Public Anonymity

Dave Bird dave at xemu.demon.co.uk
Sun, 21 Oct 2001 18:54:01 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <B7F881F5.F02E%peter.fairbrother@ntlworld.com>, Peter
Fairbrother <peter.fairbrother@ntlworld.com> writes
>> Dave Bird wrote:
>
>
>> In article <B7F7BCB7.F002%peter.fairbrother@ntlworld.com>, Peter
>> Fairbrother <peter.fairbrother@ntlworld.com> writes
>
>>> It might help, but if there are laws requiring _all_ ISP's, remailers, and
>>> mixmasters to reveal everything, which is where it seems we may be going,
>>> then it will do no good. Only public anonymity systems will work here
>>> (public refers to _all_ the workings of the communication system being
>>> public, with the exception of your own internal processing of data. I assume
>>> you trust yourself, and can secure your own computer/brain).
>>> All non-public systems (most of the usual anonymity systems except stego)
>> 
>> You see I'm not sure what you mean by "anonymity" or "public anonymity"
>
>Anonymity is address hiding, hiding the addresses of both sender and
>recipient. Public anonymity is address hiding when all the workings of the
>transmission medium are public, ie you can't use remailers that perform
>secret operations.
>
>[snipped here and there]

 OK; most people use "anonymous" in the plain-English sense that the
 address information is hidden from the intended recipients, not
 simply from intermediate stations. 

 You are correct that I have ignored a form of public address-hiding
 where everyone sends messages to alt.anonymous.messages or whatever....
 you download the whole lot and then sort out what decrypts to you
 (I am assuming: because even your ISP may record what articles you
 downloaded, if you download selectively).  This is the equivalent
 of an advert in the personal column of the Times.  It is used where
 people are utterly paranoid that no traffic should be detected to
 the recipient. Thousands or millions of recipients get the message
 and all but one are ignorant of the true content. It would be like
 sending emails, possibly encrypted to recipient, by a news-type
 method as in alt.a.m;  well, IRC sends each message everywhere 
 and only the intended recipients use it. 

 Stego is best decsribed as a species of "camouflage", which not
 only makes not only the substance but the EXISTENCE of any 
 plain-text hidden, by disguising it as different innocent information.

>
>> On the other hand we need methods of ADDRESS-HIDING.  We can only do
>> that if there is place, not here, where our sender information is
>> stripped off and it is forwarded from the forwarder, without longterm
>> records kept of where it arrived from or departed to.
>
>Not so. If you look at my post from 1.10 am , 18th this month, I describe
>two simple methods to do this. Stego can also be used to hide recipient and
>sender addresses by posting to a destination used by many people.
>
>
>> You may mean that the messages are anonymous (do not have author
>> information visible) TO INTERMEDIARIES.  I call that address hiding
>> or traffic hiding.   Sometimes this is done so that the message,
>> when Bob finally unlocks it. is plainly from Alice.  A subset of
>> what you can do with this is messages that are anonymous (do not
>> have author information visible)  TO THE RECIPIENTS; this is what
>> most people mean by "anonymous" messages.
>
>Both actually, though anonymity to intermediates is sufficient for many
>uses, and I may use the word in that sense.
>
>> 
>> To do any address hiding, you need a forwarder who manipulates
>> addresses and does not keep longterm records.
>>
>> There are a number of ways in which this can be done if some countries
>> demand all network providers keep records.  It requires some places
>> to break ranks and remove records.  One is if some countries drop out
>> or never join, they get the advantage of being trusted to offer
>> superior facilities.  The other is if the system encourages people to
>> make modem calls to each other, often local  sometimes long distance,
>> in which they shuffle information with each other without  an inter=
>> vening ISP.  Supposedly they are "all ISPs" and must all keep records,
>> but they don't and there are just too many of them to attack.
>
>You seem to have missed the point, which is that everything is done in
>public, so secret-keeping remailers are not allowed. 

 We are missing each other here.  Your solution is a way that messages
 can be adress-hidden in a public place, because all readers of that
 place download all messages then privately "tune out" what is for them.

 My solution is that the blockade is broken by some stations defying
 the ban and being honest and proper with information they forward
 despite the mandated dishonesty... either because they are out of
 reach, or because there are too many of them to attack effectively.

>Any operations
>performed by remailers must be done in public. Under these circumstances it
>is still possible to provide anonymity.

- -- 
   ^-^-^-@@-^-;-^   http://www.xemu.demon.co.uk/
        (..)__u     news:alt.smoking.mooses

       happy as a clam at high tide -. <_" .-._.-.


-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBO9MLuX8v/Y5zkfRPEQJgfQCfZdDNEkIf7e4sQJ4BajtAA2TAYVIAn0Ae
ikguhkJ3B7gXHfD1h0E0kN+M
=Qhne
-----END PGP SIGNATURE-----