GNU Info
(mailcrypt.info)Remailer Security
Remailer Security ================= Keep in mind that there is only one person fully qualified to protect your privacy: _you_. You are responsible for obtaining a list of remailers and their public keys; you are responsible for choosing which of them to use and in what order. There are public lists of remailers and keys (the Quick Start section above relies on them), but you pay for the convenience by putting your trust in a single source. This is one reason Mailcrypt does not access these public lists automatically; you need to get into the habit of watching what goes on behind the scenes. You should also try to learn something about the remailers themselves, since you are relying on them to help protect your privacy. How many remailers should you include in your chain, and how should you choose them? That depends on whom you perceive as a threat. If the threat is your ex-spouse or your boss, even a single remailer is probably adequate (more won't hurt, but will cost in latency). If the threat is the Church of Scientology, you probably want to use a fair number of remailers across multiple continents. If the threat is a major world government, well, best of luck to you. Also, there is a huge difference between chains suitable for regular messages and chains suitable for response blocks. Some remailers don't even keep mail logs (at least, their operators claim they do not), so it may be literally impossible to trace a message back to you after the fact if you chain it through enough remailers. Response blocks, on the other hand, have your identity buried in there _somewhere_. In principle, at least, it is possible to compromise the keys of all the remailers in the chain and decrypt the response block. So you should either use very long and strong chains for your response blocks, avoid using response blocks at all, or only use response blocks which themselves ultimately point to a newsgroup.
automatically generated by info2www version 1.2.2.9