IDENTITY, PRIVACY, and ANONYMITY on the INTERNET
================================================
(c) 1993 L. Detweiler. Not for commercial use except by permission
from author, otherwise may be freely copied. Not to be altered.
Please credit if quoted.
SUMMARY
=======
Information on email and account privacy, anonymous mailing and
posting, encryption, and other privacy and rights issues associated
with use of the Internet and global networks in general.
(Search for <#.#> for exact section. Search for '_' (underline) for
next section.)
PART 1
====== (this file)
Identity
--------
<1.1> What is `identity' on the internet?
<1.2> Why is identity (un)important on the internet?
<1.3> How does my email address (not) identify me and my background?
<1.4> How can I find out more about somebody from their email address?
<1.5> Why is identification (un)stable on the internet?
<1.6> What is the future of identification on the internet?
Privacy
-------
<2.1> What is `privacy' on the internet?
<2.2> Why is privacy (un)important on the internet?
<2.3> How (in)secure are internet networks?
<2.4> How (in)secure is my account?
<2.5> How (in)secure is X Windows?
<2.6> How (in)secure is my email?
<2.7> How am I (not) liable for my email and postings?
<2.8> How do I provide more/less information to others on my identity?
<2.9> Who is my sysadmin? What does s/he know about me?
<2.10> Why is privacy (un)stable on the internet?
<2.11> What is the future of privacy on the internet?
Anonymity
---------
<3.1> What is `anonymity' on the internet?
<3.2> Why is `anonymity' (un)important on the internet?
<3.3> How can anonymity be protected on the internet?
<3.4> How do I send anonymous mail?
<3.5> How do I post anonymously?
<3.6> How do I `kill' anonymous postings?
<3.7> What are the responsibilities associated with anonymity?
<3.8> Why is anonymity (un)stable on the internet?
<3.9> What is the future of anonymity on the internet?
PART 2
====== (next file)
Resources
---------
<4.1> What UNIX programs are related to privacy?
<4.2> What are some anonymous remailing and posting sites?
<4.3> How can I learn about or use cryptography?
<4.4> What is the cypherpunks mailing list?
<4.5> What are some privacy-related newsgroups? FAQs?
<4.6> What is internet Privacy Enhanced Mail (PEM)?
<4.7> What are other Request For Comments (RFCs) related to privacy?
<4.8> How can I run an anonymous remailer?
<4.9> What are references on privacy in email?
<4.10> What are some email, Usenet, and internet use policies?
<4.11> What is the MIT ``CROSSLINK'' anonymous message TV program?
Miscellaneous
-------------
<5.1> What is ``digital cash''?
<5.2> What is a ``hacker'' or ``cracker''?
<5.3> What is a ``cypherpunk''?
<5.4> What is an anonymous pool?
<5.5> What is `security through obscurity'?
<5.6> What are `identity daemons'?
<5.7> What is the history behind anonymous posting servers?
<5.8> What standards are needed to guard electronic privacy?
Issues
------
<6.1> What is the Electronic Frontier Foundation (EFF)?
<6.2> What is `operation Sun Devil' and the Steve Jackson Game case?
<6.3> What is Integrated Services Digital Network (ISDN)?
<6.4> What is the National Research and Education Network (NREN)?
<6.5> What is the FBI's proposed Digital Telephony Act?
<6.6> What other U.S. legislation is related to privacy on networks?
<6.7> What are references on rights in cyberspace?
<6.8> What is the Computers and Academic Freedom (CAF) archive?
<6.9> What is the background behind the Internet?
<6.10> How is Internet `anarchy' like the English language?
Footnotes
---------
<7.1> Most Wanted list
<7.2> Change history
PART 3
====== (last file)
Commentary
----------
<8.1> What is the value of anonymity?
<8.2> Should anonymous posting to all groups be allowed?
<8.3> What should system operators do with anonymous postings?
* * *
IDENTITY
========
_____
<1.1> What is `identity' on the internet?
Generally, today people's `identity' on the internet is primarily
determined by their email address in the sense that this is their
most unchanging 'face' in the electronic realm. This is your
login name qualified by the complete address domain information,
for example ``ld231782@longs.lance.colostate.edu''. People see
this address when receiving mail or reading USENET posts from you
and in other situations where programs record usage. Some obsolete
forms of addresses (such as BITNET) still persist.
In email messages, additional information on the path that a message
takes is prepended to the message received by the recipient. This
information identifies the chain of hosts involved in the
transmission and is a very accurate trace of its origination. This
type of identify-and-forward protocol is also used in the USENET
protocol to a lesser extent. Forging these fields requires
corrupted mailing software at sites involved in the forwarding and
is very uncommon. Not so uncommon is forging the chain at the
origination point, so that all initial sites in the list are faked
at the time the message is created. Tracing these messages can be
difficult or impossible when the initial faked fields are names of
real machines and represent real transfer routes.
_____
<1.2> Why is identity (un)important on the internet?
The concept of identity is closely intertwined with communication,
privacy, and security, which in turn are all critical aspects of
computer networks. For example, the convenience of communication
afforded by email would be impossible without conventions for
identification. But there are many potential abuses of identity
possible that can have very severe consequences, with massive
computer networks at the forefront of the issue, which can
potentially either exacerbate or solve these problems.
Verifying that an identity is correct is called `authentication',
and one classic example of the problems associated with it is
H.G.Well's ``War of the Worlds'' radio broadcast that fooled
segments of the population into thinking that an alien invasion was
in progress. Hoaxes of this order are not uncommon on Usenet and
forged identities makes them more insidious. People and their
reputations can be assaulted by forgery.
However, the fluidity of identity on the internet is for some one of
its most attractive features. Identity is just as useful as it is
harmful. A professor might carefully explain a topic until he
finds he is talking to an undergraduate. A person of a particular
occupation may be able to converse with others who might normally
shun him. Some prejudices are erased, but, on the other hand, many
prejudices are useful! A scientist might argue he can better
evaluate the findings of a paper as a reviewer if he knows more
about the authors. Likewise, he may be more likely to reject it
based on unfair or irrelevant criteria. On the other side of the
connection, the author may find identities of reviewers useful in
exerting pressure for acceptance.
Identity is especially crucial in establishing and regulating
`credit' (not necessarily financial) and `ownership' and `usage'.
Many functions in society demand reliable and accurate techniques
for identification. Heavy reliance will be placed on digital
authentication as global economies become increasingly electronic.
Many government functions and services are based on identification,
and law enforcement frequently hinges on it. Hence, employees of
many government organizations push toward stronger identification
structures. But when does identification invade privacy?
The growth of the internet is provoking social forces of massive
proportions. Decisions made now on issues of identity will affect
many future users, especially as the network becomes increasingly
global, universal, widespread, and entrenched; and the positive or
adverse affects of these actions, intended and inadvertent, will
literally be magnified exponentially.
_____
<1.3> How does my email address (not) identify me and my background?
Your email address may contain information that influences people's
perceptions of your background. The address may `identify' you as
from a department at a particular university, an employee at a
company, or a government worker. It may contain your last name,
initials, or cryptic identification codes independent of both. In
the US some are based on parts of social security numbers. Others
are in the form 'u2338' where the number is incremented in the
order that new users are added to the system.
Standard internet addresses also can contain information on your
broad geographical location or nationhood. However, none of this
information is guaranteed to be correct or be there at all. The
fields in the domain qualification of the username are based on
rather arbitrary organization, such as (mostly invisible) network
cabling distributions. The only point to make is that early fields
in the address are more specific (such as specific computer names
or local networks) and the later ones the most general (such as
continental domains). Typically the first field is the name of the
computer receiving mail.
Gleaning information from the email address alone is sometimes an
inspired art or an inconsistent and futile exercise. (For more
information, see the FAQs on email addresses and known
geographical distributions below.) However, UNIX utilities exist
to aid in the quest (see the question on this).
Common Suffixes
---------------
.us United States
.uk United Kingdom
.ca Canada
.fi Finland
.au Australia
.edu university or college
.com commercial organization
.org 'other' (e.g. nonprofit organization)
.gov government
.mil military site
_____
<1.4> How can I find out more about somebody with a given email address?
One simple way is to send email to that address, asking. Another
way is to send mail to the postmaster at that address (i.e.
postmaster@address), although the postmaster's job is more to help
find user ID's of particular people given their real name and solve
mail routing problems. The sysadmin (i.e. `root@address') may also
be able to supply information. Users with related email address
may have information. However, all of these methods rely on the
time and patience of others so use them minimally.
One of the most basic tools for determining identity over the
internet is the UNIX utility 'finger'. The basic syntax is:
finger user@here.there.everywhere
This utility uses communication protocols to query the computer
named in the address for information on the user named. The
response is generated completely by the receiving computer and may
be in any format. Possible responses are as follows:
- A message `unknown host' meaning some aspect of the address is
incorrect, two lines with no information and '???'.
- A message 'In real life: ???' in which case the receiving computer
could not find any kind of a match on the username. The finger
utility may return this response in other situations.
- A listing of information associated with multiple users. Some
computers will search only for matching user IDs, others will
attempt to find the username you specified as a substring of all
actual full names of users kept in a local database.
At some sites 'finger' can be used to get a list of all users on the
system with a `finger @address'. In general this is often
considered weak security, however, because `attackers' know valid
user ID's to `crack' passwords.
More information on the fields returned by `finger' is given below.
More information on `finger' and locating people's email addresses
is given in the email FAQ (such as the WHOIS lookup utility). Just
as you can use these means to find out about others, they can use
them to find out about you. You can `finger' yourself to find out
what is publicly reported by your UNIX system about you. Be
careful when modifying `finger' data; virtually anyone with
internet access worldwide can query this information.
_____
<1.5> Why is identification (un)stable on the internet?
Generally, identity is an amorphous and almost nonexistent concept
on the Internet for a variety of reasons. One is the inherent
fluidity of `cyberspace' where people emerge and submerge
frequently, and absences are not readily noted in the `community'.
Most people remember faces and voices, the primary means of casual
identification in the 'real world'. The arbitary and cryptic
sequences of letters and digits comprising most email addresses are
not particularly noticeable or memorable and far from a unique
identification of an individual, who may use multiple accounts on
multiple machines anywhere in the world.
Currently internet users do not really have any great assurances
that the messages in email and USENET are from who they appear to
be. A person's mailing address is far from an identification of an
individual.
- Anyone with access to the account, e.g. they know the password,
either legitimately or otherwise, can send mail with that address
in the From: line.
- Email addresses for an individual tend to change frequently as
they switch jobs or make moves inside their organizations.
- As part of current mailing protocol standards, forging the From:
line in mail messages is a fairly trivial operation for many
hackers.
The status and path information prepended to messages by
intermediate hosts is generally unforgeable. In general, while
possible, forgeries are fairly rare on most newsgroups and in
email. Besides these pathological cases abve there are many basic
problems with today's internet protocols affecting identification
on the internet:
- Internet mail standards, described in RFC-822, are still evolving
rapidly and not entirely orderly. For example, standards for
mail address `munging' or `parsing' tend to vary slightly between
sites and frequently mean the difference between finding
addresses and bouncing mail.
- Domain names and computer names are frequently changed at sites,
and there are delays in the propagation of this data.
- Addresses cannot be resolved when certain critical computers
crash, such as the receiving computer or other computers involved
in resolving names into addresses called `nameservers'.
- A whole slew of problems is associated with `nameservers'; if
they are not updated they will not find name addresses, and even
the operation of what constitutes `updating' has different
interpretations at different sites.
The current internet mailing and addressing protocols are slightly
anachronistic in that they were created when the network was
somewhat obscure and not widespread, with only a fraction of the
traffic it now sees. Today a large proportion of internet traffic
is email, comprising millions of messages.
_____
<1.6> What is the future of identification on the internet?
Some new technologies and standards are introducing facial images
and voice messages into mail and these will improve the sense of
community that comes from the familiarity of identification.
However, they are not currently widespread, require large amounts
of data transfer, standardized software, and make some compromises
in privacy.
Promising new cryptographic techniques may make 'digital signatures'
and 'digital authentication' common (see below). Also, the trend
in USENET standards is toward greater authentication of posted
information. On the other hand, advances in ensuring anonymity
(such as remailers) are forthcoming. See below.
PRIVACY
=======
_____
<2.1> What is `privacy' on the internet?
Generally, while `privacy' has multiple connotations in society and
perhaps even more on the internet, in cyberspace most take it to
mean that you have exclusive use and access to your account and the
data stored on and and directed to it (such as email), and you do
not encounter arbitrary restrictions or searches. In other words,
others may obtain data associated with your account, but not
without your permission. These ideas are probably both fairly
limiting and liberal in their scope in what most internet users
consider their private domains. Some users don't expect or want
any privacy, some expect and demand it.
_____
<2.2> Why is privacy (un)important on the internet?
This is a somewhat debatable and inflammatory topic, arousing
passionate opinions. On the internet, some take privacy for
granted and are rudely surprised to find it tenuous or nonexistent.
Most governments have rules that protect privacy (such as the
illegal search and seizure clause of the U.S. constitution, adopted
by others) but have many that are antithetical to it (such as laws
prohibiting secret communications or allowing wiretapping). These
rules generally carry over to the internet with few specific rules
governing it. However, the legal repercussions of the global
internet are still largely unknown and untested (i.e. no strong
legal precedents and court cases). The fact that internet traffic
frequently passes past international boundaries, and is not
centrally managed, significantly complicates and strongly
discourages its regulation.
_____
<2.3> How (in)secure are internet networks?
- `Theoretically' people at any site in the chain of sites with
access to hardware and network media that transmits data over the
Internet could potentially monitor or archive it. However, the
sheer volume and general 'noise' inherent to this data makes
these scenarios highly improbable, even by government agencies
with supposedly vast funding and resources.
- Technologies exist to `tap' magnetic fields given off by
electrical wires without detection. Less obscurely, any machine
with a network connection is a potential station for traffic
detection, but this scenario requires knowledge and access to
very low-level hardware (the network card) to pursue, if even
possible.
- A company Network General Inc. is one of many that manufactures
and markets sophisticated network monitoring tools that can
'filter' and read packets by arbitrary criteria for
troubleshooting purposes, but the cost of this type of device is
prohibitive for casual use.
Known instances of the above types of security breaches at a major
scale (such as at network hubs) are very rare. The greatest risks
tend to emerge locally. Note that all these approaches are almost
completely defused with the use of cryptography.
_____
<2.4> How (in)secure is my account?
By default, not very. There are a multitude of factors that may
reinforce or compromise aspects of your privacy on the internet.
First, your account must be secure from other users. The universal
system is to use a password, but if it is `weak' (i.e. easy to
guess) this security is significantly diminished. Somewhat
surprisingly and frighteningly to some, certain users of the
system, particularly the administrator, generally have unlimited
access regardless of passwords, and may grant that access to
others. This means that they may read any file in your account
without detection.
Furthermore, not universally known, most UNIX systems keep fairly
extensive accounting records of when and where you logged in, what
commands you execute, and when they are executed (in fact, login
information is usually public). Most features of this `auditing' or
`process accounting' information are enabled by default after the
initial installation and the system administrator may customize it
to strengthen or weaken it to satisfy performance or privacy aims.
This information is frequently consulted for troubleshooting
purposes and may otherwise be ignored. This data tracks
unsuccessful login attempts and other 'suspicious' activities on
the system. A traditional part of the UNIX system that tracks user
commands is easily circumvented by the user with the use of
symbolic links (described in 'man ln').
UNIX implementations vary widely particularly in tracking features
and new sophisticated mechanisms are introduced by companies
regularly. Typically system adminstrators augment the basic UNIX
functionality with public-domain programs and locally-developed
tools for monitoring, and use them only to isolate suspicious
activity as it arises.
Generally, you should expect little privacy on your account for
various reasons:
- Potentially, every keystroke you type could be intercepted by
someone else.
- System administrators make extensive backups that are completely
invisible to users which may record the states of an account over
many weeks.
- Erased files can, under many operating systems, be undeleted.
- Most automated services keep logs of use for troubleshooting or
otherwise; for example FTP sites usually log the commands and
record the domain originations of users, including anonymous
ones.
- Some software exacerbates these problems. See the section on
``X Windows (in)security''.
The most important privacy considerations are related to file
rights, and many lapses can be traced to their misunderstood nature
or haphazard maintenance. Be aware of the rights associated with
your files and directories in UNIX. If the `x' (`execute') right on
your parent directory is off for users, groups, and other, these
users cannot gain information on anything in your directories.
Anything less may allow others to read, change, or even delete
files in your home directory. By default most accounts are
accessable only to the owner, but the initial configuration varies
between sites based on administrator preference. The default file
mode specifies the initial rights associated with newly created
files, and can be set in the shell. The details of rights
implementations tend to vary between versions of UNIX. Consult man
pages on `chmod' and `ls'.
Examples
--------
traver.lance % ls -ld ~
drwx------ 15 ld231782 1536 Jan 31 21:22 /users/ld231782/
Here is a listing of the rights associated with a user's home
directory, denoted by `~'. The columns at the left identify what
rights are available. The first column identifies the entry as a
directory, and the next three columns mean that read, write, and
execute rights, respectively, are permitted for that user. For
directories, the `x' right means that contents (file and
subdirectory names) within that directory can be listed. The
subsequent columns indicate that no other users have any rights to
anything in the directory tree originating at that point. They
can't even `see' any lower files or subdirectories; the hierarchy
is completely invisible to them.
traver.lance % ls -l msg
-rw-r--r-- 1 ld231782 35661 Jan 29 23:13 msg
traver.lance % chmod u=rw,g=,o= msg
traver.lance % ls -l msg
-rw------- 1 ld231782 35661 Jan 29 23:13 msg
Here the modes on the file `msg' were changed to take away rights
from `group' and `other'.
Indepedent of malevolent administrators are fellow users, a much
more commonly harmful threat. There are multiple ways to help
ensure that your account will not be accessed by others, and
compromises can often be traced to failures in these guidelines:
- Choose a secure password. Change it periodically.
- Make sure to logout always.
- Do not leave a machine unattended for long.
- Make sure no one watches you when you type your password.
- Avoid password references in email.
- Be conservative in the use of the .rhost file.
- Use utilities like `xlock' to protect a station, but be
considerate.
Be wary of situations where you think you should supply your
password. There are only several basic situations where UNIX
prompts you for a password: when you are logging in to a system or
changing your password. Situations can arise in which prompts for
passwords are forged by other users, especially in cases where you
are talking to them (such as Internet Relay Chat). Also, be aware
that forged login screens are one method to illegitimately obtain
passwords.
(Thanks to Jim Mattson for contributions
here.)
_____
<2.5> How (in)secure is X Windows?
X Windows is the primary software developed by the MIT Athena
project which is funded by U.S. government grants to develop
applications to harness the power of networks in enhancing
computational tasks, particularly the human-computer interface.
The software implements a client-server interface to a computer via
graphical windows. In this case the `client' is the application
requesting or utilizing graphical resources (such as windows or a
mouse) and the `server' is the machine that provides them. In many
situations the client is an application program running on the same
machine as the server.
The great utility of X Windows comes from its complete dissociation
of the client and server so that windows may be `broadcast' to a
server at a remote location from the client. Unfortunately this
dynamic power also introduces many deep, intricate, and complicated
security considerations. The primary security and privacy issue
associated with X Windows is that much more sensitive data may be
sent over a network, and over wider regions, than in the case where
the human is situated near the host computer. Currently there is
no encryption of data such as screen updates and keystrokes in X
Windows.
Due to either intentional design decisions or unintentional design
flaws, early versions of the X Window system are extremely
insecure. Anyone with an account on the server machine can disrupt
that display or read it electronically based on access to the
device unix:0.0 by any regular user. There are no protections
from this type of access in these versions. The problem arises
because the security is completely based on machine addresses
rather than users, such that any user at a `trusted' machine is
himself trusted. Quoting from X documentation (man Xsecurity):
> Any client on a host in the host access control list is allowed
> access to the X server. This system can work reasonably well in
> an environment where everyone trusts everyone, or when only a
> single person can log into a given machine...This system does not
> work well when multiple people can log in to a single machine and
> mutual trust does not exist.
With the access control list, the `xhost' command may prevent some
naive attempts (i.e. those other than the direct-access unix:0.0
evasion); the syntax as typed on the host machine is ``xhost
+[name]'' where [name] is the domain name or internet address of an
authorized client machine. By default clients running nonlocal to
the host are disabled. Public domain programs to disrupt a display
momentarily (such as 'flip' or slowly mirror the screen image, or
cause pixels to 'melt' down to the bottom) have been circulating on
the internet among hackers for several years and played as pranks
on unsuspecting or inexperienced users. Much more serious security
breaches are conceivable from similar mechanisms exploiting this
inherent weaknesses. (The minimal, easily-bypassed `trusted'
security mode of `xhost' has been jokingly referred to as ``X
Hanging Open, Security Terrible.'').
New versions of the X Windowsystem (X11R5 and higher) by default
make server access as secure as the file system using a .Xauthority
file and 'magic cookies'. Remote machines must have a code in the
.Xauthority file in the home directory that matches the code
allowed by the server. Many older programs and even new
vendor-supplied code does not support or is incompatible with
`magic cookies'. The basic magic cookie mechanism is vulnerable to
monitoring techniques described earlier because no encryption of
keys occurs in transmission. X11R5 also includes other
sophisticated encryption mechanisms. Try `man Xsecurity' to find
out what is supported at your site. Even though improved security
mechanisms have been available in X Windows since ~1990, local
sites often update this software infrequently because installation
is extremely complex.
(Thanks to Marc Vanheyningen ,
Jim Mattson , and Bill Marshall
for contributions here.)
_____
<2.6> How (in)secure is my email?
By default, not very. The characters that you are reading are
almost certainly encoded in ASCII, the American Standard Code for
Information Interchange that maps alphabetic and symbolic
characters onto numeric codes and vice versa. Virtually every
computer system uses this code, and if not, has ways of converting
to and from it. When you write a mail message, by default it is
being sent in ASCII, and since the standard is virtually
universal, there is no intrinsic privacy. Despite milleniums worth
of accumulated cryptographic knowledge, cryptographic technologies
are only recently being established that afford high priority to
privacy as a primary criteria in computer and network design. Some
potential pitfalls in privacy are as follows:
- The most serious threats are instances of immature or unscrupulous
system operators reading private mail in the `spool files' at a
local site (i.e. at the source or destination of the message),
such as a university.
- System administrators may also release files to law enforcement
agencies, but conventions and protocols for warrants involving
computer searches have still not been strongly established and
tested legally.
- Note that bounced messages go to postmasters at a given site in
their entirety. This means that if you address mail with an
incorrect address it has a good chance of being seen by a human
other than the recipient.
- Typically new user accounts are always set up such that the local
mail directory is private, but this is not guaranteed and can be
overridden.
- Finally, be aware that some mailing lists (email addresses of
everyone on a list) are actually publicly accessable via mail
routing software mechanisms. This `feature' can be disabled.
Most potential compromises in email privacy can be thoroughly
avoided with the use of strong end-to-end cryptography, which has
its own set of caveats (for example, unscrupulous administrators
may still be a threat if the encryption site is shared or
nonlocal). See the sections on ``email privacy'' and ``email
policies.''
_____
<2.7> How am I (not) liable for my email and postings?
As punishment or whatever, your system administrator can revoke
certain `privileges' such as emailing, USENET posting or reading
certain groups, file transferring, remote communications, or
generally any subset of capabilities available from your account.
This all is completely at the discretion of the local administrator
and under the procedures followed at a particular site, which in
many cases are haphazard and crisis-oriented. Currently there are
virtually no widespread, uniform guidelines or procedures for
restricting use to any internet services, and local administrators
are free to make arbitrary decisions on access.
Today punitive measures are regularly applied in various situations.
In the typical scenario complaint(s) reach a system adminstrator
regarding abuses by a user, usually but not necessarily preceded by
complaints to the user in email, regarding that person's
objectionable email or postings. `abusive' posters to USENET are
usually first given admonitions from their system administrators as
urged by others on the `net'. (The debate persists endlessly on
many newsgroups whether this is also used as a questionable means
of attacking or silencing `harmless crackpots' or censoring
unpopular opinions.)
System administrators at remote sites regularly cooperate to
'squelch' severe cases of abuse. In general, however, by tradition
Usenet readers are remarkably tolerant of diverse views and uses of
the system, but a colorful vocabularly of slang helps describe
their alternatives when this patience is sapped: the options
wielded by the individual user are to simply advance to the next
message (referred to as ``hitting the `n' key''), or to `plonk'
annoying posters (according to the Hacker's Dictionary, the sound a
jerk makes at the end of a fall to the bottom of a kill file).
In cases where punitive actions are applied, generally system
administrators are least likely to restrict email. USENET postings
are much more commonly restricted, either to individual users or
entire groups (such as a university campus). Restrictions are most
commonly associated with the following `abuses':
- harassing or threatening notes, `email terrorism'
- illegal uses, e.g. piracy or propagation of copyrighted material
- `ad hominem' attacks, i.e. insulting the reputation of the
poster instead of citing the content of the message
- intentional or extreme vulgarity and offensiveness
- inappropriate postings, esp. binary files in regular groups
`mail-bombing': inundating mail boxes with numerous or massive
files
Major problems originate from lack of distinctions in private and
official email or postings. Most users have internet access via
accounts at businesses or universities and their activities on the
internet can be construed as representative of their parent
organizations. Many people put disclaimers in their `signatures' in
an attempt dissociate their identity and activities from parent
organizations as a precaution. A recent visible political case
involves the privacy of electronic mail written by White House
staff members of the Bush administration. Following are some
guidelines:
- Acquaint yourself with your company or university policy.
- If possible, avoid use of your company email address for private
communication.
- Use a disclaimer.
- Keep a low profile (avoid `flamewars' or simply don't post).
- Avoid posting information that could be construed to be
proprietary or `internal'.
The following references are available from ftp.eff.com
(see also the section on ``internet use policies''):
/pub/academic/banned.1991
/pub/academic/banned.1992
---
Computer material that was banned/challenged in academia in 1991
and 1992 including USENET hierarchies.
/pub/academic/cases
---
This is an on-line collection of information about specific
computers and academic freedom cases. File README is a detailed
description of the items in the directory.
/pub/academic/faq/netnews.liability
---
Notes on university liability for Usenet.
_____
<2.8> How do I provide more/less information to others on my identity?
The public information of your identity and account is mostly
available though the UNIX utility `finger' described above. You
have control over most of this information with the utility `chfn',
the specifics vary between sites. You can provide unlimited
information in the .plan file which is copied directly to the
destination during the fingering. (A technique that works at some
sites allows you to find out who is 'finger'ing you and even to
vary the .plan file sent to them.) Your signature is determined by
the environment variable SIGNATURE, and USENET signatures are
usually kept in the .signature file in your home directory.
Providing less information is more difficult and involved. One
approach is to ask your system adminstrator to change or delete
information about you (such as your full name). You may be able to
obtain access on a public account or one from someone unrelated to
you personally. You may be able to remotely login (via modem or
otherwise) to computers that you are not physically near. These
are tactics for hiding or masking your online activities but
nothing is foolproof. Consult man pages on the 'chmod' command and
the default file mode. Generally, files on a shared system have
good safeguards within the user pool but very little protection is
possible from corrupt system administrators.
To mask your identity in email or on USENET you can use different
accounts. More untraceable are new `anonymous posting' and
remailing services that are very recently being established. See
below.
_____
<2.9> Who is my sysadmin? What does s/he know about me?
The requirements and screening for getting a system administration
job (and thereby access to all information on a system) vary widely
between sites and are sometimes frighteningly lax, especially at
universities. Many UNIX systems at universities are largely
managed by undergraduates with a background in computing and often
`hacking'. In general, commercial and industrial sites are more
strict on qualifications and background, and government sites are
extremely strict.
The system adminstrator (root user) can monitor what commands you
used and at what times. S/he may have a record (backups) of files
on your account over a few weeks. S/he can monitor when you send
email or post USENET messages, and potentially read either. S/he
may have access to records indicating what hosts you are using,
both locally and elsewhere. Administrators sometimes employ
specialized programs to track `strange' or `unusual' activity,
which can potentially be misused.
______
<2.10> Why is privacy (un)stable on the internet?
For the numerous reasons listed above, privacy should not be an
expectation with current use of the internet. Furthermore, large
parts of the internet are funded by the U.S. NSF (National Science
Foundation) which places certain restrictions on its use (such as
prohibiting commercial use). Some high-level officials in this and
other government agencies may be opposed to emerging techniques to
guarantee privacy (such as encryption and anonymous services).
Historically the major threats to privacy on the internet have been
local. Perhaps the most common example of this are the widespread
occurrences of university administrators refusing to carry some
portion of USENET newsgroups labelled as `pornographic'. The
`alternative' hierarchy in the USENET system, which has virtually
no restrictions on propagation and new group creation, is
frequently targeted (although this material may appear anywhere).
From the global point of view traffic is generally completely
unimpeded on the internet and only the most egregious offenders
are pursued. For example, verbatim transcriptions of copyrighted
material (such as newspaper or magazine articles) are posted to
USENET with regularity without major consequences (some email
complaints may ensue). More astonishing to some is that currently
significant portions of USENET traffic, and less so internet
traffic, is comprised of sexually-explicit digitized images almost
entirely originating from copyrighted material (newsgroups such as
`alt.sex' regularly have the highest traffic).
______
<2.11> What is the future of privacy on the internet?
Some argue that the internet currently has an adequate or
appropriate level of privacy. Others will argue that as a
prototype for future global networks it has woefully inadequate
safeguards. The internet is growing to become a completely global,
international superhighway for data, and this traffic will
inevitably entail data such as voice messages, postal mail, and
many other items of extremely personal nature. Computer items that
many people consider completely private (such as their local hard
drives) will literally be inches from global network connections.
Also, sensitive industrial and business information is exchanged
over networks currently and this volume may conceivably merge with
the internet.
Most would agree that, for these basic but sensitive uses of the
internet, no significant mechanisms are currently in place to
ensure much privacy. New standards are calling for uniform
introduction of `privacy enhanced mail' (PEM) which uses encryption
technologies to ensure privacy, so that privacy protection is
automatic, and may significantly improve safeguards.
The same technology that can be extremely destructive to privacy
(such as with surreptitious surveilance) can be overwhelmingly
effective in protecting it (e.g. with encryption). Some government
agencies are opposed to unlimited privacy in general, and believe
that it should lawfully be forfeited in cases of criminal conduct
(e.g. court-authorized wiretapping). However, powerful new
technologies to protect privacy on computers are becoming
increasingly popular, provoking some to say that ``the cat is out
of the bag'' and the ``genie can't be put back in the bottle''. In
less idiomatic terms, they believe that the spread of strong
cryptography is already underway will be socially and technically
unstoppable.
To date, no feasible system that guarantees both secure
communication and government oversight has been proposed (the two
goals are largely incompatible). Proposals for ``registration'' of
secret keys (by D. Denning on sci.crypt, for example) have been met
with hot controversy at best and ridicule and derision at worst,
mainly because of concerns for the right to privacy and objections
of inherent feasibility. Electronic privacy issues, and
particularly the proper roles of networks and the internet, will
foreseeably become highly visible and explosive over the next few
years.
ANONYMITY
=========
_____
<3.1> What is `anonymity' on the internet?
Simply stated, anonymity is the absence of identity, the ultimate in
privacy. However, there are several variations on this simple
theme. A person may wish to be consistently identified by a
certain pseudonym or `handle' and establish a reputation under it
in some area, providing pseudo-anonymity. A person may wish to be
completely untraceable for a single one-way message (a sort of
`hit-and-run'). Or, a person may wish to be openly anonymous but
carry on a conversation with others (with either known or anonymous
identities) via an `anonymous return address'. A user may wish to
appear as a `regular user' but actually be untraceable. Sometimes
a user wishes to hide who he is sending mail to (in addition to the
message itself). The anonymous item may directed at individuals or
groups. A user may wish to access some service and hide all signs
of the association.
All of these uses are feasible on the internet but are currently
tricky to carry out in practice, because of all the tracking
mechanisms inherent to operating systems and network protocols.
Officials of the NSF and other government agencies may be opposed
to any of these uses because of the potential for abuse.
Nevertheless, the inherent facelessness of large networks will
always guarantee a certain element of anonymity.
_____
<3.2> Why is `anonymity' (un)important on the internet?
Anonymity is another powerful tool that can be beneficial or
problematic depending on its use. Arguably absence of
identification is important as the presence of it. It may be the
case that many strong benefits from electronic anonymity will be
discovered that were unforeseen and unpredicted, because true
anonymity has been historically very difficult to establish.
One can use anonymity to make personal statements to a colleague
that would sabotage a relationship if stated openly (such as
employer/employee scenarios). One can use it to pass information
and evade any threat of direct retribution. For example,
`whistleblowers' reporting on government abuses (economic, social,
or political) can bring issues to light without fear of stigma or
retaliation. Sensitive, personal, potentially damaging information
is often posted to some USENET groups, a risky situation where
anonymity allows conversations to be carried on completely
independent of the identities of the participants. Some police
departments run phone services that allow anonymous reporting of
crimes; such uses would be straightforward on the network.
Unfortunately, extortion and harassment become more insidious with
assurances of anonymity.
_____
<3.3> How can anonymity be protected on the internet?
The chief means, as alluded to above, are masking identities in
email and posting. However, anonymous accounts (public accounts as
accessable and anonymous as e.g. public telephones) may be
effective as well, but this use is generally not officially
supported and even discouraged by some system adminstrators and NSF
guidelines. The nonuniformity in the requirements of obtaining
accounts at different sites and institutions makes anonymous
accounts generally difficult to obtain to the public at large.
Many communications protocols are inherently detrimental to
anonymity. Virtually every protocol in existence currently
contains information on both sender and receiver in every packet.
New communications protocols will likely develop that guarantee
much higher degrees of secure anonymous communication.
_____
<3.4> How do I send anonymous mail?
One approach has been to set up an `anonymous server' that, when
activated by email to its address, responds by allocating and
supplying an `anonymous ID' that is unique to the person requesting
it (based on his email address). This will vary for the same
person for different machine address email originations. To send
anonymous mail, the user sends email directed to the server
containing the final destination. The server `anonymizes' the
message by stripping of identification information and forwards the
message, which appears to originate from the anonymous server only
from the corresponding anonymous user id. This is the
`interactive' use of anonymity or pseudonymity mentioned above.
Another more `fringe' approach is to run a `cypherpunk' remailer
from a regular user account (no root system privileges are
required). These are currently being pioneered by Eric Hughes and
Hal Finney . The operator runs a process on
a machine that anonymizes mail sent to him with certain
characteristics that distinguish it from his regular incoming mail
(typically fields in the header). One has been implemented as a
PERL script running on UNIX. Several of these are in existence
currently but sites and software currently are highly unstable;
they may be in operation outside of system administrator knowledge.
The remailers don't generally support anonymous return addresses.
Mail that is incorrectly addressed is received by the operator.
Generally the user of the remailer has to disavow any
responsibility for the messages forwarded through his system,
although actually may be held liable regardless.
These approaches have several serious disadvantages and weaknesses:
- The anonymous server approach requires maintaining a mapping of
anonymous ID's to real addresses that must be maintained
indefinitely. One alternative is to allow `deallocation' of
aliases at the request of the user, but this has not been
implemented yet.
- Although an unlikely scenario, traffic to any of these sites could
conceivably be monitored from the `outside', necessitating the
use of cryptography for basic protection,.
- Local administrators can shut them down either out of caprice or
under pressure from local, network, or government agencies.
- Unscrupulous providers of the services can monitor the traffic
that goes through them.
- Most remailers currently keep logs that may be inspected.
- The cypherpunk approach tends to be highly unstable because these
operators are basically network users who do not own the
equipment and are accountable to their own system
administrators, who may be unaware of the use and unsympathetic
to the philosophy of anonymity when the operation is discovered,
regarding it as illicit use.
- In all cases, a high degree of trust is placed in the anonymous
server operator by the user.
Currently the most direct route to anonymity involves using SMTP
protocols to submit a message directly to a server with arbitrary
field information. This practice, not uncommon to hackers, and the
approach used by remailers, is generally viewed with hostility by
most system administrators. Information in the header routing data
and logs of network port connection information may be retained
that can be used to track the originating site. In practice, this
is generally infeasible and rarely carried out. Some
administrators on the network will contact local administrators to
request a message be tracked and its writer admonished or punished
more severely (such as revoking the account), all of this actually
happening occasionally but infrequently.
See the sections ``known anonymous mail and posting sites'' and
``responsibilities associated with anonymity''.
_____
<3.5> How do I post anonymously?
For this use anonymous servers have been established as well with
all the associated caveats above (monitored traffic, capricious or
risky local circumstances, logging). Make sure to test the system
at least once by e.g. anonymous posting to misc.test (however some
operators don't recommend this because many sites `autorespond' to
test messages, possibly causing the anonymous server to allocate
anonymous IDs for those machines). See the ``responsibilties
associated with anonymous posting'' before proceeding.
Another direct route involves using NNTP protocols to submit a
message directly to a newserver with arbitrary field information.
This practice, not uncommon to hackers, is also generally viewed
with hostility by most system administrators, and similar
consequences can ensue.
See the sections ``known anonymous mail and posting sites'' and
``responsibilities associated with anonymity''.
_____
<3.6> How do I `kill' anonymous postings?
> Try putting this in your kill file:
>
> /Anon/h:j
> /Anonymous/h:j
>
> This will search the headers of the messages and kill any that
> contain `Anon' or `Anonymous' in them. Not perfect and won't
> kill followups.
--James Thomas Green
_____
<3.7> What are the responsibilities associated with anonymity?
Users
-----
- Use anonymity only if you have to. Frivolous uses weaken the
seriousness and usefulness of the capability for others.
- Do not use anonymity to provoke, harass, or threaten others.
- Do not hide behind anonymity to evade established conventions on
Usenet, such as posting binary pictures to regular newsgroups.
- If posting large files, be attentive to bandwidth considerations.
Remember, simply sending the posting to the service increases
network traffic.
- Avoid posting anonymously to the regular hierarchy of Usenet; this
is the mostly likely place to alienate readers. The `alt'
hierarchy is preferred.
- Give as much information as possible in the posting (i.e.
references, etc.) Remember that content is the only means for
readers to judge the truth of the message, and that any
inaccuracies will tend to discredit the entire message and even
future ones under the same handle.
- Be careful not to include information that will reveal your
identity or enable someone to deduce it. Test the system by
sending anonymized mail to yourself.
- Be aware of the policies of the anonymous site and respect them.
Be prepared to forfeit your anonymity if you abuse the privilege.
- Be considerate and respectful of other's objections to anonymity.
- ``Hit-and-run'' anonymity should be used with utmost reservation.
Use services that provide anonymous return addresses instead.
- Be courteous to the system operator, who may have invested large
amounts of time, be personally risking his account, or dedicating
his hardware, all for your convenience.
Operators
---------
- Document thoroughly acceptable and unacceptable uses in an
introductory file that is sent to new users. Have a coherent and
consistent policy and stick to it. State clearly what logging and
monitoring is occurring. Describe your background, interest, and
security measures. Will the general approach be totalitarian or
lassaiz-faire?
- Formulate a plan for problematic ethical situations and anticipate
potentially intense moral quandaries and dilemmas. What if a user
is blackmailing someone through your service? What if a user
posts suicidal messages through your service? Remember, your
users trust you to protect them.
- In the site introductory note, give clear examples of situations
where you will take action and what these actions will be (e.g.
warn the user, limit anonymity to email or posting only, revoke
the account, 'out' the user, contact local administrator, etc.)
- Describe exactly the limitations of the software and hardware.
Address the bandwidth limitations of your site. Report candidly
and thoroughly all bugs that have occurred. Work closely with
users to isolate and fix bugs. Address all bugs noted below under
``(in)stability of anonymity''.
- Document the stability of the site---how long has it been running?
What compromises have occured? Why are you running it? What is
your commitment to it?
- Include a disclaimer in outgoing mail and messages. Include an
address for complaints, ideally appended to every outgoing item.
Consult a lawyer about your liability.
- Be committed to the long-term stability of the site. Be prepared
to deal with complaints and `hate mail' addressed to you. If you
do not own the hardware the system runs on or are not the system
adminstrator, consult those who do and are.
- Be considerate of providing anonymity to various groups. If
possible, query group readers.
- Keep a uniformity and simplicity of style in outgoing message
format that can be screened effectively by kill files. Ensure
the key text `Anon' is somewhere in every header.
- Take precautions to ensure the security of the server from
physical and network-based attacks and infiltrations.
Readers
-------
- Do not complain, attack, or discredit a poster for the sole
reason that he is posting anonymously, make blanket condemnations
that equate anonymity with cowardice, or assail anonymous traffic
in general for mostly neutral reasons (e.g. its volume is heavy
or increasing).
- React to the anonymous information unemotionally. Abusive posters
will be encouraged further if they get irrationally irate
responses. Sometimes the most effective response is silence.
- Notify operators if very severe abuses occur, such as piracy,
harassment, extortion, etc.
- Do not complain about postings being inappropriate because they
offend you personally.
- Use kill files to screen anonymous postings if you object to the
idea of anonymity itself.
- Avoid the temptation to proclaim that all anonymous postings
should be barred from particular groups because no `possible' or
`conceivable' need exists.
References
----------
See e.g. ftp.eff.org:/pub/academic/anonymity:
> This article is an excerpt from an issue of FIDONEWS on individual
> privacy and the use of handles. It accepts the need of a system
> operator to know the name of a user; but suggests that the use of
> a handle is analogous to a request to withhold the name in a
> letter to the editor. The article concludes with a set of
> guidelines for preserving the right to be anonymous.
_____
<3.8> Why is anonymity (un)stable on the internet?
As noted, many factors compromise the anonymity currently available
to the general internet community, and these services should be
used with great caution. To summarize, the technology is in its
infancy and current approaches are unrefined, unreliable, and not
completely trustworthy. No standards have been established and
troubling situations of loss of anonymity and bugs in the software
are prevalent. Here are some encountered and potential bugs:
- One anonymous remailer reallocated already allocated anonymous
return addresses.
- Others passed signature information embedded in messages
unaltered.
- Address resolution problems resulting in anonymized mail bounced
to a remailer are common.
- Forgeries to the anonymous server itself are a problem, possibly
allowing unauthorized users to potentially glean anon ID - email
address mappings in the alias file. This can be remedied with
the use of passwords.
- Infinite mail loops are possible with chaining remailers.
Source code is being distributed, tested, and refined for these
systems, but standards are progressing slowly and weakly. The
field is not likely to improve considerably without official
endorsement and action by network agencies. The whole idea is
essentially still in its infancy and viewed with suspicion and
distrust by many on the internet, seen as illegitimate or favorable
to criminality. The major objection to anonymity over regular
internet use is the perceived lack of accountability to system
operators, i.e. invulnerability to account restrictions resulting
from outside complaints. System adminstrators at some sites have
threatened to filter anonymous news postings generated by the
prominent servers from their redistribution flows. This may only
have the effect of encouraging server operators to create less
characteristically detectable headers. Probably the least
problematic approach, and the most traditional to Usenet, is for
individual users to deal with anonymous mail however they prefer,
e.g. ignoring it or filtering it with kill files.
_____
<3.9> What is the future of anonymity on the internet?
New anonymous protocols effectively serve to significantly increase
safeguards of anonymity. For example, the same mechanism that
routes email over multiple hosts, thereby threatening its privacy,
can also be used to guarantee it. In a scheme called `chaining' an
anonymous message is passed through multiple anonymous servers
before reaching a destination. In this way generally multiple
links of the chain have to be `broken' for security to be
compromised. Re-encryption at each link makes this scenario even
more unlikely. Even more significantly the anonymous remailers
could be spread over the internet globally so that local weaknesses
(such as corrupt governments or legal wiretapping within a nation)
would be more unlikely to sacrifice overall security by message
tracing. However, remailers run by corrupt operators are possible.
The future of anonymous services on the internet is, at this time,
highly uncertain and fraught with peril. While specific groups seem
to benefit significantly from anonymous posting capabilities, many
feel that unlimited newsgroup scope for anonymous posting is a
disruptive and dangerous idea and detracts from discussions in
`serious' groups. The introduction of unlimited group anonymity
may have fundamental repercussions on Usenet conventions and
distribution mechanisms such as moderated and `alt' groups have had
in the past. For example, as part of new group creation, the
charter may specify whether `anonymous' posting is (un)welcome.
Nevertheless, the widespread introduction and use of anonymity may
be inevitable. Based on traffic statistics, anonymous services are
in huge demand. Pervasive and readily available anonymity could
carry significant and unforeseen social consequences. However, if
its use is continued to be generally regarded as subversive it may
be confined to the underground. The ramifications widespread
introduction of anonymity to Usenet are still largely unknown. It
is unclear whether it will provoke signficant amounts of new
traffic or, instead of expansion, cause a shift where a greater
portion of existing traffic anonymized. Conceivably the services
could play a role in influencing future mainstream social
acceptance of Usenet.
* * *
This is Part 1 of the Privacy & Anonymity FAQ, obtained via anonymous
FTP to pit-manager@mit.edu:/pub/usenet/news.answers/net-privacy/ or
newsgroups news.answers, sci.answers, alt.answers every 21 days.
Written by L. Detweiler .
All rights reserved.
Path: senator-bedfellow.mit.edu!senator-bedfellow.mit.edu!usenet
From: ld231782@longs.lance.colostate.edu (L. Detweiler)
Newsgroups: sci.crypt,alt.privacy,alt.answers,sci.answers,news.answers
Subject: Privacy & Anonymity on the Internet FAQ
Followup-To: poster
Date: 16 Feb 1993 06:03:31 GMT
Organization: TMP Enterprises
Lines: 1538
Approved: news-answers-request@MIT.Edu
Expires: 23 Mar 1993 06:02:09 GMT
Message-ID:
References:
Reply-To: ld231782@longs.lance.colostate.edu
NNTP-Posting-Host: pit-manager.mit.edu
Summary: Email and account privacy, anonymous mailing and posting,
file encryption, academic computer policies, relevant legislation
and references, EFF, and other privacy and rights issues associated
with use of the Internet and global networks in general.
X-Last-Updated: 1993/02/16
Xref: senator-bedfellow.mit.edu sci.crypt:13748 alt.privacy:5904
alt.answers:29 sci.answers:34 news.answers:6018
Archive-name: net-privacy/part2
Last-modified: 1993/2/15
Version: 2.0
IDENTITY, PRIVACY, and ANONYMITY on the INTERNET
================================================
(c) 1993 L. Detweiler. Not for commercial use except by permission
from author, otherwise may be freely copied. Not to be altered.
Please credit if quoted.
SUMMARY
=======
Email and account privacy, file encryption, academic computer
policies, relevant legislation and references, EFF, and other privacy
and rights issues associated with use of the Internet and global
networks in general.
(Search for <#.#> for exact section. Search for '_' (underline) for
next section.)
PART 2
====== (this file)
Resources
---------
<4.1> What UNIX programs are related to privacy?
<4.2> What are some known remailing and posting sites?
<4.3> How can I learn about or use cryptography?
<4.4> What is the cypherpunks mailing list?
<4.5> What are some privacy-related newsgroups? FAQs?
<4.6> What is internet Privacy Enhanced Mail (PEM)?
<4.7> What are other Request For Comments (RFCs) related to privacy?
<4.8> How can I run an anonymous remailer?
<4.9> What are references on privacy in email?
<4.10> What are some email, Usenet, and internet use policies?
<4.11> What is the MIT ``CROSSLINK'' anonymous message TV program?
Miscellaneous
-------------
<5.1> What is ``digital cash''?
<5.2> What is a ``hacker'' or ``cracker''?
<5.3> What is a ``cypherpunk''?
<5.4> What is an anonymous pool?
<5.5> What is `security through obscurity'?
<5.6> What are `identity daemons'?
<5.7> What is the history behind anonymous posting servers?
<5.8> What standards are needed to guard electronic privacy?
Issues
------
<6.1> What is the Electronic Frontier Foundation (EFF)?
<6.2> What is `operation Sun Devil' and the Steve Jackson Game case?
<6.3> What is Integrated Services Digital Network (ISDN)?
<6.4> What is the National Research and Education Network (NREN)?
<6.5> What is the FBI's proposed Digital Telephony Act?
<6.6> What other U.S. legislation is related to privacy on networks?
<6.7> What are references on rights in cyberspace?
<6.8> What is the Computers and Academic Freedom (CAF) archive?
<6.9> What is the background behind the Internet?
<6.10> How is Internet `anarchy' like the English language?
Footnotes
---------
<7.1> Most Wanted list
<7.2> Change history
* * *
RESOURCES
=========
_____
<4.1> What UNIX programs are related to privacy?
For more information, type `man [cmd]' or `apropos [keyword]' at the
UNIX shell prompt.
finger - obtain information about a remote user
chfn - change information about yourself obtainable by remote
users
chmod - change the rights associated with a file or directory
umask - (shell) change the default (on creation) file access
rights
ls - list the rights associated with files and directories
xhost - allow or disable access control of particular users to an
Xwindow server
last - list the latest user logins on the system and their
originations
who - list other users, login/idle times, originations
w - list other users and what they are running
xhost - access control list for X Window client use
xauth - control X Window server authentication
.signature - file in the home directory appended to USENET posts
.forward - file used to forward email to other accounts
.Xauthority - file used for X Window server authentication keys
$SIGNATURE - variable used for name in email and USENET postings
_____
<4.2> What are some known anonymous remailing and posting sites?
anon.penet.fi
-------------
Anonymized mail, posting, and return addresses (no encryption).
Send mail to help@penet.fi for information.
ebrandt@jarthur.claremont.edu
-----------------------------
Anonymized mail. Request information from above address.
elee7h5@rosebud.ee.uh.edu
-------------------------
Experimental anonymous remailer run Karl Barrus
, with encryption to server. Send to the
site name a message with the following text:
::
command: help
user@host
where `user@host' is the return address.
hal@alumni.caltech.edu
----------------------
Experimental remailer with encryption to server and return
addresses. Request information from above address.
hh@soda.berkeley.edu
hh@cicada.berkeley.edu
hh@pmantis.berkeley.edu
----------------------
Experimental remailer. Include header `Request-Remailing-To'.
nowhere@bsu-cs.bsu.edu
----------------------
Experimental remailer allowing one level of chaining. Run by
Chael Hall. Request information from above address.
phantom@mead.u.washington.edu
-----------------------------
Experimental remailer with encryption to server. `finger' site
address for information.
Notes:
- Currently the most stable of anonymous remailing and posting
sites is probably anon.penet.fi operated by julf@penet.fi for
several months, who has system adminstrator privileges and owns
the equipment.
- So far, all encryption is based on public-key cryptography and PGP
software (see the question on cryptography).
- Encryption aspects (message text, destination address, replies)
vary between sites.
- Multiple chaining, alias unlinking, and address encryption are
mostly unsupported at this time.
_____
<4.3> How can I learn about or use cryptography?
A general introduction to mostly theoretical cryptographic issues,
especially those frequently discussed in sci.crypt, is available
in FAQ form:
> Compiled by:
> cme@ellisun.sw.stratus.com (Carl Ellison)
> Gwyn@BRL.MIL (Doug Gwyn)
> smb@ulysses.att.com (Steven Bellovin)
NIST (U.S. National Institute for Standards and Technology)
publishes an introductory paper on cryptography, special
publication 800-2 ``Public-Key Cryptograhy'' by James Nechvatal
(April 1991). Available via anonymous FTP from
csrc.ncsl.nist.gov (129.6.54.11), file pub/nistpubs/800-2.txt.
Also via available anonymous FTP from wimsey.bc.ca as crypt.txt.Z
in the crypto directory. Covers technical mathematical aspects
of encryption such as number theory.
More general information can be found in a FAQ by Paul Fahn of RSA
Labortories via anonymous FTP from rsa.com in /pub/faq.ps.Z. See
the `readme' file for information on the `tex' version. Also
available as hardcopy for $20 from RSA Laboratories, 100 Marine
Parkway, Redwood City, CA 94065. Send questions to
faq-editor@rsa.com.
Phil Zimmerman's PGP (Pretty Good Privacy) public-domain package
for public key encryption is available at numerous sites, and is
in widespread use over the internet for general UNIX-based file
encryption (including email). Consult the archie FTP database.
Also see the newsgroup alt.security.pgp. Mailing list requests
to info-pgp-request@lucpul.it.luc.edu.
From the RIPEM FAQ by Marc VanHeyningen
on news.answers:
> RIPEM is a program which performs Privacy Enhanced Mail (PEM)
> using the cryptographic techniques of RSA and DES. It allows
> your electronic mail to have the properties of authentication
> (i.e. who sent it can be confirmed) and privacy (i.e. nobody can
> read it except the intended recipient.)
>
> RIPEM was written primarily by Mark Riordan
> . Most of the code is in the public domain,
> except for the RSA routines, which are a library called RSAREF
> licensed from RSA Data Security Inc.
>
> RIPEM is available via anonymous FTP to citizens and permanent
> residents in the U.S. from rsa.com; cd to rsaref/ and read the
> README file for info.
>
> RIPEM, as well as some other crypt stuff, has its `home site' on
> rpub.cl.msu.edu, which is open to non-anonymous FTP for users in
> the U.S. and Canada who are citizens or permanent residents. To
> find out how to obtain access, ftp there, cd to pub/crypt/, and
> read the file GETTING_ACCESS.
Note: cryptography is generally not well integrated into email yet
and some system proficiency is required by users to utilize it.
_____
<4.4> What is the cypherpunks mailing list?
Eric Hughes runs the `cypherpunk' mailing list
dedicated to ``discussion about technological defenses for privacy
in the digital domain.'' Send email to
cypherpunks-request@toad.com to be added or subtracted from the
list. From the charter:
> The most important means to the defense of privacy is encryption.
> To encrypt is to indicate the desire for privacy. But to encrypt
> with weak cryptography is to indicate not too much desire for
> privacy. Cypherpunks hope that all people desiring privacy will
> learn how best to defend it.
_____
<4.5> What are some privacy-related newsgroups? FAQs?
Newsgroups
==========
alt.comp.acad-freedom.news
alt.comp.acad-freedom.talk
--------------------------
Moderated and unmoderated issues related to academic freedom and
privacy at universities. Documented examples of violated
privacy in e.g. email. Documented examples of `censorship' as
in e.g. limiting USENET groups local availability.
alt.cyberpunks
--------------
Virtual reality, (science) fiction by William Gibson and Bruce
Sterling, cyberpunk in the mainstream.
alt.hackers
-----------
USENET Network News Transfer Protocol (NNTP) posting mechanisms,
Simple Mail Transfer Protocol (SMTP), `obligatory hack' reports.
alt.privacy
-----------
General privacy issues involving taxpaying, licensing, social
security numbers, etc.
alt.security
comp.security.misc
------------------
Computer related security issues. FAQ in news.answers below.
alt.security.pgp
----------------
Dedicated to discussing PGP, or ``Pretty Good Privacy'' Software
developed by Phil Zimmerman for public key encryption.
comp.society.privacy
--------------------
Privacy issues associated with computer technologies. Examples:
caller identification, social security numbers, credit
applications, mailing lists, etc. Moderated.
comp.eff.news
comp.eff.talk
-------------
Moderated and unmoderated groups associated with the Electronic
Frontier Foundation started by Mitch Kapor for protecting civil
and constitutional rights in the electronic realm.
news.admin
news.admin.policy
-----------------
Concerns of news administrators. NNTP standards and mechanisms.
news.lists
----------
USENET traffic distributions. Most frequent posters, most
voluminous groups, most active sites, etc.
sci.crypt
---------
Considers scientific and social issues of cryptography.
Examples: legitimate use of PGP, public-key patents, DES,
cryptographic security, cypher breaking, etc.
FAQs
====
FAQs or ``Frequently-Asked Questions'' are available in the
newsgroups *.answers or via anonymous FTP to
pit-manager.mit.edu [18.172.1.27] (also rtfm.mit.edu)
from the directory
/pub/usenet/news.answers/[x] where [x] is the archive name.
This FAQ is archived in the file `net-privacy'.
Others are:
network-info/part1
------------------
Sources of information about the Internet and how to connect to
it, through the NSF or commercial vendors.
alt-security-faq
----------------
Computer related security issues arising in alt.security and
comp.security.misc, mostly UNIX related.
ssn-privacy
-----------
Privacy issues associated with the use of the U.S. Social
Security number (SSN).
pdial
-----
Public dialup internet accounts list.
college-email/part1
-------------------
How to find email addresses for undergraduate and graduate
students, faculty and staff at various colleges and
universities.
ripem/faq
---------
Information on RIPEM, a program for public key mail encryption
officially sanctioned by Public Key Partners Inc., the company
that owns patents on public key cryptography.
unix-faq/faq/part1
------------------
Frequently-asked questions about UNIX, including information on
`finger' and terminal spying.
distributions/*
---------------
Known geographic, university, and network distributions.
_____
<4.6> What is internet Privacy Enhanced Mail (PEM)?
Internet drafts on Privacy Enhanced Mail (PEM) describe a standard
under revision for six years delineating the official protocols for
email encryption. The standard has only recently stabilized and
implementations are being developed.
- RFC-1421: ``Privacy Enhancement for Internet Electronic Mail:
Part I: Message Encryption and Authentication Procedures.'' J.
Linn <104-8456@mcimail.com>
- RFC-1422: ``Privacy Enhancement for Internet Electronic Mail: Part
II: Certificate-Based Key Management'' S. Kent
- RFC-1424: ``Privacy Enhancement for Internet Electronic Mail:
Part IV: Key Certification and Related Services'' B. Kaliski
- RFC-1423: ``Privacy Enhancement for Internet Electronic Mail: Part
III: Algorithms, Modes, and Identifiers'' D. Balenson
Send email to pem-info@tis.com for more information. See ``RFCs
related to privacy'' for information on how to obtain RFCs.
_____
<4.7> What are other Requests For Comments (RFCs) related to privacy?
RFC-822: SMTP, Simple Mail Transfer Protocol
RFC-977: NNTP, Network News Transfer Protocol
RFC-1036: Standard for interchange of network news messages
RFC-1208: Glossary of Networking Terms
RFC-1207: FYI: Answers to commonly asked ``experienced Internet
user'' questions
RFC-1206: FYI: Answers to commonly asked ``new Internet user''
questions
RFC-1355: Privacy and Accuracy issues in Network Information center
databases
RFC-1177
--------
FYI: Answers to commonly asked ``new internet user'' questions.
Basic terminology on the Internet (TCP/IP, SMTP, FTP). Internet
organizations such as IAB (Internet Activities Board) and IETF
(Internet Enbgineering Task Force). Glossary of terms. Also
ftp.eff.org:/pub/internet-info/internet.q
From RFC-1177:
> RFCs can be obtained via FTP from NIC.DDN.MIL, with the pathname
> RFC:RFCnnnn.TXT or RFC:RFCnnnn.PS (where `nnnn' refers to the
> number of the RFC). Login with FTP, username `anonymous' and
> password `guest'. The NIC also provides an automatic mail
> service for those sites which cannot use FTP. Address the
> request to SERVICE@NIC.DDN.MIL and in the subject field of the
> message indicate the RFC number, as in `Subject: RFC nnnn' (or
> `Subject: RFC nnnn.PS' for PostScript RFCs).
>
> RFCs can also be obtained via FTP from NIS.NSF.NET. Using FTP,
> login with username `anonymous' and password `guest'; then
> connect to the RFC directory (`cd RFC'). The file name is of the
> form RFCnnnn.TXT-1 (where `nnnn' refers to the number of the
> RFC). The NIS also provides an automatic mail service for those
> sites which cannot use FTP. Address the request to
> NIS-INFO@NIS.NSF.NET and leave the subject field of the message
> blank. The first line of the text of the message must be `SEND
> RFCnnnn.TXT-1', where nnnn is replaced by the RFC number.
_____
<4.8> How can I run an anonymous remailer?
Cypherpunk remailer source is at soda.berkeley.edu in the
/pub/cypherpunks directory. It's written in PERL, and is
relatively easy to install (no administrative rights are required).
Karl Barrus has more information and
modifications. Also, most remailer operators mentioned above are
amenable to discussing features, problems, and helping new sites
become operational. Address all points in the section
``responsibities of anonymous use'' in this document prior to
advertising your service.
_____
<4.9> What are references on privacy in email?
Brown, Bob. ``EMA Urges Users to Adopt Policy on E-mail Privacy.''
Network World (Oct 29, 1990), 7.44: 2.
Bairstow, Jeffrey. ``Who Reads your Electronic Mail?'' Electronic
Business (June 11, 1990) 16 (11): 92.
ftp.eff.org
===========
/pub/eff/papers/email_privacy
---
Article on the rights of email privacy. by Ruel T. Hernandez.
/pub/academic/law/privacy.email
---
``Computer Electronic Mail and Privacy'', an edited version of a
law school seminar paper by Ruel T. Hernadez.
/pub/eff/papers/email-privacy-biblio-2
---
Compilation of bibliography on E-Mail and its privacy issues (part
2 of the work). Compiled by Stacy B. Veeder (12/91).
/pub/eff/papers/email-privacy-research
---
The author at Digital Research tried to formalize their employee
privacy policy on E-Mail. The casesightings are divided into two
groups: US Constitutional law, and California law.
/pub/eff/papers/company-email
---
Formulating a Company Policy on Access to and Disclosure of
Electronic Mail on Company Computer Systems by David R. Johnson
and John Podesta for the Electronic Mail Assocation
/pub/cud/alcor
---
Information on Alcor Co., an e-mail privacy suit.
/pub/academic/law/privacy.email
---
Email privacy search at Berkeley.
______
<4.10> What are some email, Usenet, and internet use policies?
The Computer Policy and Critiques Archive is a collection of the
computer policies of many schools and networks, run by the
Computers and Academic Freedom group on the Electronic Frontier
Foundation FTP site. The collection also includes critiques of some
of the policies.
> If you have gopher, the archive is browsable with the command:
> gopher -p academic/policies gopher.eff.org
>
> The archive is also accessible via anonymous ftp and email. Ftp
> to ftp.eff.org (192.88.144.4). It is in directory
> `pub/academic/policies'. For email access, send email to
> archive-server@eff.org. Include the line:
>
> send acad-freedom/policies
>
> where is a list of the files that you want. File
> README is a detailed description of the items in the directory.
>
> For more information, to make contributions, or to report typos
> contact J.S. Greenfield (greeny@eff.org). Directory `widener'
> contains additional policies (but not critiques).
ftp.eff.org
===========
/pub/cud/networks
---
Acceptable Use Policies for various networks, including CompuServe
(file `compuserve'), NSFNET (file `nsfnet') with information on
research and commercial uses. See /pub/cud/networks/index.
/pub/cud/networks/email
---
Policies from various sysadmins about how they handle the issue of
email privacy, control, and abuse, compiled by T. Hooper
.
/pub/cud/schools/
---
Computer use policies of a number of schools. See schools/Index
for a full list and description.
Commentary
==========
/pub/academic/faq/policy.best
---
Opinions on the best academic computer policies.
/pub/academic/faq/email.policies
---
Do any universities treat email and computer files as private?
/pub/academic/faq/netnews.writing
---
Policies on what users write on Usenet.
/pub/academic/faq/netnews.reading
---
Policies on what users read on Usenet: should my university remove
(or restrict) Netnews newsgroups because some people find them
offensive?
/pub/academic/faq/policy
---
What guidance is there for creating or evaluating a university's
academic computer policy?
______
<4.11> What is the MIT ``CROSSLINK'' anonymous message TV program?
> CROSSLINK is an anonymous message system run on MIT Student
> Cable TV-36. It provides an anonymous medium through which MIT
> students can say those things they might otherwise find
> difficult, inconvenient or impossible to say in person. It's
> also a way to send fun or totally random messages to your
> friends over the air. It is similar to the anonymous message
> pages found in many college newspapers, except that it's
> electronic in nature and it's free.
Messages can be posted to the service via email. For more
information send email to crosslink@athena.mit.edu.
MISCELLANEOUS
=============
_____
<5.1> What is ``digital cash''?
With digital encryption and authentication technologies, the
possibility of a widespread digital cash system may someday be
realized. A system utilizing codes sent between users and banks
(similar to today's checking system except entirely digital) may
be one approach. The issues of cryptography, privacy, and
anonymity are closely associated with transfer of cash in an
economy. See the article in Scientific American by David Chaum
(~Dec.1992).
An experimental digital bank is run by Karl Barrus
based on suggestions by Hal Finney on the
cypherpunks mailing list. To use the server send mail to
elee7h5@rosebud.ee.uh.edu message with the following text:
::
command: help
user@host
where `user@host' is your email address.
_____
<5.2> What is a ``hacker'' or ``cracker''?
These terms arouse strong feelings by many on their meaning,
especially on the internet. In the general news media in the past
a person who uses computers and networks to malicious ends (such as
breaking into systems) has been referred to as a hacker, but most
internet users prefer the term ``cracker'' for this. Instead, a
``hacker'' is perceived as a benign but intensely ambitious,
curious, and driven computer user who explores obscure areas of a
system, for example---something of a proud electronic pioneer and
patriot. This is the sense intended in this document. See also
the ``Hacker's Dictionary'' and the FAQ `alt-security-faq'.
_____
<5.3> What is a ``cypherpunk''?
From the charter of the cypherpunk mailing list:
> Cypherpunks assume privacy is a good thing and wish there were
> more of it. Cypherpunks acknowledge that those who want privacy
> must create it for themselves and not expect governments,
> corporations, or other large, faceless organizations to grant
> them privacy out of beneficence. Cypherpunks know that people
> have been creating their own privacy for centuries with whispers,
> envelopes, closed doors, and couriers. Cypherpunks do not seek
> to prevent other people from speaking about their experiences or
> their opinions.
See information on the cypherpunk mailing list below.
See also the CryptoAnarchist Manifesto and the Cryptography Glossary
in soda.berkeley.edu:/pub/cypherpunks.
_____
<5.4> What is an anonymous pool?
Closely associated with encryption is `steganography' or the
techniques for not only pursuing private (encrypted) communication
but concealing the very existence of the communication itself.
Many new possibilities in this area are introduced with the
proliferation of computer technology. For example, it is possible
to encode messages in the least-significant bits of images,
typically the most 'noisy'. In addition, when such an item is
posted in a public place (such as a newsgroup), virtually
untraceable communication can take place between sender and
receiver. For steganographic communications in the electronic
realm one another possibility is setting up a mailing list where
individual messages get broadcast to the entire list and individual
users decode particular messages with their unique key. An
anonymous pool has been set up by Miron Cuperman
(miron@extropia.wimsey.com) for experiments. Send email to
with one of the following
commands in the subject line:
subscribe
unsubscribe
help
_____
<5.5> What is `security through obscurity'?
`Security through obscurity' refers to the attempt to gain
protection from system weaknesses by hiding sensitive information
or programs relating to them. For example, a company may not make
public information on its software's encryption techniques to evade
`attacks' based on knowledge of it. Another example would be
concealing data on the existence of security holes or bugs in
operating systems. Or, some reliance may be made on the fact that
some standard or mechanism with potential problems is serious
because they are ``not widely known'' or ``not widely used.''
`Security through obscurity' is regarded as a very feeble
technique at best and inappropriate and ineffective at worst (also
called the ``head-in-the-sand approach''). See the FAQ for
alt.security.
_____
<5.6> What are `identity daemons'?
RFC-931 describes a protocol standard that allows UNIX programs to
query a remote user's login name after connection to a local
communication socket (a connection of this type is established
during FTP and TELNET sessions, for example). The standard is not
widely supported, perhaps 10% of internet sites currently implement
it but the number is increasing. The mechanism is detrimental to
anonymity. Regular users cannot disable it but system
adminstrators can circumvent it. This standard may represent a
trend toward greater authentication mechanisms.
_____
<5.7> What is the history behind anonymous posting servers?
Originally anonymous posting services were introduced for
individual, particularly volatile newsgroups, where anonymity is
almost the preferred method of communication, such as talk.abortion
and alt.sex.bondage. One of the first was one by Dave Mack
started in ~1988 for alt.sex.bondage. Another early one was
wizvax.methuen.ma.us run by Stephanie Gilgut (Gilgut Enterprises)
but was disbanded due to lack of funds. The system provided
anonymous return addresses. n7kbt.rain.com (John Opalko) took up
the functions of this server, including reinstating the anonymous
alias file. The group ``alt.personals has been chewing through
servers like there's no tomorrow.''
Spurred by the disappearance of `wizvax' and interested in
researching the idea, Karl Kleinpaste
developed his own system
from scratch in six hours. By this time the idea of extending the
server to new, more `mainstream' groups was starting to emerge,
and he explored the possibility partly at the specific request by
multiple users for anonymity in other groups. ``The intended
advantage of my system was specifically to allow multiple group
support, with a single anon identifier across all. This was
arguably the single biggest deficiency of previous anon systems.''
K. Kleinpaste posted a message on rec.nude asking users whether an
anonymous service would be welcome there, and judged a consensus
against it.
K. Kleinpaste introduced what he calls a ``fire extinguisher'' to
`squelch' or `plonk' abusive users in response to complaints, and
used this in three cases. Nevertheless, after a few months of
intense traffic he was eventually overwhelmed by the abuses of his
server. ``Even as restricted as it was, my system was subjected to
abuses to the point where it was ordered dismantled by the
facilities staff here. Such abuses started right after it was
created.''
In ~Nov 1992, Johan Helsingius (julf@penet.FI) set up the most
controversial anonymous site to date. anon.penet.fi is based on
scripts written by K. Kleinpaste and supports anonymized mail,
posting, and return addresses. His policy of allowing anonymous
posting to every Usenet newsgroup has been met with strong and
serious ideological opposition (e.g. by news adminstrators in
news.admin.policy). Because of the relative newness and recent
emergence of the medium, abuses by anonymous posters currently
seem to have higher visibility than ``routine'' abuses.
For example, in a recent highly controversial and publicized case,
an anonymous user posted a supposed transcript of desperate crew
dialogue during the Challenger shuttle disaster via anon.penet.fi
to sci.astro. Despite that the transcript had been posted in the
same place up to a year earlier (then non-anonymously) and actually
originated not with the poster but a New York news tabloid,
subsequent responses consisted largely of vociferous outrage at the
poster's use of anonymity. The original poster, using the same
anonymous handle, later conceded that the story ``seemed likely to
have been fabricated,'' suggesting the plausible possibility that
the original intent was not to provoke outrage but gauge reactions
on the authenticity of the story (albeit crudely), free of personal
risk from perceived association with the item. The ensuing
commotion generated queries for the original article by
late-entering readers. The anonymous user later posted deliberately
offensive comments at his detractors.
Despite voluminous complaints, and even the vocal opposition of K.
Kleinpaste and eminent news operators, J. Helsingius has avoided
use of the ``fire extingisher'' and the ``group bouncer''
mechanisms that limit the scope of the service. The anon.penet.fi
site has registered over 10,000 users in its initial three months
of operation.
A very sophisticated anonymous posting system was recently set up
(Dec. 1992) by D. Clunie that used
cryptography in both directions (to/from) the server for the
highest degree of confidentiality seen so far. However, it was
running on a public access account, and he had to shut it down
after only several weeks, upon receiving requests and conditions
apparently ultimately originating from NSF representatives. D.
Clunie has released the software to the public domain.
See also the appendix on ``views on anonymous posting.''
(Thanks to Carl Kleinpaste
, David Clunie
and Johan Helsingius for
contributions here.)
_____
<5.8> What new standards are needed to guard electronic privacy?
Remailing/Posting
-----------------
- Stable, secure, protected, officially sanctioned and permitted,
publicly and privately operated anonymous servers and hubs.
- Official standards for encryption and anonymity in mail and USENET
postings.
- Truly anonymous protocols with source and destination information
obscured or absent and hidden routing mechanisms (chaining,
encrypted addresses, etc.)
- Standards for anonymous email addressing, embedding files, and
remailer site chaining.
General
-------
- Recognition of anonymity, cryptography, and related privacy
shields as legitimate, useful, desirable, and crucial by the
general public and their governments.
- Widespread use and implementation of these technologies
by systems designers into
hardware, software, and standards, implemented `securely,'
`seamlessly,' and `transparently'.
- General shift of use, dependence, and reliance to means other than
wiretapping and electronic surveillance by law enforcement
agencies.
- Publicity, retraction, and dissolution of laws and government
agencies opposed to privacy, replaced by structures dedicated to
strengthening and protecting it.
ISSUES
======
_____
<6.1> What is the Electronic Frontier Foundation (EFF)?
From ftp.eff.org:/pub/EFF/mission_statement:
> A new world is arising in the vast web of digital, electronic
> media which connect us. Computer-based communication media like
> electronic mail and computer conferencing are becoming the basis
> of new forms of community. These communities without a single,
> fixed geographical location comprise the first settlements on an
> electronic frontier.
>
> While well-established legal principles and cultural norms give
> structure and coherence to uses of conventional media like
> newspapers, books, and telephones, the new digital media do not
> so easily fit into existing frameworks. Conflicts come about as
> the law struggles to define its application in a context where
> fundamental notions of speech, property, and place take
> profoundly new forms. People sense both the promise and the
> threat inherent in new computer and communications technologies,
> even as they struggle to master or simply cope with them in the
> workplace and the home.
>
> The Electronic Frontier Foundation has been established to help
> civilize the electronic frontier; to make it truly useful and
> beneficial not just to a technical elite, but to everyone; and to
> do this in a way which is in keeping with our society's highest
> traditions of the free and open flow of information and
> communication.
EFF was started by the multimillionaire Mitchell Kapor, founder of
Lotus software, and John Barlow, lyricist for the Grateful Dead
rock band. A highly publicized endeavor of the organization
involved the legal defense of Steve Jackson Games after an FBI
raid and an accompanying civil suit (see section on ``Steve
Jackson Games''). The foundation publishes EFF News (EFFector
Online) electronically, send requests to effnews-request@eff.org.
In a letter to Mitchell Kapor from the Chairman of the Subcommittee
with primary jurisdiction over telecommunications policy dated
November 5, 1991, Representative Edward J. Markey complemented
Mitchell Kapor on his ``insights on the development of a national
public information infrastructure'' which ``were appreciated greatly
by myself and the Members of the Subcommittee'' (complete text in
ftp.eff.com:/pub/pub-infra/1991-12):
> ...we need to pursue policies that encourage the Bell companies to
> work with other sectors of the communications industry to create
> a consumer-oriented, public information network. Please let me or
> my staff know what policies you and others in the computer
> industry believe would best serve the public interest in creating
> a reasonably priced, widely available network in which
> competition is open and innovation rewarded. I also want to
> learn what lessons from the computer industry over the past ten
> to fifteen years should apply to the current debate on
> structuring the information and communications networks of the
> future....I ask your help in gaining input from the computer
> industry so that the Subcommittee can shape policies that will
> bring this spirit of innovation and entrepreneurship to the
> information services industry.
ftp.eff.org
===========
/pub/eff/about-eff
---
A file of basic information about EFF including goals, mission,
achievements, and current projects. Contains a membership form.
/pub/eff/mission-statement
---
EFF mission statement.
/pub/eff/historical/founding-announcement
---
EFF founding press release.
/pub/eff/historical/eff-history
---
John Perry Barlow's ``Not Terribly Brief History of the EFF'' (July
10, 1990). How EFF was conceived and founded, major legal cases,
and the organizational directions.
/pub/eff/historical/legal-case-summary
---
EFF legal case summary.
_____
<6.2> What is `operation Sundevil' and the Steve Jackson Game case?
In the early 1990's a fear spread among U.S. law enforcement agencies
on the illicit activities of `hackers' and `phreakers' involved in
such activities as credit card fraud and long-distance call thievery.
(see ftp.eff.org:/pub/SJG/General_Information/EFFector1.04):
> `Operation Sundevil,' the Phoenix-inspired crackdown of May
> 8,1990, concentrated on telephone code-fraud and credit-card
> abuse, and followed this seizure plan with some success.
> [Bulletin Board Systems] went down all over America, terrifying
> the underground and swiftly depriving them of at least some of
> their criminal instruments. It also saddled analysts with some
> 24,000 floppy disks, and confronted harried Justice Department
> prosecutors with the daunting challenge of a gigantic nationwide
> hacker show-trial involving highly technical issues in dozens of
> jurisdictions.
These `show-trials' have never materialized. The movement reached
a crescendo in Texas with the highly publicized case of illegal
search and seizure involving the Steve Jackson Games company of
Austin Texas on March 1, 1990. From the column GURPS' LABOUR LOST
by Bruce Sterling in Fantasy and Science
Fiction Magazine:
> In an early morning raid with an unlawful and unconstitutional
> warrant, agents of the Secret Service conducted a search of the
> SJG office. When they left they took a manuscript being prepared
> for publication, private electronic mail, and several computers,
> including the hardware and software of the SJG Computer Bulletin
> Board System. Yet Jackson and his business were not only
> innocent of any crime, but never suspects in the first place.
> The raid had been staged on the unfounded suspicion that
> somewhere in Jackson's office there `might be' a document
> compromising the security of the 911 telephone system.
FBI agents involved in the seizure were named in a civil suit filed
on behalf of Steve Jackson Games by The Electronic Frontier
Foundation. See information on EFF below.
ftp.eff.org
===========
/pub/cud/papers/sundevil
---
A collection of information on Operation SunDevil by the Epic
nonprofit publishing project. Everything you wanted to know but
could never find.
/pub/cud/papers/sj-resp
---
Steve Jackson's response to the charges against him.
_____
<6.3> What is Integrated Services Digital Network (ISDN)?
ISDN is a high-speed data communications standard that utilizes
existing copper telephone lines, and is a possible inexpensive and
intermediate alternative to laying fiber optic cable for phone
networks. The speeds involved may be sufficient for audio and
video transmission applications. G. V. der Leun in the file
ftp.eff.org: /pub/pub-infra/1991-11:
> Telecommunications in the United States is at a crossroads. With
> the Regional Bell Operating Companies now free to provide
> content, the shape of the information networking is about to be
> irrevocably altered. But will that network be the open,
> accessible, affordable network that the American public needs?
> You can help decide this question.
>
> The Electronic Frontier Foundation recently presented a plan to
> Congress calling for the immediate deployment of a national
> network based on existing ISDN technology, accessible to anyone
> with a telephone connection, and priced like local voice service.
> We believe deployment of such a platform will spur the
> development of innovative new information services, and maximize
> freedom, competitiveness, and civil liberties throughout the
> nation.
>
> The EFF is testifying before Congress and the FCC; making
> presentations to public utility commisions from Massachusetts to
> California; and meeting with representatives from telephone
> companies, publishers, consumer advocates, and other stakeholders
> in the telecommunications policy debate.
>
> The EFF believes that participants on the Internet, as pioneers on
> the electronic frontier, need to have their voices heard at this
> critical moment.
To automatically receive a description of the platform and details,
send mail to archive-server@eff.org, with the following line:
send documents open-platform-overview
or send mail to eff@eff.org. See also the Introduction to the EFF
Open Platform Proposal in ftp.eff.org:/pub/pub-infra/1991-02.
References
==========
``Digital Data On Demand.'' MacWorld, 2/82 (page 224).
---
56Kbps vs. ISDN services and products. See comments by J. Powers
in ftp.eff.org:pub/pub-infra/1992-02.
``Telephone Service That Rings of the Future.'' By Joshua Quittner.
Newsday, Tue, Jan 7 1992.
---
Implications of ISDN for the masses, written in popular science
style. John Perry Barlow (cofounder EFF). Regional telephone
companies (Ohio Bell). ISDN as ``Technological Rorschach Test.''
Anecdotes about McDonald's, Barbara Bush teleconferencing. See
complete text in ftp.eff.org:/pub/pub-infra/1992-01.
ftp.eff.org:/pub/pub-infra/
---
Files 1991-11 through 1992-05 containing email from the EFF public
infrastructure group organized by month. Opinions and facts on
the pros and cons of ISDN, Integrated Services Digital Network.
Uses of ISDN (phone video, audio, etc.) Japanese model.
Alternatives to ISDN (HDSL, ADSL, fiber optics). Technical
specifications of ISDN, implementation details, cost issues,
political obstacles, (RBOC, Regional Bell Operating Companies or
`Baby Bells', e.g. NET, New England Telephone). Influencing
development of future networks (e.g. ISDN and NREN, National
Research and Education Network), encouraging competition (cable
TV systems). Press releases and news articles. Letter from Rep.
E. J. Markey to M. Kapor.
_____
<6.4> What is the National Research and Education Network (NREN)?
The Nation Research and Education Network was introduced in
legislation cosponsored by Sen. A. Gore to promote high-speed data
network infrastructure augmenting the internet with up to 50 times
faster transmission rates. The bill passed the House on November
20, 1991, the Senate on November 22, 1991, and was signed by the
President on December 9, 1991.
ftp.eff.org
===========
/pub/EFF/legislation/nren-bill-text
---
The complete text of the House-Senate compromise version of S.
272, the High-Performance Computing Act.
/pub/internet-info/gore.bill
---
102nd congress 1st Session. Text of high performance computing
bill cosponsored by Sen. A. Gore.
/pub/EFF/legislation/gore-infrastructure-bill
---
The text of S.2937, the Information Infrastructure and Technology
Act of 1992 introduced by Senator Gore to expand Federal efforts
to develop technologies for applications of high-performance
computing and high-speed networking, and to provide for a
coordinated Federal program to accelerate development and
deployment of an advanced information infrastructure.
U.S. SAID TO PLAY FAVORITES IN PROMOTING NATIONWIDE COMPUTER NETWORK
By John Markoff, N.Y. Times (~18 Dec 91).
---
President Bush's legislation for natiowide computer data
`superhighway.' IBM-MCI venture as monopoly destructive to fair
competition and innovation? National Science Foundation NSFnet.
complete text in /pub/pub-infra/1991-12.
Commentary
==========
/pub/academic/statements/nren.privacy.cpsr
---
``Proposed Privacy Guidelines for the NREN'' -- Statement of Marc
Rotenberg, Washington Director Computer Professionals for Social
Responsibility (CPSR).
/pub/internet-info/cisler.nren
---
The National Research and Education Network: Two meetings Steve
Cisler, Senior Scientist Apple Computer Library December 17, 1990
Summary of meetings exploring educational issues of NREN by
diverse members of academia and industry.
/pub/internet-info/privatized.nren
---
Feb. 14 1991 essay by M. Kapor advocating advantages of a private
National Public Network, and specific recommendations for open
NREN policies encouraging competition.
/pub/eff/papers/netproposition
---
An FYI about the proposed NREN setup.
_____
<6.5> What is the FBI's proposed Digital Telephony Act?
``Providers of electronic communication services and private branch
exchange operators shall provide within the United States
capability and capacity for the government to intercept wire and
electronic communications when authorized by law...''
ftp.eff.org
===========
/pub/eff/legislation/fbi-wiretap-bill
/pub/EFF/legislation/new-fbi-wiretap-bill
---
A bill to ensure the continuing access of law enforcement to the
content of wire and electronic communications when authorized by
law and for other purposes. Version 2 of the bill after FBI
changes in response to public response.
/pub/cud/law/hr3515
---
House of Rep bill 3515, Telecommunications Law.
Commentary
==========
/pub/eff/papers/eff-fbi-analysis
---
The EFF-sponsored analysis of the FBI's Digital Telephony proposal.
/pub/eff/papers/ecpa.layman
---
The Electronic Communications Privacy Act of 1986: A Layman's View.
/pub/eff/papers/nightline-wire
---
Transcript of ABC's Nightline of May 22, 1992, on the FBI,
Privacy, and Proposed Wire-Tapping Legislation. Featured are Marc
Rotenberg of the CPSR and William Sessions, Director of the FBI.
/pub/eff/papers/edwards_letter
---
A letter from the Director of the Secret Service to US Rep. Don
Edwards, D-California, in response to questions raised by
Edwards' Subcommittee. This copy came from Computer Professionals
for Social Responsibility in Washington, D.C.
/pub/eff/papers/fbi.systems
---
A description of how information is stored on the FBI's computer
systems.
_____
<6.6> What other U.S. legislation is related to privacy?
ftp.eff.org
===========
/pub/cud/law/
---
State computer crime laws:
AL, AK, AZ, CA, CO, CT, DE, FL, GA,
HI, IA, ID, IL, IN, MD, MN, NC, NJ,
NM, NY, OR, TX, VT, VA, WA, WI, WV.
/pub/cud/law/
---
Current computer crime laws for: The United States (federal
code), Canada, Ghana, and Great Britain.
/pub/cud/law/bill.s.618
---
Senate bill 618, addressing registration of encryption keys with
the government.
/pub/cud/law/improve
---
Improvement of Information Access bill.
/pub/cud/law/monitoring
---
Senate bill 516; concerning abuses of electronic monitoring in the
workplace.
/pub/cud/law/us.e-privacy
---
Title 18, relating to computer crime & email privacy.
/pub/academic/law/privacy.electronic.bill
---
The text of Simon's electronic privacy bill, S. 516. ``To prevent
potential abuses of electronic monitoring in the workplace.''
_____
<6.7> What are references on rights in cyberspace?
ftp.eff.org
===========
/pub/cud/papers/const.in.cyberspace
---
Laurence Tribe's keynote address at the first Conference on
Computers, Freedom, & Privacy. `The Constitution in Cyberspace'
/pub/cud/papers/denning
---
Paper presented to 13th Nat'l Comp Security Conf ``Concerning
Hackers Who Break into Computer Systems'' by Dorothy E Denning.
/pub/cud/papers/privacy
---
``Computer Privacy vs First and Fourth Amendment Rights'' by
Michael S. Borella
/pub/cud/papers/rights-of-expr
---
Rights of Expression in Cyberspace by R. E. Baird
/pub/academic/eff.rights
---
Bill of Rights' meaning in the Electronic Frontier.
_____
<6.8> What is the Computers and Academic Freedom (CAF) archive?
The CAF Archive is an electronic library of information about
computers and academic freedom. run by the Computers and Academic
Freedom group on the Electronic Frontier Foundation FTP site.
> If you have gopher, the archive is browsable with the command:
> gopher -p academic gopher.eff.org
>
> It is available via anonymous ftp to ftp.eff.org (192.88.144.4) in
> directory `pub/academic'. It is also available via email. For
> information on email access send email to archive-server@eff.org.
> In the body of your note include the lines `help' and `index'.
>
> For more information, to make contributions, or to report typos
> contact J.S. Greenfield (greeny@eff.org).
ftp.eff.org
===========
/pub/academic/statements/caf-statement
---
Codifies the application of academic freedom to academic
computers, reflecting seven months of on-line discussion about
computers and academic freedom. Covers free expression, due
process, privacy, and user participation.
/pub/academic/books
---
Directory of book references related to Computers and Academic
Freedom or mentioned in the CAF discussion. The file books/README
is a bibliography.
/pub/academic/faq/archive
---
List of files available on the Computers and Academic Freedom
archive.
/pub/academic/news
---
Directory of all issues of the Computers and Academic Freedom
News. A full list of abstracts is available in file `abstracts'.
The special best-of-the-month issues are named with their month,
for example, `June'.
_____
<6.9> What is the background behind the Internet?
The article ``Internet'' in Fantasy and Science Fiction by Bruce
Sterling contains general and nontechnical
introductory notes on origins of the Internet, including the role
of the RAND corporation, the goal of network resilience in face of
nuclear attack, MIT, UCLA, ARPANET, TCP/IP, NSF, NREN, etc.:
> ARPANET itself formally expired in 1989, a happy victim of its
> own overwhelming success. Its users scarcely noticed, for
> ARPANET's functions not only continued but steadily improved.
> The use of TCP/IP standards for computer networking is now
> global. In 1971, a mere twenty-one years ago, there were only
> four nodes in the ARPANET network. Today there are tens of
> thousands of nodes in the Internet, scattered over forty-two
> countries, with more coming on-line every day. Three million,
> possibly four million people use this gigantic
> mother-of-all-computer-networks.
>
> The Internet is especially popular among scientists, and is
> probably the most important scientific instrument of the late
> twentieth century. The powerful, sophisticated access that it
> provides to specialized data and personal communication has sped
> up the pace of scientific research enormously.
>
> The Internet's pace of growth in the early 1990s is spectacular,
> almost ferocious. It is spreading faster than cellular phones,
> faster than fax machines. Last year the Internet was growing at
> a rate of twenty percent a *month.* The number of `host'
> machines with direct connection to TCP/IP has been doubling
> every year since 1988. The Internet is moving out of its
> original base in military and research institutions, into
> elementary and high schools, as well as into public libraries
> and the commercial sector.
References
==========
Bowers, K., T. LaQuey, J. Reynolds, K. Roubicek, M. Stahl, and A.
Yuan, ``Where to Start - A Bibliography of General Internetworking
Information'' (RFC-1175), CNRI, U Texas, ISI, BBN, SRI, Mitre,
August 1990.
The Whole Internet Catalog & User's Guide by Ed Krol. (1992)
O'Reilly and Associates, Inc.
---
A clear, non-jargonized introduction to the intimidating business
of network literacy written in humorous style.
Krol, E., ``The Hitchhikers Guide to the Internet'' (RFC-1118),
University of Illinois Urbana, September 1989.
``The User's Directory to Computer Networks'', by Tracy LaQuey.
The Matrix: Computer Networks and Conferencing Systems Worldwide.
by John Quarterman. Digital Press: Bedford, MA. (1990)
---
Massive and highly technical compendium detailing the
mind-boggling scope and complexity of global internetworks.
``!%@:: A Directory of Electronic Mail Addressing and Networks'' by
Donnalyn Frey and Rick Adams.
The Internet Companion, by Tracy LaQuey with Jeanne C. Ryer (1992)
Addison Wesley.
---
``Evangelical'' etiquette guide to the Internet featuring
anecdotal tales of life-changing Internet experiences. Foreword
by Senator Al Gore.
Zen and the Art of the Internet: A Beginner's Guide by Brendan P.
Kehoe (1992) Prentice Hall.
---
Brief but useful Internet guide with plenty of good advice on
useful databases.
See also ftp.eff.com:/pub/internet-info/. (Thanks to Bruce Sterling
for contributions here.)
General
=======
Cunningham, Scott and Alan L. Porter. ``Communication Networks: A
dozen ways they'll change our lives.'' The Futurist 26, 1
(January-February, 1992): 19-22.
Brian Kahin, ed., BUILDING INFORMATION INFRASTRUCTURE (New York:
McGraw-Hill, 1992) ISBN# 0-390-03083-X
---
Essays on information infrastructure. Policy and design issues,
research and NREN, future visions, information markets. See
table of contents in ftp.eff.org:/pub/pub-infra/1992-03.
Shapard, Jeffrey. ``Observations on Cross-Cultural Electronic
Networking.'' Whole Earth Review (Winter) 1990: 32-35.
Varley, Pamela. ``Electronic Democracy.'' Technology Review
(November/December, 1991): 43-51.
______
<6.10> How Internet `anarchy' like the English language?
According to Bruce Sterling :
> The Internet's `anarchy' may seem strange or even unnatural, but
> it makes a certain deep and basic sense. It's rather like the
> `anarchy' of the English language. Nobody rents English, and
> nobody owns English. As an English-speaking person, it's up
> to you to learn how to speak English properly and make whatever
> use you please of it (though the government provides certain
> subsidies to help you learn to read and write a bit).
> Otherwise, everybody just sort of pitches in, and somehow the
> thing evolves on its own, and somehow turns out workable. And
> interesting. Fascinating, even. Though a lot of people earn
> their living from using and exploiting and teaching English,
> `English' as an institution is public property, a public good.
> Much the same goes for the Internet. Would English be improved
> if the `The English Language, Inc.' had a board of directors
> and a chief executive officer, or a President and a Congress?
> There'd probably be a lot fewer new words in English, and a lot
> fewer new ideas.
FOOTNOTES
=========
_____
<7.1> Most Wanted list
Hopefully you have benefitted from this creation, compilation, and
condensation of information from various sources regarding privacy,
identity, and anonymity on the internet. The author is committed
to keeping this up-to-date and strengthening it, but this can only
be effective with your feedback. In particular, the following
items are sought:
- Short summaries of RFC documents and other references listed.
- More data on the specific uses and penetration of RFC-931.
- Internet traffic statistics. How much is email? How much
USENET? What are the costs involved?
- Famous or obscure examples of compromised privacy
on the internet.
- FTP site for the code to turn the .plan file into a named
pipe for sensing/reacting to remote `fingers'.
- Knowledge on the `promiscuous' mode of receipt or transmission
on network cards.
- Details on the infamous experiment where a scientist resubmitted
previously accepted papers to a prominent journal with new and
unknown authors that were subsequently rejected.
- X Windows FAQhood in news.answers.
- Commerical use of this document is negotiable and is a way for
the author to recoup from a significant time investment.
Email feedback to ld231782@longs.lance.colostate.edu. Please note
where you saw this (which newsgroup, etc.).
_____
<7.2> Change history
2/14/93 v2.0 (current)
Major revisions. New section for X Windows. Some email privacy
items reorganized to network security section. New sections for
email liability issues, anonymity history and responsibilities.
Split into three files. Many new sources added, particularly
from EFF and CAF in new `issues' part. `commentary' from
news.admin.policy. 21 day automated posting starts.
2/3/93 v1.0
More newsgroups & FAQs added. More `Most Wanted'. Posted to
news.answers. Future monthly posting to sci.crypt, alt.privacy.
2/1/93 v0.3
Formatted to 72 columns for quoting etc. `miscellaneous,'
`resources' sections added with cypherpunk servers and use
warnings. More UNIX examples (`ls' and `chmod'). Posted to
alt.privacy, comp.society.privacy.
1/29/93 v0.2
`Identity' and `Privacy' sections added. `Anonymity' expanded.
Remailer addresses removed due to lack of information and
instability. Posted to sci.crypt.
1/25/93 v0.1
Originally posted to the cypherpunks mailing list on 1/25/93 as a
call to organize a list of anonymous servers.
email ld231782@longs.lance.colostate.edu for earlier versions.
* * *
SEE ALSO
========
Part 1 (previous file)
------
<1.1> What is `identity' on the internet?
<1.2> Why is identity (un)important on the internet?
<1.3> How does my email address (not) identify me and my background?
<1.4> How can I find out more about somebody from their email address?
<1.5> Why is identification (un)stable on the internet?
<1.6> What is the future of identification on the internet?
<2.1> What is `privacy' on the internet?
<2.2> Why is privacy (un)important on the internet?
<2.3> How (in)secure are internet networks?
<2.4> How (in)secure is my account?
<2.5> How (in)secure is X Windows?
<2.6> How (in)secure is my email?
<2.7> How am I (not) liable for my email and postings?
<2.8> How do I provide more/less information to others on my identity?
<2.9> Who is my sysadmin? What does s/he know about me?
<2.10> Why is privacy (un)stable on the internet?
<2.11> What is the future of privacy on the internet?
<3.1> What is `anonymity' on the internet?
<3.2> Why is `anonymity' (un)important on the internet?
<3.3> How can anonymity be protected on the internet?
<3.4> How do I send anonymous mail?
<3.5> How do I post anonymously?
<3.6> How do I `kill' anonymous postings?
<3.7> What are the responsibilities associated with anonymity?
<3.8> Why is anonymity (un)stable on the internet?
<3.9> What is the future of anonymity on the internet?
Part 3 (next file)
------
<8.1> What is the value of anonymity?
<8.2> Should anonymous posting to all groups be allowed?
<8.3> What should system operators do with anonymous postings?
* * *
This is Part 2 of the Privacy & Anonymity FAQ, obtained via anonymous
FTP to pit-manager@mit.edu:/pub/usenet/news.answers/net-privacy/ or
newsgroups news.answers, sci.answers, alt.answers every 21 days.
Written by L. Detweiler .
All rights reserved.
Path: senator-bedfellow.mit.edu!senator-bedfellow.mit.edu!usenet
From: ld231782@longs.lance.colostate.edu (L. Detweiler)
Newsgroups: sci.crypt,alt.privacy,alt.answers,sci.answers,news.answers
Subject: Privacy & Anonymity on the Internet FAQ
Followup-To: poster
Date: 16 Feb 1993 06:03:46 GMT
Organization: TMP Enterprises
Lines: 433
Approved: news-answers-request@MIT.Edu
Expires: 23 Mar 1993 06:02:09 GMT
Message-ID:
References:
Reply-To: ld231782@longs.lance.colostate.edu
NNTP-Posting-Host: pit-manager.mit.edu
Summary: Comments excerpted from a ~Nov. 1993 dialog on
news.admin.policy regarding anonymity on USENET.
X-Last-Updated: 1993/02/16
Xref: senator-bedfellow.mit.edu sci.crypt:13749 alt.privacy:5905 alt.answers:30
sci.answers:35 news.answers:6019
Archive-name: net-privacy/part3
Last-modified: 1993/2/15
Version: 2.0
COMMENTARY on ANONYMITY on the INTERNET
=======================================
Compiled by L. Detweiler .
<8.1> What is the value of anonymity?
<8.2> Should anonymous posting to all groups be allowed?
<8.3> What should system operators do with anonymous postings?
* * *
COMMENTARY
==========
_____
<8.1> What is the value of anonymity?
KONDARED@PURCCVM.BITNET:
> I think anonymous posts do help in focusing our attention on the
> content of one's message. Sure lot of anonymous posts are abusive
> or frivolous but in most cases these are by users who find the
> anon facility novel. Once the novelty wears off they are stopping
> their pranks...
morgan@engr.uky.edu (Wes Morgan):
> I don't mind seeing the miscellaneous hatred/prejudice/racism;
> those things are part of our nature. However, the notion of
> providing anonymity's shield for these ideas repulses me. If
> they have such strong feelings, why can't they put their name(s)
> on their postings? ... Quite frankly, I loathe communication
> with people who refuse to use their names.
dclunie@pax.tpa.com.au (David Clunie)
> Many seem to question the value of anonymity. But who are they to
> say what risks another individual should take ? There is no
> question that in this rather conservative society that we live
> in, holding certain views, making certain statements, adopting a
> certain lifestyle, are likely to result in public censure,
> ridicule, loss of status, employment, or even legal action. Given
> the heterogeneity of the legal jurisdictions from where the many
> contributors to usenet post, who knows what is legal and what is
> not ! Some say that anonymous posters are "cowards" and should
> stand up and be counted. Perhaps that is one point of view but
> what right do these detractors have to exercise such censorship ?
From: doug@cc.ysu.edu (Doug Sewell)
> Why is it censorship to not expect someone to speak for
> themselves, without the cloak of anonymity. This is at best a
> lame argument.
>
> You tell me why what you have to say requires anonymity. And you
> tell me why the wishes of a majority of non-anonymous users of a
> newsgroup should be disregarded when they don't want anonymous
> posts.
>
> Anonymous users have LESS rights than any others. They are not
> legitimate usenet participants. I would not honor RFDs, CFVs,
> control messages, or votes from one.
brad@clarinet.com (Brad Templeton):
> I can think of no disadvantage caused by anon posting sites that
> doesn't already exist, other than the fact that they do make more
> naive net users who don't know how to post anonymously the old
> way more prone to do it.
From: mandel@netcom.com (Tom Mandel)
> I cannot speak for others but I regard anonymous postings in a
> serious discussion as pretty much worthless. ... views that hide
> behind the veil of anon are hardly worth the trouble of reading.
From: 00acearl@leo.bsuvc.bsu.edu
> Instead of making this a "free-er medium" by allowing posters to
> "protect themselves" with anonymity, simply require that all
> posters be prepared to discuss their sources of information and
> take the heat for unsubstantiated dribble. This seems to be the
> way things are currently done;
xtkmg@trentu.ca (Kate Gregory):
> In misc.kids there are three threads going on started by anonymous
> posters. One was about changing jobs so as to work less hours,
> job sharing and so on, from a woman who didn't want anyone at her
> current place of work to know she was thinking of looking for
> work elsewhere. The next was from a woman who is thinking of
> having a baby sometime soon and doesn't want coworkers, friends,
> family etc etc to know all about it, but who wants advice. The
> third is about sex after parenthood -- actually this was started
> by people posting in the usual way but then it was pointed out
> that the anonymous posting service might let more people
> participate.
>
> Misc.kids doesn't seem to be suffering any harm from the presence
> of anonymous posters; in fact it seems to have been helped by it.
hoey@zogwarg.etl.army.mil (Dan Hoey):
> While there has never been any real security against anonymous or
> forged postings on Usenet, the process has until now been
> sufficiently inconvenient, error-prone, and undocumented to limit
> its use by persons who have not learned the culture of the net.
>
> On the other hand, a recent use of the anonymous posting service
> on sci.math seemed seemed to be a student asking help on a
> homework problem. It has now been attributed to a teacher,
> asking for an explanation of a dubious answer in his teaching
> guide. He says his news posting is broken, so he is using the
> anonymous service as a mail-to-news gateway.
red@redpoll.neoucom.edu (Richard E. Depew):
> The consensus seems to be that a general anonymous posting service
> such as that at anon.penet.fi seems sufficiently corrosive of the
> trust and civility of the net that this particular experiment
> should be ended. Perhaps the next time the question comes up we
> can say: "We tried it - we learned it does more harm than good -
> and we stopped it."
dave@elxr.jpl.nasa.gov (Dave Hayes):
> What a primal example of human nature. I have three questions for
> you folks.
>
> Do people really say different things to each other based upon
> whether their identity is or isn't known?
>
> Are people really so affected by what other people say that the
> verbage is labeled "abuse"?
>
> Most importantly, on a forum that prizes itself on the freedom of
> communication that it enjoys, is there really such a thing as
> freedom of communication?
Karl_Kleinpaste@cs.cmu.edu (Karl Kleinpaste):
> Weak reasoning.
> With freedom comes responsibility.
dave@elxr.jpl.nasa.gov (Dave Hayes):
> Responsibility isn't real if it is enforced. True responsibilty
> comes with no coercion.
_____
<8.2> Should anonymous posting to all groups be allowed?
morgan@engr.uky.edu (Wes Morgan):
> I will be the first to admit that I hold some controversial
> opinions; indeed, I'm sure that none of us are completely
> orthodox in our opinions. However, I've received *hundreds* of
> anonymous email messages over the last few years; fewer than 20
> of them were "reasonable posts made with good motives." It's
> getting more and more difficult to remember why we need anonymity
> at all; the abusers are (once again) lousing things up for those
> who truly need the service (or those who would put it to good
> use).
>
> I'm not suggesting that we should ban anonymous servers; as I've
> said, there are several situations in which anonymity is a Good
> Thing (tm).
>
> However, the notion that anonymity's shield should be
> automatically extended to every Usenet discussion is ridiculous;
> it opens the door to further abuse.
twpierce@unix.amherst.edu (Tim Pierce):
> Of course, how does one determine whether a "group" requests the
> service? A flat majority of posters voting in favor? A positive
> margin of 100 votes? Or what? No one speaks for a newsgroup.
>
> I'm not convinced by the arguments that an anonymous posting
> service for all newsgroups is inherently a bad idea, simply
> because it's a diversion from the status quo. Since the status
> quo previously permitted anonymous posting to *no* newsgroups,
> any anonymous posting service would reject the status quo.
hartman@ulogic.UUCP (Richard M. Hartman) writes:
> It is facist to suggest that a newsgroup is best able to decide
> whether it wants to allow anonymous postings instead of having
> them forced upon them by an service administrator?
ogil@quads.uchicago.edu (Brian W. Ogilvie):
> The service provides a mechanism for forwarding mail to the
> original poster. Since most Usenet readers don't know John Smith
> from Jane Doe except by their opinions and their address, the
> effect of having an anonymous posting to which mail replies can
> be directed is minimal, except for those who personally know the
> poster--and ... the lack of anonymity could be serious. Any
> mechanism like this is liable to abuse, but the benefits as well
> as the costs must be weighed. Limiting the service to alt groups,
> or specific groups, would not help those who want advice on
> sensitive issues in more 'professional' newsgroups.
From: tarl@sw.stratus.com (Tarl Neustaedter)
> An additional point is that some of us find anonimity in technical
> matters to be profoundly offensive; anonimity in different forums
> has different meanings. If I get a phone call from someone who
> won't identify himself, I hang up. If I get U.S. mail with no
> return address, it goes into the garbage unopened. If someone
> accosts me in the street while wearing a mask, I back away -
> carefully, and expecting violence. In a technical discussion,
> anonimity means that the individual isn't willing to associate
> himself with the matter being discussed, which discredits his
> utterances and makes listening to them a waste of time.
jik@mit.edu (J. Kamens):
> It seems obvious to me that the default should be *not* to allow
> anonymous postings in a newsgroup. The Usenet has always
> operated on the principle that the status quo should be kept
> unless there's a large number of people who want to change it.
>
> If someone REALLY needs to post a message anonymous in a newsgroup
> in which this usually isn't done, they can usually find someone
> on the net to do this for them. They don't need an automated
> service to do it, and the automated service is by its nature
> incapable of making the judgment call necessary to decide whether
> a particular posting really needs to be anonymous.
From: twpierce@unix.amherst.edu (Tim Pierce)
> For any newsgroup you name, I bet I can envision a scenario
> involving a need for secrecy. If an accurate content-based
> filter of each anonymous posting could be devised to screen out
> those that don't require secrecy, wonderful. But it can't be
> done.
From: lhp@daimi.aau.dk (Lasse Hiller|e Petersen)
> If a newsgroup wants to be noise- and nuisance-free, then it
> should call for moderation. This should happen on a per-newsgroup
> basis, and not as a general USENET ban on anonymous postings. Of
> course one principle of moderation might be to keep out all
> anonymous postings, and could be achieved automatically. It would
> still be _moderation_. Personally I would prefer moderation
> criteria being based on actual content.
David A. Clunie (dclunie@pax.tpa.com.au)
> If a "group" doesn't want to receive certain posts it should
> become moderated - there are clearly defined mechanisms on
> non-alt groups for this to take place. An automated moderator
> excluding posts from certain (eg. anonymous) sites or individuals
> could easily be established. If anyone wants to take such a
> draconian approach then they are welcome to do so and good luck
> to them. I doubt if I will be reading their group !
From: 00acearl@leo.bsuvc.bsu.edu
> Remember, this is a newsgroup for posters writing about SCIENTIFIC
> issues. Anonymous discussion of scientific issues leads to bad
> science.
_____
<8.3> What should system operators do with anonymous postings?
From: emcguire@intellection.com (Ed McGuire)
> I would like to know how to junk all articles posted by the
> anonymous service currently being discussed. Ideally I would
> actually tell my feed site not to feed me articles posted by the
> anonymous service. Assuming the C News Performance Release, what
> is a simple way to accomplish this? Or where should I look to
> learn how to do it myself?
From: dclunie@pax.tpa.com.au (David Clunie)
> That's a bit draconian isn't it ? Have your users unanimously
> decided that they would like you to do this or have you decided
> for them ?
Carl Kleinpaste (Karl_Kleinpaste@godiva.nectar.cs.cmu.edu):
> ...were I to be in the position of offering such a service again,
> my promises of protection of anonymity would be limited. Not on
> the basis of personal opinion of what gets posted, but on the
> basis of postings which disrupt the smooth operation of the
> Usenet. The most obvious and direct recourse would be to `out'
> the abusive individual. Less drastic possibilities exist -- the
> software supports a "fire extinguisher" by which individuals can
> be prevented from posting.
john@iastate.edu (John Hascall):
> Since when is Usenet a democracy? If someone wants to run an
> anonymous service, that's their business. If you want to put
> that host in your killfile, that's your business. If a newsadmin
> wants to blanket-drop all postings from that site, that's between
> them and the other people at that site. If everyone ignores a
> service, the service effectively doesn't exist.
jbotz@mtholyoke.edu (Jurgen Botz):
> I think that what ... these points show clearly is that an
> anonymous posting service has a great deal of responsibility,
> both towards its clients and towards the Net as a whole. Such a
> service should (IMHO) have a set of well-defined rules and a
> contract that its clients should sign, under the terms of which
> they are assured anonymity.
From: an8785@anon.penet.fi
> Is the problem that some are used to "punishing" posters who are
> upsetting in some vague way by complaining to the (usually
> acquiescent) sysadmin or organizations that the poster belongs
> to? That surely is the most gutless approach to solving
> problems, but my experience on the net shows that the same users
> who vilify anonymous postings are the first to write obsessively
> detailed grievances to the poster's supervisor when his or her
> tranquility is disturbed by some "intrusive" or subversive post
> or another.
>
> Anonymous postings prevent just this kind of intimidation.
From: gandalf@cyberspace.org (Eric Schilling)
> The main point I would like to make here is that while we can go
> through and revise the news sw to "reject anon posts to technical
> newsgroups" or some such thing, I think the attempt will prove
> futile. Each attempt to modify news can result in a changed
> approach by anon service providers to thwart the change. I think
> this would be pointless.
From: dclunie@pax.tpa.com.au (David Clunie)
> I consider the demise of [my] service to have been rather
> unfortunate, and I wish the Finnish remailer luck ! It is a pity
> that there are very few if any similar services provided with in
> the US. I guess that's the benefit of having a constitution that
> guarantees one freedom of speech and a legal and political system
> that conspires to subvert it in the name of the public good.
* * *
SEE ALSO
========
Part 1 (first file)
------
<1.1> What is `identity' on the internet?
<1.2> Why is identity (un)important on the internet?
<1.3> How does my email address (not) identify me and my background?
<1.4> How can I find out more about somebody from their email address?
<1.5> Why is identification (un)stable on the internet?
<1.6> What is the future of identification on the internet?
<2.1> What is `privacy' on the internet?
<2.2> Why is privacy (un)important on the internet?
<2.3> How (in)secure are internet networks?
<2.4> How (in)secure is my account?
<2.5> How (in)secure is X Windows?
<2.6> How (in)secure is my email?
<2.7> How am I (not) liable for my email and postings?
<2.8> How do I provide more/less information to others on my identity?
<2.9> Who is my sysadmin? What does s/he know about me?
<2.10> Why is privacy (un)stable on the internet?
<2.11> What is the future of privacy on the internet?
<3.1> What is `anonymity' on the internet?
<3.2> Why is `anonymity' (un)important on the internet?
<3.3> How can anonymity be protected on the internet?
<3.4> How do I send anonymous mail?
<3.5> How do I post anonymously?
<3.6> How do I `kill' anonymous postings?
<3.7> What are the responsibilities associated with anonymity?
<3.8> Why is anonymity (un)stable on the internet?
<3.9> What is the future of anonymity on the internet?
Part 2 (previous file)
------
<4.1> What UNIX programs are related to privacy?
<4.2> What are some anonymous remailing and posting sites?
<4.3> How can I learn about or use cryptography?
<4.4> What is the cypherpunks mailing list?
<4.5> What are some privacy-related newsgroups? FAQs?
<4.6> What is internet Privacy Enhanced Mail (PEM)?
<4.7> What are other Request For Comments (RFCs) related to privacy?
<4.8> How can I run an anonymous remailer?
<4.9> What are references on privacy in email?
<4.10> What are some email, Usenet, and internet use policies?
<4.11> What is the MIT ``CROSSLINK'' anonymous message TV program?
<5.1> What is ``digital cash''?
<5.2> What is a ``hacker'' or ``cracker''?
<5.3> What is a ``cypherpunk''?
<5.4> What is an anonymous pool?
<5.5> What is `security through obscurity'?
<5.6> What are `identity daemons'?
<5.7> What is the history behind anonymous posting servers?
<5.8> What standards are needed to guard electronic privacy?
<6.1> What is the Electronic Frontier Foundation (EFF)?
<6.2> What is `operation Sun Devil' and the Steve Jackson Game case?
<6.3> What is Integrated Services Digital Network (ISDN)?
<6.4> What is the National Research and Education Network (NREN)?
<6.5> What is the FBI's proposed Digital Telephony Act?
<6.6> What other U.S. legislation is related to privacy on networks?
<6.7> What are references on rights in cyberspace?
<6.8> What is the Computers and Academic Freedom (CAF) archive?
<6.9> What is the background behind the Internet?
<6.10> How is Internet `anarchy' like the English language?
<7.1> Most Wanted list
<7.2> Change history
* * *
This is Part 3 of the Privacy & Anonymity FAQ, obtained via anonymous
FTP to pit-manager@mit.edu:/pub/usenet/news.answers/net-privacy/ or
newsgroups news.answers, sci.answers, alt.answers every 21 days.
Written by L. Detweiler .
All rights reserved.
