[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] JAP back doored

To: error <error@lostinthenoise.net>
Subject: Re: [Full-Disclosure] JAP back doored
From: Adrian Nutz <list@nutz.ch>
Date: 21 Aug 2003 21:05:55 +0200

But this is not the full story....see
http://www.heise.de/newsticker/data/uma-20.08.03-000/ (in german).
In short: While the AN.ON-Projekt was forced to put in the
logging-function, other mixes are not affected. SPLINE
(http://www.spline.de/) for example refuses to implment the logging.
They are in the cascades Luebeck-Berlin-Dresden and New
York-Berlin-Dresden. I think that german judges won't have a way to
force a mix in New York to implment the logging, which gives a cascade
of two (possibly) unlogged mixes if you use the New York-Berlin-Dresden
cascade.

I believe, that if there where more mixes around and more traffic on
the, this would be the best way to give a lot of anonymity. 
There should be mixes in many different countries, if possible most of
them shouldn't have any kind of treaties that allow a fast reaction from
the police in this countries if some other country wants logs.
Having many mixes requires a lot of traffic to conceal the
individual...best way here would be if large firms proxied all their
employees through JAP...which would help the firms as well.

regards,
Adrian

On Thu, 2003-08-21 at 19:20, error wrote:
> This is a terrible day for privacy advocates that used the once (perhaps
> never true) "anonymous" Java Anonymous Proxy. According to a  story (
> http://theregister.co.uk/content/55/32450.html) by The Register 
> 
> (It was also posted to
> ("http://securityfocus.com/archive/1/334382/2003-08-18/2003-08-24/0)
> BugTraq)
> 
> JAP was back doored by court order. It was a forced upgrade (after a
> service interruption) to monitor "one site" that continues to be
> unnamed. How sad it is when a group have a motto of "Anonymity is not a
> crime." and then hand logs to the police without a word? Clearly if they
> are able to defend themselves on alt.2600
> (http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&frame=right&th=f4ef43f695ca29e8&seekm=3f3d3740%241_1%40news.vic.com#link10), they aren't under a gag. Read it and weep.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] JAP back doored
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- [Full-Disclosure] JAP back doored
  - From: error <error@lostinthenoise.net>

Prev by Date: [Full-Disclosure] [RHSA-2003:258-01] GDM allows local user to read any file.
Next by Date: RE: [Full-Disclosure] windowsupdate
Prev by thread: Re: [Full-Disclosure] JAP back doored
Next by thread: Re: [Full-Disclosure] JAP back doored
Index(es):
- Date
- Thread