Anonymity on the Internet

Anonymity on the Internet
(On the Internet, Nobody knows you're a dog?)

There are many reasons one may want to protect their real identity, Put simply you have a right to privacy & anonymity as long as you use those rights ethically and responsibly. You may want to protect yourself from an oppressive government, Send something "off the record" to a journalist, Communicate with a self-help organization, Maybe because you are a member of a minority group subject to thoughts from your work account at the Christian discrimination, or just want to post all those politically incorrect Coalition.

Just changing or clearing the 'real name' field in your newsreader setup won't help you much unless your trying to pull a fast one on one of your friends, It's very easy to trace a message back to its original site by reading the headers in the mail message, and the system administrator can easily look up the senders 'real name'.

Clearly there is a better solution by using an Anonymous Remailer, These systems strip all headers from the message making it next to impossible to trace where the message originated. Some systems give you an anonymous address that other people can send you mail, which is then forwarded to your real address, (Sometimes known as a pseudonymous server) A majority of remailers use encryption.

Below is a list of links and original content on anonymous remailers & anonymity on the Internet, Send changes, corrections and pointers to William Knowles erehwon@dis.org

Remailer List

This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the twelve day history, average latency, and uptime for each remailer. You can also get this information by fingering rlist@publius.net.

This is more or less, The latest comprehensive list of the known working Type-1 remailers.

$remailer{"arick"} = "<arick@arickaree.scd.ucar.edu> cpunk mix middle pgp pgponly remix latent hash cut test ek esub inflt50 rhops20 reord klen1000";
$remailer{"bruble"} = "<bruble@amis.net> cpunk mix hybrid middle pgp pgponly latent ek ekx esub cut hash post repgp2 remix reord ext max test inflt75 rhop5 klen1024";
$remailer{"bpm"} = "<remailer@bpm.ai> mix";
$remailer{"cannabis"} = "<cannabis.anon@hotpop.com> cpunk middle pgp latent ek cut hash post repgp reord ext max test inflt32 klen128";
$remailer{"cracker"} = "<remailer@gacracker.org> cpunk mix middle pgp pgponly remix latent hash cut test ek ekx esub inflt50 rhop20 reord";
$remailer{"doom"} = "<mix@seclab.com> mix middle";
$remailer{"echelon"} = "<echelon@presidency.com> cpunk mix hybrid middle pgp latent ek ekx cut hash repgp remix reord ext max test inflt75 rhop5 klen1000";
$remailer{"exonet"} = "<remailer@exonet.org> cpunk mix hybrid pgp latent ek ekx cut hash post repgp remix reord ext max test inflt10 rhop5 klen49";
$remailer{"fitugmix"} = "<mixmaster@fitug.de> cpunk mix pgp remix latent hash cut test ek esub inflt50 rhop20 reord post";
$remailer{"flash"} = "<remailer@flashmail.com> cpunk pgp repgp hash latent cut post ek esub klen64";
$remailer{"fnulnu"} = "<fnulnu@pobox.com> cpunk middle pgp pgponly latent ek ekx cut hash post repgp reord ext max test inflt32 rhop10 klen125";
$remailer{"foebud"} = "<remailer@foebud.org> cpunk mix pgp remix latent hash cut test ek esub inflt50 rhops20 reord";
$remailer{"frog"} = "<frog@mageos.com> cpunk mix hybrid pgp pgponly latent ek cut hash post repgp remix reord ext max test inflt50 rhop5 klen1000";
$remailer{"gondolin"} = "<mix@remail.gondolin.org> cpunk mix remix pgp repgp hash latent cut post ek esub";
$remailer{"gretchen"} = "<gretchen@neuropa.net> cpunk pgp pgponly latent ek ekx cut hash post repgp ext max test inflt75 rhop6 klen1000";
$remailer{"hr13"} = "<remailer@hr13.zedz.net> cpunk mix middle pgp pgponly remix latent hash cut test ek ekx esub inflt50 rhop20 reord klen400";
$remailer{"hyper2"} = "<mix@hyperreal.art.pl> cpunk mix pgp remix latent hash cut test ek ekx esub inflt50 rhop20 post";
$remailer{"lcs"} = "<mix@anon.lcs.mit.edu> mix klen1000";
$remailer{"lobemix"} = "<mixmaster@lobeda.jena.thur.de> cpunk mix pgp remix latent hash cut test ek esub inflt50 rhops20 reord post";
$remailer{"mccain"} = "<mccain@notatla.demon.co.uk> mix middle klen200";
$remailer{"mix"} = "<mixmaster@remail.obscura.com> cpunk mix pgp hash latent cut ek reord klen1000";
$remailer{"nitemare"} = "<nightmare@uni-muenster.de> cpunk middle pgp latent ek ekx esub cut hash repgp reord ext max test inflt75 rhop20 klen1000";
$remailer{"noisebox"} = "<remailer@noisebox.dhs.org> cpunk mix pgp remix latent hash cut test ek ekx esub inflt50 rhop20 reord post";
$remailer{"nowhere"} = "<mixer@nowhere.to> mix middle";
$remailer{"nym"} = "<config@nym.alias.net> newnym pgp klen1000";
$remailer{"passthru2"} = "<mixer@immd1.informatik.uni-erlangen.de> mix middle";
$remailer{"redneck"} = "<config@redneck.gacracker.org> newnym pgp klen1024";
$remailer{"replay"} = "<remailer@replay.com> cpunk mix remix pgp repgp hash latent cut post ek esub";
$remailer{"squat"} = "<mixmaster@squat.net> cpunk mix pgp pgponly remix latent hash cut test ek esub inflt50 rhops20 post klen64";
$remailer{"squirrel"} = "<mix@squirrel.owl.de> cpunk mix pgp pgponly remix latent hash cut test ek ekx esub inflt50 rhop20 reord post";
$remailer{"superrem"} = "<superrem@topmail.de> cpunk mix hybrid pgp latent ek ekx esub cut hash post repgp remix reord ext max test inflt75 rhop3 klen500";
$remailer{"swiss"} = "<mix@remailer.ch> mix post";
$remailer{"teatwo"} = "<teatwo@notatla.demon.co.uk> cpunk mix middle pgp pgponly remix repgp latent hash cut ek esub post klen976";
$remailer{"widow"} = "<Widow@wol.be> cpunk mix hybrid pgp latent ek ekx esub cut hash post repgp remix reord ext max test inflt5 rhop5 klen128";

Groups of remailers sharing a machine or operator:
(nym lcs)
(cyber mix)
(cracker redneck)
(hyper dongco)
(mccain teatwo)

Broken type-I remailer chains:
(replay nowhere)
(nowhere bird)
(teatwo piratech)

Last update: Sat 11 Dec 99 10:12:28 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
squirrel mix@squirrel.owl.de              -------  --   2:09:06  98.29%
fitugmix mixmaster@fitug.de               -------  --+  1:25:06  98.23%
lobemix  mixmaster@lobeda.jena.thur.de    -* ++++  +++    28:27  98.16%
redneck  config@redneck.gacracker.org     #- #*#   ###     1:03  97.99%
gretchen gretchen@neuropa.net             -  +*-*  +*+    58:24  97.92%
cracker  remailer@gacracker.org           -+----   ---  2:17:58  97.77%
widow    Widow@wol.be                     ----+++  ++   4:04:17  97.49%
arick    arick@arickaree.scd.ucar.edu      - - -+  +-   1:40:12  97.40%
nym      config@nym.alias.net             *  #*     ##      :20  97.29%
mix      mixmaster@remail.obscura.com     --..+_- _.-+ 29:18:21  96.83%
teatwo   teatwo@notatla.demon.co.uk       -_....- --.  24:26:23  95.30%
frog     frog@mageos.com                    +***-  --   2:41:28  95.19%
hyper2   mix@hyperreal.art.pl             -* ***    **     6:08  95.05%
noisebox remailer@noisebox.dhs.org        *  + *          18:11  93.52%
squat    mixmaster@squat.net              *#### *  ##       :24  91.48%
flash    remailer@flashmail.com           -____.--     32:47:03  87.67%
gondolin mix@remail.gondolin.org          *  ***+  *      12:08  81.13%
nitemare nightmare@uni-muenster.de          ..-_   +-  17:51:48  80.11%
fnulnu   fnulnu@pobox.com                    -          2:55:09  79.38%
cannabis cannabis.anon@hotpop.com             --   . - 22:34:37  75.36%
hr13     remailer@hr13.zedz.net                   - -   5:00:51  72.95%
echelon  echelon@presidency.com           -  .- -- -    5:44:59  71.72%
superrem superrem@topmail.de                       -   35:23:06  51.61%
bruble   bruble@amis.net                  .. --        27:01:20  33.10%
exonet   remailer@exonet.org               __.         16:37:17  22.87%
replay   remailer@replay.com              *               20:10   8.13%

History key

# response in less than 5 minutes.
* response in less than 1 hour.
+ response in less than 4 hours.
- response in less than 24 hours.
. response in less than 2 days.
_ response in more than 2 days.

Options and features
cpunk: A major class of remailers. Supports Request-Remailing-To: field.
eric: A variant of the cpunk style. Uses Anon-Send-To: instead.
penet: The third class of remailers (at least for right now). Uses X-Anon-To: in the header.
pgp: Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID.
hash: Supports ## pasting, so anything can be put into the headers of outgoing messages.
ksub: Remailer always kills subject header, even in non-pgp mode.
nsub: Remailer always preserves subject header, even in pgp mode.
latent: Supports Matt Ghio's Latent-Time: option.
cut: Supports Matt Ghio's Cutmarks: option.
post: Post to Usenet using Post-To: or Anon-Post-To: header.
ek: Encrypt responses in reply blocks using Encrypt-Key: header.
pgponly: Accepts only pgp encrypted messages.
special: Accepts only pgp encrypted messages, and has slightly different formatting.
mix: Can accept messages in Mixmaster format.
reord: Attempts to foil traffic analysis by reordering messages. Note: I'm relying on the word of the remailer operator here, and haven't verified the reord info myself.
mon: Remailer has been known to monitor contents of private email.
filter: Remailer has been known to filter messages based on content. If not listed in conjunction with mon, then only messages destined for public forums are subject to filtering.
middle: Is a "middleman" style remailer - creates its own chain of other remailers.
newnym: Supports the nym.alias.net format of nym service.
?: Has had problems chaining with other remailers. Not recommended for use in chains, and automatically deselected by premail.

Penet remailers

The original Penet remailer was anon.penet.fi run by Johan Helsingius which was closed in 1996 after troubles with the Church of Scientology, Spammers, and a story ran in the Sunday Observer alleging transmission of child pornography from the penet.fi remailer which was later proven false by Police Sergeant Kaj Malmberg of the Helsinki Police Computer Crime Squad.

Recently a new penet class remailer is now open for business and as of the 21th of December 1998 had around 2000 regular users.

Anonymous e-mail for everyone from the tiny nation of Estonia offers all the same features of anon.penet.fi but comes with a warning on the main page not to use the anon.isp.ee remailer for harassment or other illegal purposes, Otherwise they will start logging and one bad apple will ruin it for everyone.

Mixmaster remailers

Mixmaster remailers are the next generation of remailers, Using advanced techniques and strong cryptography to make most methods of traffic analysis next to impossible, It however requires the use of a special client to generate the Mixmaster messages. Below is a lists of links for more information on Mixmaster remailers.

Lance Cottrell's home page General information on Mixmaster.
Mixmaster & Remailer Attacks (By Lance Cottrell) An essay on attacks to anonymous remailers, and how Mixmaster defeats some of those attacks.
Mixmaster remailer FAQ (By Lance Cottrell) Pretty self explanatory.
Downloading the Mixmaster client The client program itself is export restricted. US users can obtain the source (most useful those on UNIX platforms) or the DOS version, which can be used together with Private Idaho.
Mixmaster for DOS Non-US citizens can download the client directly from this site in the Netherlands.
Mixfit A MacOS application for Mixmaster formatted anonymous messages.
Mixmaster client sources

Run your own remailer!

Joey Grasty probably summed it up best on why the Windows based remailers are needed, For the most part remailers have been installed and run by a dedicated, but very small group of skilled cypherpunks who wrote and ran remailers on Unix systems. These remailers require detailed knowledge of the Unix operating systems. Most potential remailer operators do not have this skill set and do not have the computers that run Unix. To fix this problem, Joey created a remailer that runs under Windows and is comparatively easy to setup and use. But unfortunately Joey is no longer working on the WinSock remailer. But that doesn't mean there are no more Windows based remailers.

Reliable v1.0 offered by Potato Software is an anonymous Type I/Type II, Hybrid remailer to run on the Windows operating system. Reliable has several new options not seen on other remailers. The Potato home page has all the information to set it up.

Required equipment to run the Reliable remailer are...

Windows 95 or Windows 98 & Windows NT 3.51 and higher
Computer with ideally a Pentium processor, and a minimum of 16MB of memory
POP3 mail account
SMTP mail server
NNTP server (if direct posting to USENET required)
PGP Version 5.5x or 2.6.x (RSA & IDEA support required)
Mixmaster 2.0.4 [b45 or later required] Optional

I should mention that will the relative low cost of Windows computers today, There is no real reason not to start a remailer, Either for your own personal use, for private groups, or to take some of the load off the existing remailer network. Check this space in the future when I am ready to announce the start of my remailer.

Remailing from the WWW

There may be the occasion that you don't have access to your home machine and you have to send an anonymous message to somebody, It is not as secure as composing your message off-line, Your message and the final recipient are sent unencrypted to the WWW server being used, (Unless you're using SSL) Opening yourself and your recipient to a Man-In-the-Middle Attack, and your adversary can learn who and what it is that you're mailing.

Geoff Keating has a Java remailer applet which is extremely cool!
Formally Replay Associates Now Zedz Consultants WWW Remailer (With SSL)
Formally Replay Associates Now Zedz Consultants WWW remailer (Without SSL) (Why use it?)
MyEmailNet WWW remailer (Without SSL) Down for some time.
Anonymizer, Inc WWW remailer (With SSL)

Newsgroups dealing with Anonymity

alt.anonymous
alt.anonymous.email
alt.anonymous.messages
alt.hackers
alt.security.keydist
alt.security.pgp
comp.security.pgp
comp.security.pgp.announce
comp.security.pgp.discuss
comp.security.pgp.resources
comp.security.pgp.tech
misc.security
sci.crypt
sci.crypt.research

Mail 2 News gateways

A mail 2 news gateway allows you to post to newsgroups via e-mail, This is very convenient if you want to use a remailer or can't post to a particular newsgroup because its not carried on your news server or your provider doesn't offer news.

Don's Mail 2 News list is still working, And at this time there is still only six Mail 2 News gateways running. Many of them have been abused by spammers and those carrying out mail bombings and are no longer in business.

An excellent site that just recently popped up is the Mail2News Gateway Testpage where you can test out gateways before going through the trouble of sending a message only for it to never post to the newsgroup that you wanted.

Remailer Tools

Using a remailer at times can be a real pain in the ass, but there are some tools and commercial products aimed at streamlining the process of sending anonymous mail.

Mailcrypt Updated for PGP 5.0 and GnuPG is an Emacs interface which allows seamless integration of cryptography and internet usage. It can be used to sign and encrypt mail, to sign usenet articles, and to verify/decrypt mail and articles.
Private Idaho Version 3.52t Private Idaho is an anonymous remailer utility for Windows, Supporting PGP, cypherpunk remailers (Type 1) Mixmaster & nymservers. The original Private Idaho information can be found at Joel McNamara's WWW page.
Jack B. Nymble V2.0 is a new Windows 95/NT application for composing and sending anonymous and nym messages. Its from the same folks that brought you the Potato DOS remailer client.
Potato V2.3 is a DOS remailer client that works well in Windows, Which prepares anonymous messages which are then mailed from your e-mail client.
Privtool Version 0.90 is intended to be a PGP aware replacement for the standard Sun workstation mailtool,Privtool now runs on Linux, Free-BSD, Solaris, and SunOS.
NewsRover is a off-line Usenet newsgroup reader and posting program that works well with remailers to post private Usenet messages and e-mail
ChainMail is a remailer chaining utility for Apple Macintosh users.
S-Tools-4 is one of many steganography tools that hides messages in photos, or sounds that could be posted to Usenet or stored on your computer. Steganography relies on security by obscurity, If people don't know there is a message hidden, they won't look for it. If you download this software, I have a test picture for you to try it out.

Anonymous & Public Proxy's

You would be amazed the about the amount of information left behind every time you visit a website, If you send mail from Hotmail, it will log your providers IP number and send it with your message. Proxys allow you to avoid using your provider's IP address, Some ISP's and countries have blocked certain IP's from accessing certain sites on the Internet, A proxy will allow you to access those sites.

MagusNet Anonymous Public Proxy Server Down? will allow free users to chain proxy servers for greater anonymity, and is available on multiple ports and domains to thwart filtering. Paying accounts can make user of the 128 bit SSL encryption and offers some of the services of the Janus service.
ProxyMate (Formally LPWA Lucent Personalized Web Assistant) is a new tool that provides convenience, privacy, enhanced security, and assists on controlling spam.
(Note: There are some who belive the LPWA is a web based version of Echelon scooping up all sorts of information about the users of the LPWA, Some of Lucent's customers & contacts within the U.S. Government are the NSA, FBI, U.S. Navy and SAIC. None of these rumors have been confirmed, nor denied. -WK)
Websperts Anonymous Proxy Fast proxy from Czech Republic, Check out their CEO.
Defcon Proxy Server Down indefinitely The Defcon proxy server also comes SSL encrypted!
Proxys-4-All is the largest & all around best site for both public and anonymous proxy information, (HTTP, FTP, Telnet, Socks, Gopher, Security, and WAIS) Well worth a couple hours learning & exploring this site.

Privacy & Anonymous service providers

I have been trying to put together a list of providers who care more about the privacy and security of their users than that of the almighty dollar, Surpassingly they are few & far between (Probably too anonymous to tell anyone.) Most of these providers use telnet, Some use SSH, or S/Key to log in for added protection. Mail me if you would like your company listed.

HushMail Is the world's first 1024 bit encrypted free mail service!
Anonymous.To Free Anonymous Email Accounts.
Freedom.net Anonymous mail, telnet, IRC, SSH and web-surfing.
SecureNym Offers secure and anonymous web based E-mail by subscription.
Pop3Now: Access your mail from the web with SSL encryption.
Cyberpass Run by Lance Cottrell, a well known cryptographer & cypherpunk.
LOD Communications $10 a month shell account with WWW page.
AnonMailNet Web2Mail & Web2News interfaces with standard Internet services.
Data Haven Project $10 a month shell account with full access.
Offshore Information Services Anonymous services from Anguilla B.W.I.
Nymserver Anonymous e-mail and newsgroup posting, PGP, & finger info.
Somebody.net Anonymous surfing and anonymous email services
Resentment.org Now offers free SSL web mail accounts
Altopia Privacy accounts now, Anonymous accounts later...

Not too anonymous, but better than nothing...

Juno is a free Windows only Internet service supported by advertisers, When you sign on they will ask you for all sorts of information about your hobbies, income, address & name, However I am told of a cat (four-legged kind) who has an account with Juno, and when it comes to addresses, There is always 1060 West Addison, Chicago IL 60613.
AOL Used be called the largest anonymous service provider in the world allowing up to five screen names each of which is a pseudonym only traceable by AOL and law enforcement. Recent events of AOL staff breaching customers identities through social engineering by the U.S. Military and others have led me to nearly take AOL of this list, But if you want idiot-proof services, It can't be beat.

Anonymity Technology

The Anonymizer enables users to surf the WWW anonymously, stop cookies from being issued, stop Java and JavaScript access to browser and hard drive information, and effectively blocks tracking I.P. addresses.
Zero-Knowledge Systems Its a cypherpunk's wet dream coming true, Offering a product that will manage a users digital identity, encrypts and routes traffic through the Freedom network, transparently decrypts all incoming traffic, watches all outbound traffic for personal information, places cookies in a 'cookie jar' and filters spam, All for $49.95 U.S.D.! Like it? WANT IT? DOWNLOAD IT NOW!!!
Rewebber (Formally Janus) is a service that makes it possible to offer WWW pages to be posted anonymously as long as the content doesn't contradict moral standards, (Pornography, racism, or violence, Among others.) Rewebber encrypts all references of the URL with a 768 bit RSA key and makes the source URL unintelligible, and gives no information about the original URL.
IDzap Anonymous web surfing and access services.
ZipLip offers snoop-proof mail, Password protected, and securely deletes when you're finished with it.
The Eternity Service is a distributed data-haven which takes a different approach to ensuring unpopular content and anonymous speech can be published without fear of censorship.

Not ready for prime-time, But worth a look...

Crowds is a system to protect your privacy while browsing the web, it prevents a web server from learning information that could identify you. Crowds was named for the notion of blending into a crowd, Crowds operates by grouping users into a large & geographically diverse group (Crowd) that collectively issues requests for its members. Web servers wouldn't be able to tell the true source of the request since it could have come from Cape Town or Chicago. The team working on Crowds is looking for testers of their system, Lucky users who keep their Crowds server running all the time can win this cool t-shirt.
TAZ Servers and the Rewebber Network Ian Goldberg and David Wagner's implementation of the Janus Service allowing users to publish WWW pages anonymously without fear of being identified by social and political groups, while offering good protection and protection from abuse.
Onion Routing The Onion Routing research project is attempting to build an Internet based system that is strongly resistant to traffic analysis, eavesdropping, and other attacks by both outsiders and insiders. This will give the sender of a message, and occasionally the receiver anonymity from the medium. The only thing the network knows is that communication is taking place, But it has no idea who or what is being communicated. (Note: The contradiction of what Onion Routing is trying to do compared to the the warning at the bottom of the page is good for a giggle. -WK)

Organizations and interest groups

American Civil Liberties Union is the United States foremost advocate of individual rights, litigation, legislating, and educating the public on a broad array of issues affecting individual freedoms in the U.S., The ACLU also has a site for dealing with the police.
Privacy Rights Clearinghouse Offers consumers a unique opportunity to learn how to protect their personal privacy with publications and tips on privacy.
Electronic Privacy Information Center is a public interest research center in Washington D.C. Established in 1994 to focus public attention on emerging civil liberty issues, protecting privacy, and the 1st Amendment.
Electronic Frontier Foundation is a non-profit civil liberties organization working in the public interest to protect privacy, free expression, and access to public resources and information online.
Right To Privacy An open discussion site on privacy issues around the world.
Internet Privacy Coalition's mission is to promote privacy and security on the Internet through widespread public use of strong encryption.
Americans for Computer Privacy A coalition working to ensure the online privacy and communication in today information age.
Big Brother Inside Keeping your PC safe from those who want to ID you.
Privacy International is a human rights group formed in 1990 as a watchdog on surveillance by governments and corporations.

Publications & articles on anonymity

Who Knows : Safeguarding Your Privacy in a Networked World by Ann Cavoukian & Dan Tapscott
Anonymity At Any Cost by Declan McCullagh
Cypherpunk arrested after describing anonymous assassinations, by Declan McCullagh
anon.penet.fi shut down; threats by Singapore government, by Declan McCullagh
HotWired: Club Wired - Sameer Parekh
HotWired: Club Wired - Eric Hughes
Clinton administration white paper on the "problem" of anonymity.
European Commission white paper calling for restrictions on anonymity.
Georgia Tech University poll on privacy and anonymity.
Information Privacy in the Marketspace
Addressing Anonymous Messages in Cyberspace, by Gia B. Lee
Anonymity and its Enmities, by A. Michael Froomkin
Privacy-Enhancing Technologies for the Internet
Flood Control on the Information Ocean, Living with Anonymity, Digital Cash & Distributed Databases , by A. Michael Froomkin
Crypto Anarchy and Virtual Communities, by Tim May
Time to bring back anonymity - personuppgiftslagen och internet
One of my favorites, Risk-Free access into the GII via Anonymous Remailers by Paul Strassman and William Marlow of the SAIC.

Freedom of expression must be allowed. With this freedom comes all sorts of problems, but these types of problems are not unique to the Internet. Unpopular speech is a necessary consequence of free speech and it was decided during the drafting of the United States Constitution and the Bill of Rights, that the advantages of free speech outweigh the disadvantages. This principle should hold in cyberspace as well.

William Knowles erehwon@dis.org
PGP Key & Trust Information
Last updated on 12.11.99

http://www.dis.org/erehwon/anonymity.html
Hello to my friends and fans in domestic surveillance!