Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on Identifying your posters

From: Dave Farber <dave () farber net>
Date: Thu, 11 Sep 2003 12:54:49 -0400


Date: Thu, 11 Sep 2003 11:45:03 -0500
From: Bob Alberti <alberti () sanction net>
Subject: RE: [IP] Identifying your posters
To: dave () farber net



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


There are as many ways to create anonymous posts as there are ways to skin a
cat.  If one is concerned about such things and not already maintaining
anonymous free e-mail accounts then one is truly negligent.

Asking a list admin to massage even a portion of the posts across a list is
not only inexcusably lazy, but reckless: if the list admin makes a mistake
your identity may be revealed.

And not only is it likely that our list admin has better things to do than
anonymize posts, but he is opening himself up to liability everytime he
agrees to modify someone else's post.  Should he risk a lawsuit for damages
following an insufficiently-anonymized post that leads to a termination?

If the list admin wishes to provide an anonymous posting channel, I suggest
a simple web-based submission form, that does not collect identity, which he
could then review before deciding whether to post to the list.  If the list
admin were confident that his form collected no identifying information then
he could be confident that his anonymizing would not fail. Non-expert
posters would have only his word that the form collected no identifying
information, but then that is the case on every form on the Web.

If a USER wishes to post anything anonymously anywhere on the web, then I
suggest they begin by finding a web cafe, since all posts can be
theoretically be traced back to you at your ISP. (In practice of course this
is unlikely, but then good paranoia does not yield to mere reason.) Once
you've got an anonymous access point selectred, search Google for phrases
such as "anonymous remailer" and "anonymous proxy" and you're on your way.

Bob Alberti, CISSP, President                       Sanction, Inc.
Phone: (612) 486-5000 ext 211                             PO Box 583453
http://www.sanction.net                             Mpls, MN 55458-3453

Most security breaches are 'inside jobs': how secure are your HR files?


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBP2CmjMdfCzls9EBAEQIB3wCdEgxFGlt+1Io4ZeQfDvW4MqOt9MkAn0bN
DvSbEEUOPOJaAjlpaTlIZrHt
=zhQe
-----END PGP SIGNATURE-----


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: