Anonymous Remailers

From Higher Intellect Wiki
Jump to: navigation, search

Date: Sun, 26 Feb 1995 17:57:21 -0800
From: Andre Bacard <abacard@well.sf.ca.us>
Subject: Anonymous Remailer FAQ

  *** Frequently Asked Questions About Anonymous Remailers ***
                               by
                     Andre Bacard, Author of
                  THE COMPUTER PRIVACY HANDBOOK
                   [Version February 25, 1995]
 
  ============================================================
     This article offers a nontechnical overview of anonymous
     remailers to help you decide whether to use these
     computer services to enhance your privacy. I have written
     this especially for persons with a sense of humor. You
     may distribute this (unaltered) FAQ for non-commercial
     purposes.
   ===========================================================
 
What is an anonymous remailer?
 
     An anonymous remailer (also called an "anonymous server")
     is a free computer service that privatizes your e-mail.
     A remailer allows you to send electronic mail to a Usenet
     news group or to a person without the recipient knowing
     your name or your e-mail address.
 
Why would YOU use remailers?
 
     Maybe you're a computer engineer who wants to express
     opinions about computer products, opinions that your
     employer might hold against you. Possibly you live in a
     community that is violently intolerant of your social,
     political, or religious views. Perhaps you're seeking
     employment via the Internet and you don't want to
     jeopardize your present job. Possibly you want to place
     personal ads. Perchance you're a whistle-blower afraid of
     retaliation. Conceivably you feel that, if you criticize
     your government, Big Brother will monitor you. Maybe you
     don't want people "flaming" your corporate e-mail
     address. In short, there are many legitimate reasons why
     you, a law abiding person, might use remailers.
 
How does a remailer work?
 
     Let's take an example. A popular Internet remailer is run
     by Johan Helsingius, President of a Helsinki, Finland
     company that helps businesses connect to the Internet.
     His "an@anon.penet.fi" addresses are common in
     controversial news groups. Suppose you read a post from
     a battered woman <an123@anon.penet.fi> crying out for
     help. You can write her at <an123@anon.penet.fi>.
     Helsingius' computer will STRIP AWAY your real name and
     address (the header at the top of your e-mail), replace
     this data with a dummy address, and forward your message
     to the battered woman. Helsingius' computer will notify
     you of your new anonymous address; e.g.,
     <an345@anon.penet.fi>. You can use Helsingius' free
     service to forward letters to anyone, even to persons who
     do not use his service. His computer sends each user
     detailed instructions about his system.
     
 
Are there many remailers?
 
     Currently, there are roughly a dozen active, PUBLIC
     remailers on the Internet. (Undoubtedly, there are many
     PRIVATE remailers that restrict who may use them.)
     Remailers tend to come and go. First, they require
     equipment and labor to set up and maintain; second, they
     produce zero revenue.
 
Why are remailers free?
 
     There is a simple answer. How can remailer administrators
     charge people who want maximum privacy? Administrators
     can't ask for a Visa number or take checks.
 
Why do people operate remailers, if not for money?
 
     People set up remailers for their own personal usage,
     which they may or may not care to share with the rest of
     us. Joshua Quittner, co-author of the high-tech thriller
     MOTHER'S DAY, interviewed Mr. Helsingius for WIRED
     magazine. Helsingius said:
 
          "It's important to be able to express certain
          views without everyone knowing who you are.
          One of the best examples was the great debate
          about Caller ID on phones. People were really
          upset that the person at the receiving end
          would know who was calling. On things like
          telephones, people take for granted the fact
          that they can be anonymous if they want to and
          they get really upset if people take that
          away. I think the same thing applies for e-
          mail."
 
          "Living in Finland, I got a pretty close view
          of how things were in the former Soviet Union.
          If you actually owned a photocopier or even a
          typewriter there you would have to register it
          and they would take samples of what your
          typewriter would put out so they could
          identify it later. That's something I find so
          appalling. The fact that you have to register
          every means of providing information to the
          public sort of parallels it, like saying you
          have to sign everything on the Net. We always 
          have to be able to track you down."
 
What makes an "ideal" anonymous remailer?
     An "ideal" anonymous remailer is: (a) Easy to use. (b)
     Run by a reliable individual whose system actually does
     what it promises. In addition, this person should have
     the computer expertise to take prudent steps to safeguard
     your privacy from civilian or government hackers. (c)
     Able to forward your messages in a timely manner. By
     "timely" I mean minutes or hours. (d) Holds your messages
     for a RANDOM time before forwarding them. This time lag
     makes it harder for snoops to link a message that arrives
     at, say, 3:00 P.M. with a message that leaves your
     machine at, say, 2:59 P.M. (e) Permits (better yet
     encourages!) PGP encryption software. If a remailer does
     NOT permit PGP (Pretty Good Privacy), reasonable people
     might assume that the remailer administrator enjoys
     reading forwarded mail.
 
What makes a responsible remailer user?
 
     A responsible user: (a) Sends text files of a reasonable
     length. Binary files take too much transmission time. (b)
     Transmits files selectively. Remailers are NOT designed
     to send "You Can Get Rich" chain letters or other junk
     mail.
 
Who are irresponsible remailer users?
 
     Here is a quote from one remailer administrator:
 
     "This remailer has been abused in the past, mostly by
     users hiding behind anonymity to harass other users. I
     will take steps to squish users who do this.  Lets keep
     the net a friendly and productive place.... Using this
     remailer to send death threats is highly obnoxious.  I
     will reveal your return address to the police if you do
     this."
 
     Legitimate remailer administrators will NOT TOLERATE
     harassment or criminal activity. Report any such
     incidents to the remailer administrator.
 
How safe are anonymous remailers? [for paranoids only :-)]
 
     For most low-security tasks, such as responding to
     personal ads, remailers are undoubtedly safer than using
     real e-mail addresses. However, all the best made plans
     of mice and men have weaknesses. Suppose, for example,
     that you are a government employee, who just discovered
     that your boss is taking bribes. Is it safe to use an
     anonymous remailer to send evidence to a government
     whistleblower's e-mail hot line? Here are a few points to
     ponder:
 
     (a) The person who runs your e-mail system might
     intercept your secret messages to and from the anonymous
     remailer. This gives him proof that YOU are reporting
     your corrupt boss. This evidence could put you in danger.
 
     (b) It is possible that the anonymous remailer is a
     government sting operation or a criminal enterprise,
     designed to entrap people. The person who runs this
     service might be your corrupt boss' partner.
 
     (c) Hackers can do magic with computers. It's possible
     that hackers have broken into the remailer (unbeknownst
     to the remailer's administrator) and that they can read
     your messages at will.
 
     Hard-core privacy people do not trust individual
     remailers. These people write programs that send their
     messages through several remailers. This way only the
     first remailer knows their real address, and the first
     remailer cannot know the final destination of the e-mail
     message. In addition, they PGP encrypt all messages.
 
Where can I learn more?
 
     Go to the Usenet news group ALT.PRIVACY.ANON-SERVER. Pay
     special attention to posts by Raph Levien, "The Remailer
     Guru."
 
Where can I get a list of current remailers?
 
     Raph Levien [see above] generously runs a remailer
     pinging service which collects details about remailer
     features and reliability. To read Levien's data, finger:
 
     <remailer-list@kiwi.cs.berkeley.edu>.
 
     There is also a Web version of the same information, at:
 
     http://www.cs.berkeley.edu/~raph/remailer-list.html 
 
     In addition, Raph Levien <raph@kiwi.cs.berkeley.edu>
     regularly posts his "List of Reliable Remailers" at
     ALT.PRIVACY.ANON-SERVER.
 
Anything else I should know?
 
     YOUR privacy and safety are in danger! The black market
     price for your IRS records is $500. YOUR medical records
     are even cheaper. Prolific bank, credit and medical
     databases, the Clipper Chip Initiative, computer matching
     programs, cordless & cellular phone scanners, Digital
     Telephony legislation, and (hidden) video surveillance
     are just a few factors that threaten every law abiding
     citizen. Our anti-privacy society gives criminals and
     snoops computer data about YOU on a silver platter.
 
     If you want to protect your privacy, I urge you to join
     organizations such as the Electronic Frontier Foundation
     <membership@eff.org> and Computer Professionals for
     Social Responsibility <info@cpsr.org>.
 
***************************************************************
Andre Bacard               Bacard wrote "The Computer Privacy
Box 3009                   Handbook: A Practical Guide to E-Mail
Stanford, CA 94309         Encryption, Data Protection, and PGP
abacard@well.com           Privacy Software" [for novices/experts].
 
Introduction by Mitchell Kapor, Co-Founder of Electronic Frontier
Foundation and Creator of Lotus 1-2-3.
 
          Book Available Spring 1995. Write for Details
 
[Bacard has been interviewed on hundreds of radio-talk shows about
his previous book ("Hunger for Power"), technology, and society.]
*****************************************************************
 


Share your opinion