Remailers and similar systems are not secure

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!


As I argued recently elsewhere, the security of remailers is poor for
the following rather straightforward reason: If one sends an email through
a chain of remailer nodes, the email of course has to go initially to  
the first
node of that chain. On arrival at the router of that node, the entire
email (the whole data packge, i.e. more than what one sees in the normal  
email
window) contains the IP-address of the sender in the clear. So, if
the agencies tap at that location, or more conviently at the provider
side of the said node, then the sender of the email will be known to them
and this alone is a serious breach of security. (Whether the agencies could
eventually somehow also gain more information than that is not essential for
the current context.)

One could on the other hand send materials from callshops or internetcafes,
thus not using one's own IP-address, and send encrypted stuffs (preferrably
with authentication) to such
Usenet groups as alt.anonymous.messages and let the recipient collect them
according e.g. to certain agreed upon characteristics in the subject  
lines at
similar neutral locations. This way, both partners remain genuinely not  
trackable.

M. K. Shen

Site Timeline