Domain: shinn.net
Stories and comments across the archive that link to shinn.net.
Comments · 7
-
Re:PGPNope...nym.alias.net was still there last I checked...several mixmaster sites...
Go check here:
And for more nym information: Nym creation for mere mortals
-
Re:FunnySpamassassin does a pretty good job of filtering out all those messages, despite the altered spellings.
Vipul's Razor (real-time spam database) uses Nilsimsa signatures to detect superficial changes to known messages, and spamassassin removes non-visible html tricks from the message before it checks against razor (assuming you enabled the razor check in your
.spamassassin/user_prefs file, or system wide when you installed it).Someone I know once worked on software to do realtime filtering of keywords in "family friendly" chatrooms. He said it was almost impossible
It's obviously not impossible, since it's implemented and working in spamassassin/razor, and together with the hundreds of other checks and weighted scroring system, it IS highly effective at removing nearly all spam.
Spamassassin is a great example of the power of open-source software development. It's a big arms race between spammers and spam filters, and the only filter that seems to be consistently winning in spamassassin.
And if you're stuck with a lame but unfortunately common OS and email client, it looks like Deersoft is packaging it all up with a nice "any idiot can click and install this" package, but be ready to pay a few bucks. Spamassassin really does work wonders, so if you're no good at unix, the $30 is probably money well spent for someone to make it easy for you. It's of course free and relatively to use on any respectable unix platform that has procmail or sendmail.
-
Re:Yeah, I remember that discussion...and sends a slightly modified message to each group of we'll say 10 addresses
You'd have to make substantial changes to defeat Nilsimsa (which I'm not sure if Razor is really using yet, but it is planned).
I doubt a tool could be crafted to automatically alter a text message sufficiently to avoid Nilsimsa without also distorting the message so badly that it'd be worthless (it'd have to be automated to be effective). Even knowing where Nilsimsa will decide where the clusters are within the data, you'd need to be able to make a good number of those clusters change, and change in a different combination that ever done previously.
It'd take quite a linguist to craft code to substitute words, phrases, etc and still achieve the same overall message with each one significantly different. Then again, maybe Scott Pakin could do it?
-
Re:Signatures?Its way more complicated than that. Just read the "whats new" page for a good summary:
http://razor.sourceforge.net/docs/whatsnew.htmlActually, the version 2 protocol has been in use for some time. On my system, where I installed Razor in February 2002:
paul@wallace ~ > razor-check -v
Shame on me. Apparantly I missed Vipul's announcement four days ago that everyone needs to upgrade to version 2.06.
Razor Client Tools 1.19, protocol version 2Eventually, Razor is going to use the Nilsimsa Hash Algorithm, which is supposed to be able to detect spams where the spammer made only a minor change to avoid being matched against previously transmitted copies. The Razor V2 protocol has support for this hashing algorithm and others. Who knows, maybe they're already implmented it? Ought to take a peek at the perl code sometime....
-
Re:Checksumming -- defeatable?Yes. The DCC page states that they use a 'fuzzy' checksumming algorithm that doesn't just checksum the whole message, and that the algorithm is evolving as spam evolves.
I cannot speak to what approach DCC uses, but razor only picks pieces of a message it believes to be static when computing its SHA1 hash. In the very near future, razor is going to implement Nilsimsa hashes which are 'fuzzy' and should be able to detect everything from spam with minor differentials to mutating e-mail viruses.
Combined with the new razor trust system, razor is going to be quite the tool; and when used in conjunction with SpamAssassin we'll have quite the arsenal to battle unwanted spam.
-
Re:Online copies?Another mirror:
-
Has Happened: See nym.alias.net.You're not very up on the times it would seem. Penet went down because its reply blocks were in the clear, and there was no ability to chain your replies thru other anonymous remailers cryptographically. Penet did not use any encryption at all. Thats why it went down. It was a giant risk to its users and as such, a nice big fat juicy target for the cult of scientology to sue (to try and get those reply blocks). The model was hopelessly flawed, but that does not mean that the idea of perfect forward secrecy, digital mixes and anonymous bi-drectional communication is flawed. Its not.
Modern remailers, such as Type I and Type II remailers, as well as nym remailers (which allow for anonymous bi-directional traffic, without reply blocks being in the clear, and with the ability to chain the replies thru N Type I or Type II remailers) which have been in use for years, solve all of the problems that brought penet.
You can have absolute privacy and absolute anonymity now. Just visit http://mixmaster.shinn.net or any of the other remailers websites for instructions. Heck, if you want ease of use, you can install ZKS' freedom software and abstract away all the work (at a little cost to security). Privacy is not that hard to do, and its really frustrating that people on slashdot have bought into the myth that privacy is not something you can have in this day and age. That is absolute bunk.
Python