Presentation is loading. Please wait.

Presentation is loading. Please wait.

Forensic Dead-Ends: Tracing Anonymous R er Abusers Len Sassaman The Shmoo Group

Published byCarmel Foster Modified over 9 years ago

Similar presentations

Presentation on theme: "Forensic Dead-Ends: Tracing Anonymous R er Abusers Len Sassaman The Shmoo Group"— Presentation transcript:

1 Forensic Dead-Ends: Tracing Anonymous Remailer Abusers Len Sassaman The Shmoo Group rabbi@shmoo.com

2 What is Anonymity?

3 Network anonymity services Shield the identity of the user Conceal other identifying factors Dissociate users’ actions with identity Do not conceal that those actions occur! Anonymity != privacy

4 Why Anonymity on the Internet is Necessary

5 Why people use remailers Whistle blowing Discussion of personal or taboo issues Journalistic correspondence Spam protection Future anonymity Political speech Censorship avoidance

6 Why people operate remailers Belief in the right to anonymity Necessity of remailer network Certainty of uncompromised remailer Exercise applied Cypherpunk technology

7 Corporate uses Research of competitors Avoidance of information leakage Thwarting industrial espionage Employee feedback

8 Commercial anonymity Reasons why selling anonymity is difficult –Payment collection (no anonymous cash!) –Cost of operating service –Need for a large anonymity set –Uncertain demand –Legal restrictions –Abuse complications

9 Commercial anonymity Reasons why buying anonymity is difficult –Payment rendering (no anonymous cash!) –Uncertainty of anonymity strength –Availability of service –Local network restrictions –Ease of use

10 Types of Anonymity on the Internet

11 Weak anonymity Protection from the casual attacker Spam avoidance Anonymous online forums

12 Strong anonymity Protection from ISP snooping Protection from government monitoring Protection in the case of server compromise (hacker-proofing)

13 Examples Free web mail accounts SSL anonymous proxies Anonymous ISPs Anonymous mail relays Mix-net remailer systems

14 History of strong remailers anon.penet.fi Cypherpunk remailers (Type 1) Mixmaster remailers (Type II) Zero Knowledge Freedom mail Mixminion (Type III -- forthcoming)

15 The Mechanics of Strong Anonymity

16 David Chaum’s mix-nets Multi-layered encyption chains indistinguishable message packets Random reordering at each hops Return address reply blocks

17 Mixmaster A mix-net implimentation Clients available for Windows, Macintosh, Unix Servers available for Unix and Windows Low hardware resource requirements Reliable network connection Mail server capabilities

18 A Mixmaster Packet

19 Journey of a mixed message Chain selection Encryption Padding/splitting Transmission What an all-seeing observer would know Importance of a large anonymity set Cover traffic

20 Flaws in Mixmaster Tagging attacks Flooding attacks Key compromise Need for forward secrecy Reliability failings Ease of use Lack of return address capability

21 Inside a Mixmaster Remailer

22 Walk-through of a live system Remailer program location Mail handling Remailer packet handling Logging Abuse processing

23 Types of Abuse

24 Spam Remailers are ill-suited for email spam High latency, easy detection Open-relays are much better Usenet spam is still a problem

25 Piracy Most remailers block binary transfers Anonymity is decreased by sending large, multi-packet messages Email is a poor medium for file transfer Throw-away shell/ftp accounts, irc, and p2p systems are more popular for warez

26 Targeted harassment Directed abusive messages at individuals Floods from one or more remailers Usenet flames

27 Remailers and terrorism Media hype Immediate increase in # of remailers Political opinion of anonymity Remailers: Tools against terror What about public libraries?

28 Getting around the Remailer Dead-End

29 Means of tracking abusers Seizing remailer servers won’t work Snooping traffic will reveal little Carnivore not very useful Flooding/tagging won’t work after the fact (if at all) Honeypot remailers and chain manipulation Literary forenics Side-channel leakage

30 Stopping abuse Individual remailer block-lists The Remailer Abuse Blacklist –http://www.paracrypt.com/remailerabuse/ Local filtering Do not need to know the ID of abuser Ways to avoid being a target of abuse Spam and flood detection tools for remops

31 Information an Anonymity Service Provider is Able to Reveal

32 The downfall of anon.penet.fi What Penet couldn’t provide Scientology vs. The Internet Why Julf Helsingius closed anon.penet.fi http://www.penet.fi/press-english.html

33 Why remops don’t keep logs Disk space / resource drain Local user privacy concerns Not useful for abuse investigations

34 “Black-bagging a remailer” Only the last hop is usually known No logs No chain information Keys aren’t useful in last hop All chained hops are needed START-TLS forward secrecy Future message compromise potential

35 Asking for help What to ask a remop when investigating abuse What will encourage a remop to be helpful What will discourage a remop Personal experiences

36 Comments Len Sassaman rabbi@shmoo.com

Download ppt "Forensic Dead-Ends: Tracing Anonymous R er Abusers Len Sassaman The Shmoo Group"

Similar presentations

Basic Communication on the Internet:

Basic Communication on the Internet:
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Visualizing Privacy II.
Anonymity Services and the Law: How to Safely Provide Anonymity Technology on the Internet Len Sassaman The Shmoo Group

Anonymity Services and the Law: How to Safely Provide Anonymity Technology on the Internet Len Sassaman The Shmoo Group
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,

Building a Peer-to-Peer Anonymizing Network Layer Michael J. Freedman NYU Dept of Computer Science Public Design Workshop September 13,
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.

The Case for Network-Layer, Peer-to-Peer Anonymization Michael J. Freedman Emil Sit, Josh Cates, Robert Morris MIT Lab for Computer Science IPTPS’02March.
I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.
Behind the Machine “The Good, The Bad, and the Ugly” Copyright © 2008 by Helene G. Kershner.

Behind the Machine “The Good, The Bad, and the Ugly” Copyright © 2008 by Helene G. Kershner.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S
Your technology solution partner.™ Security Enterprise Protection Gener C. Tongco Product Manager CT Link Systems Inc.

Your technology solution partner.™ Security Enterprise Protection Gener C. Tongco Product Manager CT Link Systems Inc.

Similar presentations

Ads by Google