Anonymity on Internet
It seems like a regular advertisement in a newspaper. “40 years old gentleman seeks contact with younger woman (25-30) to go out together; rel. Not excluded. Letters under number 50386.” The difference is, this message did not appear in a newspaper, but comes from one of the Internet discussion groups, and the article was posted via an ” anonymous remailer ,” located in Finland.
This Finnish server, called ” anon.penet.fi “, was the most popular on the Internet, which is probably due to the simple way of using it. At its peak, the site had more than 400,000 registered users, and around 8,000 messages were processed daily.
What is a remailer
A ‘remailer’ is nothing more than a computer with a large database, which removes the sender of every incoming e-mail message and replaces it with a unique number, after which the message is forwarded to the recipient. The database keeps track of which address belongs to that number, so that a reply from the recipient can be forwarded to the original sender.
The system also allows its users to post messages anonymously in the discussion groups, which made the above message, among other things, possible. It is therefore possible to build up correspondence with someone through this system without ever knowing who this person really is.
Negative view on remailers
When systems such as these come in the news, this side of the matter is usually rarely reported. The emphasis is usually placed on the possibilities of misuse of the system, for example because it is also possible to send someone anonymous threatening letters, or because it is possible to send illegal material without the sender being able to be traced. However, it is forgotten that these kinds of things are the exception rather than the rule, and moreover it is lost sight of what these systems are for.
The most popular are remailers in discussion groups on highly sensitive topics such as sexual abuse, discrimination, prosecutions and recently also in the discussion about the Scientology sect, known for its harsh approach to critics. Such messages are also frequently found in discussion groups on taboo topics or socially unacceptable deviations. Without these systems, users would have no opportunity to participate in discussions.
Anonymity in society
A frequently heard objection to remailers is that being anonymous is not necessary. “If you want to say something, why not put your name on it?” is a common comment when someone anonymously takes part in a discussion. It is also regularly noted that a message from an anonymous user is not worth reading, purely and simply because the sender uses a “mailbox” instead of a “real” address.
Anonymity is normal
However, in our society it is accepted to be anonymous in a large number of situations. Nobody asks for identification at the supermarket, there is no obligation to identify yourself when someone calls you (the Netherlands is one of the few countries where this is customary), and nobody checks whether you state your own address as a sender on a letter . Or open a newspaper. In the vast majority of cases there is no identification of the author, a text like “From our reporter” is everything. And yet nobody protests against this.
Need for anonymity
Furthermore, as the Internet becomes more important in our society, the need for anonymity will increase. Is it really always necessary to sign a message on the Net with your true name? What do you do if you, as an employee of a company, want to request information about another company because you are considering switching? In such a situation, it might be better not to make this request under your real name, because it usually also states which company you work for.
Another well-known example is the so-called ‘whistle-blowing’, the reporting of abuses within the company. And of course it is always possible that you live in a country where freedom of expression is much less normal, so the use of anonymity is a necessity to avoid a visit from the secret police.
A well-known personality can, for example, participate in discussions in this way, without being immediately overwhelmed by fan mail. About two years ago, during a discussion on this topic, someone reported the story of a math teacher who had difficulty with a particular part of his new teaching material, and anonymously placed a request for help in a newsgroup.
How relevant is an identity
Moreover, there is also the idea on the Internet that the real identity of a user matters little. After all, the network is so large that this name won’t tell you much, so what difference is there with an anonymous address? Many users already use an alias or nickname when sending mail, and although it is then possible to retrieve the real name, that is usually not done. After all, if you know someone like “Beowulf,” what are you getting along when you find out that their real name is “John Smith”? And does it matter whether Beowulf’s address is an address of a “real” Internet provider, or an anonymous address assigned by a remailer (“mailbox number”)?
Anonymity is useful, but systems such as the ‘remailers’ described above make little sense when all messages are sent legibly for everyone. The Internet is a very robust system, but the security often leaves something to be desired. For example, on a typical Internet system, all e-mail messages will be stored on one computer. The system administrator has access to all those messages (and of course to all files in the private directory of each user), and the same applies to any ‘hacker’ who manages to guess the system administrator’s password. And this is more common than you think!
But it is not necessary to break into the system where a person has his account to be able to read his e-mail. When I send an e-mail message to someone else, it is sent over the Internet as plain text. On the Internet, a message is passed on as a package from computer to computer, until the message has reached its final destination. It is possible with very simple means to read all messages that go ‘through’ a system, or to have them searched for specific keywords automatically. This means that a user with a bit of technical knowledge on one of the computers that transmits the message can read it.
And it can be even worse. It is even easier to send a message under someone else’s name without it being traceable. This usually happens as a silly joke, but there are cases of people who got into serious trouble because someone received a fake message from them that contained very sensitive things, or where the recipient was called rotten fish.
A solution: encryption
Fortunately there is a solution for this problem. Through encryption a message can be encrypted in such a way that nobody can read it anymore without the key, and there are cryptographic systems that also enable authentication. Currently, the PGP (“Pretty Good Privacy” ) program is very popular on the Internet for this purpose .
This program uses a so-called public-key algorithm. It is no longer necessary to secretly agree on a key, but you can simply send a ‘public key’ to anyone who asks for it, without having to worry that it will fall into the hands of a listening party. The public key can only be used to encrypt messages (and to check a signature, see below), and not to decrypt an encrypted message.
How safe is this?
This technique makes it possible to send encrypted mail to someone you have never met. You just get the public key from a sort of telephone book, and encrypt the mail with it. The recipient uses his personal secret key to decrypt the message. And since he’s the only one with that secret key, no one else can read the mail even though they break into the mail server.
In theory it is possible to derive the secret from the public key; however, with a key of sufficient length this will take many thousands of years on a fast supercomputer. Fortunately, encrypting messages with such a key only takes a few seconds.
The PGP program also offers the option of providing messages with an electronic signature. This function adds a special code to a message that is unique to the message. This code can be compared with a ‘checksum’ that is used, for example, by anti-virus programs. If afterwards, even one character in the message is changed, the code will become invalid.
The code itself is protected by means of the secret key, and the recipient can now retrieve the code with the public key. He can now compare this with a self-generated code of the message, and thus detect any changes. In this case the keys are used in the “wrong” order; with the secret key the code is encrypted, and with the public key the original code is obtained again. With “normal” exchange of e-mail you use the public key to encrypt things, and the secret key to get the original back. A code encrypted with a secret key is usually referred to as ‘digital signature’.
The algorithm at issue here is called RSA, and dates from the 1970s. Despite the age, it is still considered by the experts as an unbreakable system. This is in contrast to the ‘encrypt’ or ‘password’ function in popular programs such as WordPerfect, Word, Excel or PK-ZIP, for which special cracking programs are available that can find the key in a few minutes.
The unbreakability of PGP is also the reason that the export of the program from the US is not allowed. According to US law, unbreakable encryption programs are covered by the Weapons Act, which prohibits, inter alia, the export of nuclear weapons and tanks. However, the program is already freely available outside the US, and there is currently a discussion on this topic.
Many companies complain about this restriction, which hinders them from developing systems to securely handle transactions over the Internet. Netscape in particular, the company behind the popular World Wide Web browser, is experiencing problems with this. This restriction is also one of the reasons why the encryption functions of the above programs are so weak. If the program contained a better algorithm, it could not be sold outside the US.
The Internet as it currently exists is a very robust system, but security leaves something to be desired. The need for anonymity will only increase, as will the desire to send private correspondence via e-mail, and to protect themselves against counterfeiting. Although there are various laws on privacy in the meantime , this often turns out to be disappointing in practice. Technical security, such as via remailers (in English) or encryption , therefore seems the appropriate way.
Direct Contact Our Online Reputation Expert whatsapp +923004221777