Tuesday, December 2, 2008

Anonymous remailer

An anonymous remailer is a server computer which receives messages with embedded instructions on where to send them next, and which forwards them without revealing where they originally came from.

There are Cypherpunk anonymous remailers, Mixmaster anonymous remailers, and nym servers, among others which differ in how they work, in the policies they adopt, and in the type of attack on anonymity of email they can (or are intended to) resist.

Remailing to emails intended for particular recipients, not the general public. Anonymity in the latter case is more easily addressed by using any of several methods of anonymous publication.

It must be understood that every data packet traveling on the Internet contains the node addresses (as raw IP bit strings) of both the sending and intended recipient nodes, and so no data packet can ever actually be anonymous at this level. However, if the IP source address is false, there will be no easy way to trace the originating node (and so the originating entity for the packet). In addition, all standards-based email messages contain defined fields in their headers in which the source and transmitting entities (and Internet nodes as well) are required to be included. However, since most users of email do not have very much technical expertise, the full headers are usually suppressed by mail reading software. Thus, many users have never seen one.

Some remailers change both types of address in messages they forward, and the list of forwarding nodes in email messages as well, as the message passes through; in effect, they substitute 'fake source addresses' for the originals. The 'IP source address' for that packet may become that of the remailer server itself, and within an email message (which is usually several packets), a nominal 'user' on that server. Some remailers forward their anonymized email to still other remailers, and only after several such hops is the email actually delivered to the intended address

There are, more or less, four types of remailers:

* Pseudonymous remailers

A Pseudonymous remailer, simply takes away the email address of the sender, gives a pseudonym to the sender and sends the message to the intended recipient (that can be answered via that remailer).

* Cypherpunk remailers, also called type I

A Cypherpunk remailer sends the message to the recipient stripping away the sender address on it. You can not answer a message sent via a Cypherpunk remailer. You can usually encrypt the message sent to the remailer, and the remailer will decrypt it and send it to the recipient address hidden inside the encrypted message. In addition, you can chain 2 or 3 remailers, so each remailer can't know who is sending a message to whom. Cypherpunk remailers do not keep logs of transactions.

* Mixmaster remailers, also called type II

Mixmaster remailers require use of a program on your computer to write your messages. Such programs are not supplied as a standard part of most operating systems or mail management systems.

* Mixminion remailers, also called type III

A Mixminion remailer attempts to address the following challenges in Mixmaster remailers: replies, forward anonymity, replay prevention and key rotation, exit policies, integrated directory servers, dummy traffic. They have been implemented for the Linux and Windows platforms and are currently available. Some implementations are open source.

Microsoft :
Less obviously, some software (eg, recent versions of Microsoft Office components -- Microsoft Word, Microsoft Excel, etc) includes (ordinarily invisible) identifying information in each formatted file it saves. The information might be name / organization / email address (collected at 'product registration' and retained internally), or product copy serial number, or computer ID (eg, CPU serial number, or interface hardware address (eg, Ethernet MAC address, a unique in the world ID), or ... One software program which claims to remove such information from files notes that there are about 30 different kinds in Word format files. Those interested in anonymity should limit themselves to plain text messages (ASCII text only) produced by plain text editors (eg, vi, emacs, Notepad, ...) as they don't include such hidden information. Alternatively, users should take great care to inspect files (eg, text, images, sound files, ...) to ensure they contain no identifying information. Note however, that even byte-by-byte inspection will not necessarily uncover such information since it can be easily concealed by encryption, steganography, or simple unfamiliarity.

Remailer software

* Jack B. Nymble remailer software -(link is dead; see the Internet Archive backup copy[1]). JBN is available at http://www.panta-rhei.eu.org/downloads/

* QuickSilver remailer software

* OmniMix is a Windows proxy server, which handles e-mail and usenet postings that come from an ordinary client application in a transparent manner and sends them optionally through the Mixmaster anonymous remailer network dependent on its settings or certain header flags.

It's able to interact with nym servers, supports SSL/TLS and Tor with all external communication (NNTP/SMTP/POP3), offers a Tor controller and allows header filtering and an automated addition of hashcash tokens. The OpenPGP compliant 'Whole Message Encryption', which, by including the header section, even makes the structure of a message unrecognizable, can automatically secure non-anonymous communication as well.

* News2Remail is a NNTP to remailer proxy for Windows.

No comments: