
================================================
Just email <nickm@freehaven.net>.
For help in debugging, please try to send a copy of:
* What command you were running
* The complete error you got, including stack trace (if any)
If your error occurred on a running server, please make a copy of your
log--it might be helpful.
VIII. FUTURE INTEROPERABILITY
=============================
Mixminion is not yet feature complete. As the software moves closer to
official release, backwards-incompatible changes *WILL* be introduced.
Future versions of Mixminion, including future versions in the 0.x track, may
reject messages from older versions as additional security features are
added.
Furthermore, the present preview versions include necessary diagnostic
features that potentially compromise anonymity and would be inappropriate in
a production system; these features will be removed or disabled by 1.0.
IX. HOW TO CONTRIBUTE
=====================
Send patches to <nickm@freehaven.net>. If you can, please submit unified
diffs against the latest version of the code in CVS.
Make sure to run 'make test' before you send in any patches, so you can see
whether your patch broke existing code. (It's okay if you're not sure how to
fix the test, but please let me know when you send your patch.)
==============================================================================