Address Unknown ANONYMOUS is a dirty word. Met with suspicion and hostility, anonymity is a principle often challenged with the flawed logic that the desire to remain nameless implies that one "has something to hide." Many people assume that only a criminal would take measures to veil their identity. But there are many facets of regular life in which anonymity is honored and protected, such as democratic elections and crime-stopping hotlines. I've known plenty of people, both in real life and through anonymous channels, who hide behind an inscrutable alias at certain times. A friend who needed to talk on alt.sexual.abuse.recovery about the incest that she suffered. A married couple who think that decriminalizing drugs would solve a lot of our societal ills, but don't want to risk a midnight visit from the Feds. A lawyer who writes erotic stories about bi-sexuality, but doesn't want it to haunt him at the office. Even the Samaritans run a suicide prevention Web site that encourages visitors to correspond with them through anonymous channels.


The 'net is a place for the free exchange of ideas. Hysterical would-be censors confuse the discussion of an illegal activity with the activity itself. It's perfectly legal to talk about narcotics, bombs and child pornography, but owning them can get you arrested. Anonymity protects this kind of borderline speech, and also legitimately protects trade secrets, battered spouses, whistleblowing, the posting of erotica and those who wish to challenge an established law. Anytime that you wish to express ideas that are contrary to your usual "real-life" persona, anonymity may be called for. The Internet makes tracking identity easier than ever. Our words can be effortlessly reproduced and multiplied long after we assume they've been deleted. In such a concrete medium, it is exponentially more important to create techniques to preserve identity simple, acceptable and freely available.

Anonymous remailers are set up with the sole purpose of stripping off all identifying material from a message, then re-sending it free of ID. Typically, this service is provided as charity to the Internet community. The users are not expected to pay, as doing so might compromise their anonymity. Many sysops volunteer their time and resources to maintaining remailers. The most famous anonymous machine, anon.penet.fi, is provided by Julf Helsingius, a Finnish philanthropist and computer scientist who often explains that living so close to the Soviet Union inspired a healthy respect for anonymity and freedom of speech.


There are two different types of remailers. Often, they get lumped together under the moniker "anonymous," but in reality they run a spectrum from pseudo- to almost total anonymity. A pseudo-anonymous remailer keeps a record of your true e-mail address, but never divulges it. This is secure enough for most people, but a truly anonymous remailer refuses to keep any such record.

The anon.penet.fi remailer, also known as the "Finnish remailer," is a pseudo-anonymous set-up. Easy to use, it offers the added benefit of having a permanent address, so you can take part in lengthy exchanges yet always be certain that "an812" is the same person. This is called a "double-blind," in which each party does not know the other's true e-mail address. However, it's not for the truly paranoid; the operators of the Finnish remailer are very much aware of your address. In certain circumstances, such as a subpoena or a leak, it's conceivable this could lead to some problems. In one recent scuffle with the Church of Scientology, the operators of the Finnish remailer were forced to divulge a person's identity. If your anonymous life online could get you into trouble with law offline, it might be best to use a different approach to remailing.


Cypherpunk remailers

Another grouping of anonymous servers are known as the "soda remailers" or the "Cypherpunks remailers." They have slightly different features, but essentially run under the same software. These servers automatically conceal your identity by taking off the first header that they come to and following the ensuing directions on where to send the message. If you "chain" the message (that is, send it through a series of at least two remailers), then the final server has no trace of the original sender. The return address is merely a different secure remailer. Likewise, the original remailer never learned the final recipient; it simply sent the message onto another remailer. Anonymity is preserved. Cypherpunks remailers also actively encourage the use of encryption software, as they believe that the contents of a message are just as private as its path. Remailing only obscures the route of a message, and encryption makes sure that anyone snooping cannot read the contents. Together, they form a strong line of security.


Not completely safe

It is important to understand that even the strongest remailers are subject to attack. Remailers are popular targets of crackers, thanks to the inherent challenge and the notion that an anonymized message is much juicier than standard fare. Messages can be tracked through a network through careful observation of timing and size. Certain remailers, but not all, offer a "latency" feature, intended to confuse anyone tracking traffic from a remailer. To understand why, think of it this way:if a remailer without latency always passes on a message exactly 2.5 minutes after receiving it, it could be tracked with confidence across a network. With latency, messages are fired off into the ether at random intervals.


Another security feature to shop around for on remailers is "reordering." This method dictates always keeping a pool of messages in the remailer and sending them out in mixed-up order. This method, too, can be foiled; an attacker can plot to fill the pool with their own messages, except for one -- yours. When yours exits the pool, the attacker can easily recognize it.

The final vulnerability of remailers is the diminishing size of a message as it traverses the network. As each machine strips off the header and resends the message, the message shrinks a small, but noticeable and known, amount. This provides something for an attacker to track. The only remailers which conceal this detail are the Mixmaster remailers, which send messages in packets of uniform size. However, Mixmaster remailers only run under special software on UNIX platforms, so they are not widely used. You can check the Remailer List (http://www.cs.berkeley.edu/~raph/remailer-list.html) to research which remailers provide the features that are important to you.

Another method to preserve your identity is to simply get an anonymous e-mail address. Although not yet popular, it's likely they will be more widely embraced in the future. The accounts are set up with no record of the user's true identity. The user pays with anonymous electronic cash. The main problem with this method is that most service providers are not comfortable with this arrangement, so they simply don't offer it to clients. Accounts are available at http://www.c2.org/ through Community ConneXion.

Internet Underground encourages you to be a good anonymous citizen. Respect the guidelines set by the operators of your remailer. Follow the limits set on both quantity and size of messages. Use encryption software. Remember that anonymity is a privilege. We must all exercise our right to privacy, anonymity and free speech in order to make it an accepted part of our society, so that those who try to threaten it never succeed. Anonymous shouldn't be a dirty word any longer; we've got to clean up its image.


More information is available online on the Web at:

Anonymous Remailer FAQ:
http://www.well.com/user/abacard/remail.html

Mixmaster Remailers:
http://www.obscura.com/ ~loki/remailer/mixmaster-faq.html

Remailers:
http://www.world.net/ ~pirovich/remail.htm

and on Usenet in alt.anonymous.messages, alt.privacy.anon-server and alt.anonymous.


homeback to archives