[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(FWD) Re: Remop inbreeding, or, the 'kidnap Len' attack



(Forwarding from Kat, because she's not subscribed as this address.)

----- Forwarded message from owner-mixminion-dev@freehaven.net -----

Date: Thu, 13 Mar 2003 14:04:59 -0500 (EST)
From: Katherine <kat@city.haze.net>
To: Mixminion Development <mixminion-dev@freehaven.net>
Subject: Re: Remop inbreeding, or, the 'kidnap Len' attack

I've been out of pocket for a while, so I apoligize for this reply coming
so late.

I also hope no one has kidnapped Len :)

I have a few thoughts on all of this:
1) The obvious (ie easier said than done) way to overcome this attack is
to have it where remops can not reveal the contents of messages and
traffic logs.  Leaving the no-logging thing aside for now, automatic
generation of keys that the operator can not access means that I can't
save Len even if I wanted to.  I don't know how possible/practical this
is.

2) It is very dangerous to continue saying that all remops would have to
be compromised and/or cooperate to reveal the identity of a user.  This is
false.  Frog-admin, running two remailers (azerty and frog) tracked a user
through (IIRC) azerty-noisebox-frog.  Granted, this was part of a flood
making tracking much easier, but is something perhaps to bear in mind.  I
don't think the issue is proving anything, but narrowing it enough to get
a warrant and harass the person into a confession.

3) And don't forget it's not just TLA's, but corporations and angry
ex-husbands, etc.

4) About the sending of "No one has asked for my keys today" notices: see
http://www.librarian.net/technicality.html.  I'm not a lawyer, don't know
if this would work.  If they ask for your keys and you're not supposed to
tell anyone, does that mean you can't tell by action, or that you can't
send any signals even by inaction?  And would you want to wait in jail
while lawyers argue about that? :)

Kat
(who wouldn't even consider giving up her keys for someone like Len ;P )


----- End forwarded message -----