[SGVLUG] Internet privacy

John E. Kreznar jek at ininx.com
Fri Jun 5 20:31:35 PDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In a posting purporting to be from "Emerson, Tom (*IC)"
<Tom.Emerson at wbconsultant.com> but lacking a digital signature, it is
written:

>> -----Original Message----- Of Charles Wyble

>> Uh..... ok..... *backs away slowly*

> Charles -- what he's talking about is...

Ah!  Thanks, Tom, for perceiving that incomprehensibility of my
posting might have been what elicited Charles' response.  I had
assumed that he understood all right but is disdainful of privacy.

Maybe you could clarify, Charles?

> [...]

> Basically, if a sniffer were to be installed at his ISP and
> triggered on traffic from his IP address, all it would capture would
> appear to be "noise" - like clockwork, a "block" of text goes out to
> a remailer.  Every now and then, however, one of those "noise"
> packets actually contains "signal", but due to the use of strong
> encryption, the "signal" packets are indistinguishable from the
> "noise" packets to the casual observer (and, hopefully, even to the
> trained observer)

That they're indistinguishable and go out like clockwork is the
critical part -- the ratio of "signal" to "noise" doesn't matter.

> There are risks associated with this, not the least is the fact that
> he's doing it in the first place (by your own comments on this
> thread, as a "casual observer" I take it you've already come to this
> conclusion anyway...)  For instance, if one of the remailer
> decryption keys gets compromised (and that fact kept secret from the
> owner and users of the remailer), then it would quickly become
> evident which packets he sends are "signal" and which are "noise";
> and in turn those doing the surveilance would know what he's taking
> on the inbound side.

Not really.  The originator of the message chooses a chain of many
remailers and encrypts his message to the public key of each remailer
in reverse order.  Each remailer knows the identity of its neighbors
in the chain, but that's all.  Except the exit remailer, but by then
the originator is untraceable.

So compromise of several keys would be needed to do what you say.

> Of course, there is another tactic that "big brother" could use to
> force John to surrender his equipment for inspection: "poison" the
> alt.anon stream with questionable (i.e., ilicit) content [kiddie
> porn would be a sure-fire bet...] then issue a warrant or subpeona
> based on un-encrypted bits entering his premises...

> [but I'm sure you've already thought about those scenarios, right
> John?]

It's a frequent subject of dialogue in places like Usenet newsgroup
alt.privacy.anon-server and the cypherpunks mailing list.  Anonymity
is vulnerable for the reasons you cite.  But there are many ways to
achieve strong anonymity on the Internet, and privacy-lovers can keep
ahead of the game.

- -- 
 John E. Kreznar jek at ininx.com 9F1148454619A5F08550 705961A47CC541AFEF13
     Life in a glass house is for the politically correct.
     The rest of us want some privacy.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>

iD8DBQFKKeKnYaR8xUGv7xMRAnzTAJ9yVkBluXJg+j9svj+CZs/+S3X/jACfVMMt
JcUrt4liJUlc+Xi6WhRdgDA=
=l84w
-----END PGP SIGNATURE-----



More information about the SGVLUG mailing list