🚀 go-pugleaf

Archive-name: net-privacy/part2
Last-modified: 1993/3/3
Version: 2.1


IDENTITY, PRIVACY, and ANONYMITY on the INTERNET
================================================

(c) 1993 L. Detweiler.  Not for commercial use except by permission
from author, otherwise may be freely copied.  Not to be altered. 
Please credit if quoted.

SUMMARY
=======

Email and account privacy, anonymity, file encryption,  academic 
computer policies, relevant legislation and references, EFF, and 
other privacy and rights issues associated with use of the Internet
and global networks in general.

(Search for <#.#> for exact section. Search for '_' (underline) for
next section.)

PART 2
====== (this file)

Resources
---------

<4.1> What UNIX programs are related to privacy?
<4.2> How can I learn about or use cryptography?
<4.3> What is the cypherpunks mailing list?
<4.4> What are some privacy-related newsgroups?  FAQs?
<4.5> What is internet Privacy Enhanced Mail (PEM)?
<4.6> What are other Request For Comments (RFCs) related to privacy?
<4.7> How can I run an anonymous remailer?
<4.8> What are references on privacy in email?
<4.9> What are some email, Usenet, and internet use policies?
<4.10> What is the MIT ``CROSSLINK'' anonymous message TV program?

Miscellaneous
-------------

<5.1> What is ``digital cash''?
<5.2> What is a ``hacker'' or ``cracker''?
<5.3> What is a ``cypherpunk''?
<5.4> What is `steganography' and anonymous pools?
<5.5> What is `security through obscurity'?
<5.6> What are `identity daemons'?
<5.7> What standards are needed to guard electronic privacy?

Issues
------

<6.1> What is the Electronic Frontier Foundation (EFF)?
<6.2> Who are Computer Professionals for Social Responsibility (CPSR)?
<6.3> What was `Operation Sun Devil' and the Steve Jackson Game case?
<6.4> What is Integrated Services Digital Network (ISDN)?
<6.5> What is the National Research and Education Network (NREN)?
<6.6> What is the FBI's proposed Digital Telephony Act?
<6.7> What other U.S. legislation is related to privacy on networks?
<6.8> What are references on rights in cyberspace?
<6.9> What is the Computers and Academic Freedom (CAF) archive?

Footnotes
---------

<7.1> What is the background behind the Internet?
<7.2> How is Internet `anarchy' like the English language?
<7.3> Most Wanted list
<7.4> Change history


* * *


RESOURCES
=========


_____
<4.1> What UNIX programs are related to privacy?

  For more information, type `man [cmd]' or `apropos [keyword]' at the
  UNIX shell prompt.

    passwd - change password
    finger - obtain information about a remote user
    chfn   - change information about yourself obtainable by remote
             users (sometimes `passwd -f')
    chmod  - change the rights associated with a file or directory
    umask  - (shell) change the default (on creation) file access
             rights
    ls     - list the rights associated with files and directories
    xhost  - allow or disable access control of particular users to an
             Xwindow server
    last   - list the latest user logins on the system and their
             originations
    who    - list other users, login/idle times, originations
    w      - list other users and what they are running
    xhost  - access control list for X Window client use
    xauth  - control X Window server authentication
    
    .signature  - file in the home directory appended to USENET posts
    .forward    - file used to forward email to other accounts
    .Xauthority - file used for X Window server authentication keys
    $SIGNATURE  - variable used for name in email and USENET postings

  The 'tcpdump' packet-tracing program is loosely based on SMI's
  "etherfind" although none of the etherfind code remains.  It was
  originally written by Van Jacobson, Lawrence Berkeley Laboratory,
  as part of an ongoing research project to investigate and improve
  tcp and internet gateway performance.  A current version is
  available via anonymous ftp from host ftp.ee.lbl.gov (currently at
  address 128.3.254.68) file tcpdump.tar.Z (a compressed Unix tar
  file). This program is subject to  the 'standard' Berkeley network
  software copyright.

_____
<4.2> How can I learn about or use cryptography?

  A general introduction to mostly theoretical cryptographic issues,
  especially those frequently discussed in sci.crypt, is available
  in FAQ form:

  >  Compiled by:
  >        cme@ellisun.sw.stratus.com (Carl Ellison)
  >        Gwyn@BRL.MIL (Doug Gwyn)
  >        smb@ulysses.att.com (Steven Bellovin)

  NIST (U.S. National Institute for Standards and Technology)
  publishes an introductory paper on cryptography, special
  publication 800-2 ``Public-Key Cryptograhy'' by James Nechvatal
  (April 1991).  Available via anonymous FTP from
  csrc.ncsl.nist.gov (129.6.54.11), file pub/nistpubs/800-2.txt. 
  Also via available anonymous FTP from wimsey.bc.ca as crypt.txt.Z
  in the crypto directory.  Covers technical mathematical aspects
  of encryption such as number theory.

  More general information can be found in a FAQ by Paul Fahn of RSA
  Labortories via anonymous FTP from rsa.com in /pub/faq.ps.Z.  See
  the `readme' file for information on the `tex' version.  Also
  available as hardcopy for $20 from   RSA Laboratories, 100 Marine
  Parkway, Redwood City, CA  94065.  Send questions to
  faq-editor@rsa.com.

  Phil Zimmerman's PGP (Pretty Good Privacy) public-domain package
  for public key encryption is available at numerous sites, and is
  in widespread use over the internet for general UNIX-based file
  encryption (including email).  Consult the archie FTP database. 
  Also see the newsgroup alt.security.pgp.  Mailing list requests
  to info-pgp-request@lucpul.it.luc.edu.

  From the RIPEM FAQ by Marc VanHeyningen
  <mvanheyn@whale.cs.indiana.edu> on news.answers:

  > RIPEM is a program which performs Privacy Enhanced Mail (PEM)
  > using the cryptographic techniques of RSA and DES.  It allows
  > your electronic mail to have the properties of authentication
  > (i.e. who sent it can be confirmed) and privacy (i.e. nobody can
  > read it except the intended recipient.)
  > 
  > RIPEM was written primarily by Mark Riordan
  > <mrr@scss3.cl.msu.edu>. Most of the code is in the public domain,
  > except for the RSA routines, which are a library called RSAREF
  > licensed from RSA Data Security Inc.
  > 
  > RIPEM is available via anonymous FTP to citizens and permanent
  > residents in the U.S. from rsa.com; cd to rsaref/ and read the
  > README file for info.
  > 
  > RIPEM, as well as some other crypt stuff, has its `home site' on
  > rpub.cl.msu.edu, which is open to non-anonymous FTP for users in
  > the U.S. and Canada who are citizens or permanent residents.  To
  > find out how to obtain access, ftp there, cd to pub/crypt/, and
  > read the file GETTING_ACCESS.

  Note: cryptography is generally not well integrated into email yet
  and some system proficiency is required by users to utilize it.

_____
<4.3> What is the cypherpunks mailing list?

  Eric Hughes <hughes@toad.com> runs the `cypherpunk' mailing list
  dedicated to ``discussion about technological defenses for privacy
  in the digital domain.''  Send email to
  cypherpunks-request@toad.com to be added or subtracted from the
  list. From the charter:

  > The most important means to the defense of privacy is encryption.
  > To encrypt is to indicate the desire for privacy.  But to encrypt
  > with weak cryptography is to indicate not too much desire for
  > privacy. Cypherpunks hope that all people desiring privacy will
  > learn how best to defend it.

_____
<4.4> What are some privacy-related newsgroups?  FAQs?
  
  Newsgroups
  ==========

  alt.comp.acad-freedom.news
  alt.comp.acad-freedom.talk 
  --------------------------
    Moderated and unmoderated issues related to academic freedom and
    privacy at universities. Documented examples of violated
    privacy in e.g. email.  Documented examples of `censorship' as
    in e.g. limiting USENET groups local availability.

  alt.cyberpunks
  --------------
    Virtual reality, (science) fiction by William Gibson and Bruce 
    Sterling, cyberpunk in the mainstream.
 
  alt.hackers
  -----------
    USENET Network News Transfer Protocol (NNTP) posting mechanisms, 
    Simple Mail Transfer Protocol (SMTP), `obligatory hack' reports.

  alt.privacy
  -----------
    General privacy issues involving taxpaying, licensing, social
    security numbers, etc.
  
  alt.security 
  comp.security.misc
  ------------------
    Computer related security issues.  FAQ in news.answers below.
  
  alt.security.pgp
  alt.security.ripem
  ----------------
    Dedicated to discussing public domain cryptographic software
    packages: PGP, or ``Pretty Good Privacy'' Software developed by
    Phil Zimmerman for public key encryption, and RIPEM by Mark
    Riordan for public key and DES encryption.
  
  comp.society.privacy
  --------------------
    Privacy issues associated with computer technologies.  Examples:
    caller identification, social security numbers, credit
    applications, mailing lists, etc.  Moderated.
    
  comp.eff.news
  comp.eff.talk
  -------------
    Moderated and unmoderated groups associated with the Electronic
    Frontier Foundation started by Mitch Kapor for protecting civil
    and constitutional rights in the electronic realm.
  
  news.admin
  news.admin.policy
  -----------------
    Concerns of news administrators.  NNTP standards and mechanisms.
    
  news.lists
  ----------
    USENET traffic distributions.  Most frequent posters, most
    voluminous groups, most active sites, etc.
  
  sci.crypt
  ---------
    Considers scientific and social issues of cryptography. 
    Examples: legitimate use of PGP, public-key patents, DES,
    cryptographic security, cypher breaking, etc.
  

  FAQs
  ====

  FAQs or ``Frequently-Asked Questions'' are available in the
  newsgroups *.answers or via anonymous FTP to pit-manager.mit.edu
  [18.172.1.27] (also rtfm.mit.edu)  from the directory
  /pub/usenet/news.answers/[x] where [x] is the archive name. This
  FAQ is archived in the file `net-privacy'.   Others are:

  network-info/part1  
  ------------------
    Sources of information about the Internet and how to connect to
    it, through the NSF or commercial vendors.
  
  alt-security-faq
  ----------------
    Computer related security issues arising in alt.security and
    comp.security.misc, mostly UNIX related.
  
  ssn-privacy 
  -----------
    Privacy issues associated with the use of the U.S. Social
    Security number (SSN).
  
  pdial
  -----
    Public dialup internet accounts list.
  
  college-email/part1
  -------------------
    How to find email addresses for undergraduate and graduate
    students, faculty and staff at various colleges and
    universities.
  
  ripem/faq
  ---------
    Information on RIPEM, a program for public key mail encryption
    officially sanctioned by Public Key Partners Inc., the company
    that owns patents on public key cryptography.
  
  unix-faq/faq/part1
  ------------------
    Frequently-asked questions about UNIX, including information on
    `finger' and terminal spying.

  distributions/*
  ---------------
     Known geographic, university, and network distributions.

_____
<4.5> What is internet Privacy Enhanced Mail (PEM)?

  Internet drafts on Privacy Enhanced Mail (PEM) describe a standard
  under revision for six years delineating the official protocols for
  email encryption.  The standard has only recently stabilized and
  implementations are being developed.

  - RFC-1421: ``Privacy Enhancement for Internet Electronic Mail: 
    Part I: Message Encryption and Authentication Procedures.'' J.
    Linn <104-8456@mcimail.com>

  - RFC-1422: ``Privacy Enhancement for Internet Electronic Mail: Part
    II: Certificate-Based Key Management'' S. Kent <Kent@BBN.com>

  - RFC-1424: ``Privacy Enhancement for Internet Electronic Mail: 
    Part IV: Key Certification and Related Services'' B. Kaliski
    <burt@rsa.com>

  - RFC-1423: ``Privacy Enhancement for Internet Electronic Mail: Part
    III: Algorithms, Modes, and Identifiers'' D. Balenson
    <belenson@tis.com>

  Send email to pem-info@tis.com for more information.  See ``RFCs 
  related to privacy'' for information on how to obtain RFCs.
  
_____
<4.6> What are other Requests For Comments (RFCs) related to privacy?

  RFC-822:  SMTP, Simple Mail Transfer Protocol
  RFC-977:  NNTP, Network News Transfer Protocol
  RFC-1036: Standard for interchange of network news messages
  RFC-1208: Glossary of Networking Terms
  RFC-1207: Answers to ``experienced Internet user'' questions
  RFC-1206: Answers to ``new Internet user'' questions
  RFC-1355: Privacy issues in Network Information center databases

  
  RFC-1177 is ``FYI: Answers to commonly asked ``new internet user'' 
  questions, and includes: basic terminology on the Internet (TCP/IP,
  SMTP, FTP), internet  organizations such as IAB (Internet
  Activities Board) and IETF  (Internet Enbgineering Task Force), and
  a glossary of terms.  Also from ftp.eff.org:
  /pub/internet-info/internet.q.

  > RFCs can be obtained via FTP from NIC.DDN.MIL, with the pathname
  > RFC:RFCnnnn.TXT or RFC:RFCnnnn.PS (where `nnnn' refers to the
  > number of the RFC).  Login with FTP, username `anonymous' and
  > password `guest'.  The NIC also provides an automatic mail
  > service for those sites which cannot use FTP.  Address the
  > request to SERVICE@NIC.DDN.MIL and in the subject field of the
  > message indicate the RFC number, as in `Subject: RFC nnnn' (or
  > `Subject: RFC nnnn.PS' for PostScript RFCs).
  >
  > RFCs can also be obtained via FTP from NIS.NSF.NET.  Using FTP,
  > login with username `anonymous' and password `guest'; then
  > connect to the RFC directory (`cd RFC').  The file name is of the
  > form RFCnnnn.TXT-1 (where `nnnn' refers to the number of the
  > RFC).  The NIS also provides an automatic mail service for those
  > sites which cannot use FTP.  Address the request to
  > NIS-INFO@NIS.NSF.NET and leave the subject field of the message
  > blank.  The first line of the text of the message must be `SEND
  > RFCnnnn.TXT-1', where nnnn is replaced by the RFC number.
  
_____
<4.7> How can I run an anonymous remailer?

  Cypherpunk remailer source is at soda.berkeley.edu in the
  /pub/cypherpunks directory.  It's written in PERL, and is
  relatively easy to install (no administrative rights are required).
  Karl Barrus  <elee9sf@menudo.uh.edu> has more information and
  modifications. Also, most remailer operators mentioned above are
  amenable to discussing features, problems, and helping new sites
  become operational. Address all points in the section
  ``responsibities of anonymous use'' in this document prior to
  advertising your service.  You should be committed to the long-term
  stability of the site and avoid running one surreptitiously.

_____
<4.8> What are references on privacy in email?


  Brown, Bob. ``EMA Urges Users to Adopt Policy on E-mail Privacy.''  
  Network World (Oct 29, 1990), 7.44: 2.
  
  Bairstow, Jeffrey. ``Who Reads your Electronic Mail?'' Electronic
  Business  (June 11, 1990) 16 (11): 92.

  ``Electronic Envelopes - the uncertainty of keeping e-mail private''
  Scientific American, February 1993.

  ftp.eff.org
  ===========

  /pub/eff/papers/email_privacy
  ---
    Article on the rights of email privacy. by Ruel T. Hernandez.

  /pub/academic/law/privacy.email
  ---
    ``Computer Electronic Mail and Privacy'', an edited version of a
    law school seminar paper by Ruel T. Hernadez.

  /pub/eff/papers/email-privacy-biblio-2
  ---
    Compilation of bibliography on E-Mail and its privacy issues (part
    2 of the work).  Compiled by Stacy B. Veeder (12/91).

  /pub/eff/papers/email-privacy-research
  ---
    The author at Digital Research tried to formalize their employee
    privacy policy on E-Mail.  The casesightings are divided into two
    groups: US Constitutional law, and California law.

  /pub/eff/papers/company-email
  ---
    Formulating a Company Policy on Access to and Disclosure of
    Electronic Mail on Company Computer Systems by David R. Johnson
    and John Podesta for the Electronic Mail Assocation

  /pub/cud/alcor
  ---
    Information on Alcor Co., an e-mail privacy suit.

  /pub/academic/law/privacy.email
  ---
    Email privacy search at Berkeley.

_____
<4.9> What are some email, Usenet, and internet use policies?

  The Computer Policy and Critiques Archive is a collection of the
  computer policies of many schools and networks, run by the
  Computers and Academic Freedom group on the Electronic Frontier
  Foundation FTP site. The collection also includes critiques of some
  of the policies.

  > If you have gopher, the archive is browsable with the command:
  > gopher -p academic/policies gopher.eff.org
  > 
  > The archive is also accessible via anonymous ftp and email. Ftp
  > to ftp.eff.org (192.88.144.4). It is in directory
  > `pub/academic/policies'. For email access, send email to
  > archive-server@eff.org. Include the line:
  > 
  > send acad-freedom/policies <filenames>
  > 
  > where <filenames> is a list of the files that you want. File
  > README is a detailed description of the items in the directory.
  > 
  > For more information, to make contributions, or to report typos
  > contact J.S. Greenfield (greeny@eff.org). Directory `widener'
  > contains additional policies (but not critiques).


  ftp.eff.org
  ===========
  
  /pub/cud/networks
  ---
    Acceptable Use Policies for various networks, including CompuServe
    (file `compuserve'), NSFNET (file `nsfnet') with information on
    research and commercial uses. See /pub/cud/networks/index.

  /pub/cud/networks/email
  ---
    Policies from various sysadmins about how they handle the issue of
    email privacy,  control, and abuse, compiled by T. Hooper 
    <hooper_ta@cc.curtin.edu.au>.
  
  /pub/cud/schools/
  ---
    Computer use policies of a number of schools. See schools/Index
    for a full list and description.

  
  Commentary
  ==========

  /pub/academic/faq/policy.best
  ---
    Opinions on the best academic computer policies.


  /pub/academic/faq/email.policies
  ---
    Do any universities treat email and computer files as private?

  /pub/academic/faq/netnews.writing
  ---
    Policies on what users write on Usenet.

  /pub/academic/faq/netnews.reading
  ---
    Policies on what users read on Usenet: should my university remove
    (or restrict) Netnews newsgroups because some people find them
    offensive?

  /pub/academic/faq/policy
  ---
    What guidance is there for creating or evaluating a university's
    academic computer policy?

______
<4.10> What is the MIT ``CROSSLINK'' anonymous message TV program?

  > CROSSLINK is an anonymous message system run on MIT Student
  > Cable TV-36. It provides an anonymous medium through which MIT
  > students can say those things they might otherwise find
  > difficult, inconvenient or impossible to say in person.  It's
  > also a way to send fun or totally random messages to your
  > friends over the air.  It is similar to the anonymous message
  > pages found in many college newspapers, except that it's
  > electronic in nature and it's free.

  Messages can be posted to the service via email.  For more
  information send email to crosslink@athena.mit.edu.


MISCELLANEOUS
=============

_____
<5.1> What is ``digital cash''?

  With digital encryption and authentication technologies, the
  possibility of a widespread digital cash system may someday be
  realized.  A system utilizing codes sent between users and banks
  (similar to today's checking system except entirely digital) may
  be one approach.  The issues of cryptography, privacy, and
  anonymity are closely associated with transfer of cash in an
  economy.  See the article in Scientific American by David Chaum
  (~Dec.1992).

  An experimental digital bank is run by Karl Barrus
  <elee9sf@Menudo.UH.EDU> based on suggestions by Hal Finney on the
  cypherpunks mailing list.  To use the server send mail to
  elee7h5@rosebud.ee.uh.edu message with the following text:

    ::
    command: help
    
    user@host

  where `user@host' is your email address.
 
  
_____
<5.2> What is a ``hacker'' or ``cracker''?

  These terms arouse strong feelings by many on their meaning,
  especially on the internet.  In the general news media in the past
  a person who uses computers and networks to malicious ends (such as
  breaking into systems) has been referred to as a hacker, but most
  internet users prefer the term ``cracker'' for this.  Instead, a
  ``hacker'' is perceived as a benign but intensely ambitious,
  curious, and driven computer user who explores obscure areas of a
  system, for example---something of a proud electronic pioneer and
  patriot.  This is the sense intended in this document.  See also
  the ``Hacker's Dictionary'' and the FAQ `alt-security-faq'.
 
 
_____
<5.3> What is a ``cypherpunk''?

  From the charter of the cypherpunk mailing list:

  > Cypherpunks assume privacy is a good thing and wish there were
  > more of it.  Cypherpunks acknowledge that those who want privacy
  > must create it for themselves and not expect governments,
  > corporations, or other large, faceless organizations to grant
  > them privacy out of beneficence.  Cypherpunks know that people
  > have been creating their own privacy for centuries with whispers,
  > envelopes, closed doors, and couriers.  Cypherpunks do not seek
  > to prevent other people from speaking about their experiences or
  > their opinions.

  See information on the cypherpunk mailing list below.

  See also the CryptoAnarchist Manifesto and the Cryptography Glossary
  in soda.berkeley.edu:/pub/cypherpunks.

_____
<5.4> What is `steganography' and anonymous pools?

  Closely associated with encryption is `steganography' or the
  techniques for not only pursuing private (encrypted) communication
  but concealing the very  existence of the communication itself. 
  Many new possibilities in this area are introduced with the
  proliferation of computer technology.  For example, it is possible
  to encode messages in the least-significant bits of images,
  typically the most 'noisy'. In addition, when such an item is
  posted in a public place (such as a newsgroup), virtually
  untraceable  communication can take place between sender and
  receiver.  For  steganographic communications in the electronic
  realm one another possibility is setting up a mailing list where
  individual messages get broadcast to the entire list and individual
  users decode particular messages with their unique key.   An
  anonymous pool has been set up by Miron Cuperman
  (miron@extropia.wimsey.com) for experiments.  Send email to
  <pool0-request@extropia.wimsey.com>  with one of the following
  commands in the subject line:

    subscribe
    unsubscribe
    help

_____
<5.5> What is `security through obscurity'?

  `Security through obscurity' refers to the attempt to gain
  protection from system weaknesses by hiding sensitive information
  or programs relating to them.  For example, a company may not make
  public information on its software's encryption techniques to evade
  `attacks' based on knowledge of it. Another example would be
  concealing data on the existence of security holes or bugs in
  operating systems.  Or, some reliance may be made on the fact that
  some standard or mechanism with potential problems is serious
  because they are ``not widely known'' or ``not widely used.'' This
  argument is occasionally applied to mechanisms for email and Usenet
  posting `forgery'. `Security through obscurity' is regarded as a
  very feeble  technique at best and inappropriate and ineffective at
  worst (also called the ``head-in-the-sand approach''). See the FAQ
  for alt.security.  
  
  Some remarks of John Perry Barlow, cofounder of the Electronic
  Frontier Foundation, directed to NSA agents at the First
  International Symposium on National Security & National
  Competitiveness held in McLean, Virginia  Dec. 1, 1992:

  > Digitized information is very hard to stamp classified or keep
  > contained. ... This stuff is incredibly leaky and volatile.  It's
  > almost a life form in its ability to self-propagate.  If
  > something hits the Net and it's something which people on there
  > find interesting it will spread like a virus of the mind.  I
  > believe you must simply accept the idea that we are moving into
  > an environment where any information which is at all interesting
  > to people is going to get out.  And there will be very little
  > that you can do about it.  This is not a bad thing in my view,
  > but you may differ...

_____
<5.6> What are `identity daemons'?
  
  RFC-931 describes a protocol standard that allows UNIX programs to
  query a remote user's login name after connection to a local
  communication socket (a connection of this type is established
  during FTP and TELNET sessions, for example).  The standard is not
  widely supported, perhaps 10% of internet sites currently implement
  it but the number is increasing.  The mechanism is detrimental to
  anonymity.  Regular users cannot disable it but system
  adminstrators can circumvent it.  This standard may represent a
  trend toward greater authentication mechanisms.

_____
<5.7> What new standards are needed to guard electronic privacy?


  Remailing/Posting
  -----------------
  
  - Stable, secure, protected, officially sanctioned and permitted,
    publicly and privately operated anonymous servers and hubs.
  - Official standards for encryption and anonymity in mail and USENET
    postings.
  - Truly anonymous protocols with source and destination information
    obscured or absent and hidden routing mechanisms (chaining,
    encrypted addresses, etc.)
  - Standards for anonymous email addressing, embedding files, and
    remailer site chaining.
  
  General
  -------
  
  - Recognition of anonymity, cryptography, and related privacy
    shields as legitimate, useful, desirable, and crucial by the
    general public and their governments.
  - Widespread use and implementation of these technologies 
    by systems designers into
    hardware, software, and standards, implemented `securely,'
    `seamlessly,' and `transparently'.
  - General shift of use, dependence, and reliance to means other than
    wiretapping and electronic surveillance by law enforcement
    agencies.
  - Publicity, retraction, and dissolution of laws and government
    agencies opposed to privacy, replaced by structures dedicated to
    strengthening and protecting it.


ISSUES
======

_____
<6.1> What is the Electronic Frontier Foundation (EFF)?

  From ftp.eff.org:/pub/EFF/mission_statement:

  > A new world is arising in the vast web of digital, electronic
  > media which connect us.  Computer-based communication media like
  > electronic mail and computer conferencing are becoming the basis
  > of new forms of community.  These communities without a single,
  > fixed geographical location comprise the first settlements on an
  > electronic frontier.
  > 
  > While well-established legal principles and cultural norms give
  > structure and coherence to uses of conventional media like
  > newspapers, books, and telephones, the new digital media do not
  > so easily fit into existing frameworks.  Conflicts come about as
  > the law struggles to define its application in a context where
  > fundamental notions of speech, property, and place take
  > profoundly new forms. People sense both the promise and the
  > threat inherent in new computer and communications technologies,
  > even as they struggle to master or simply cope with them in the
  > workplace and the home.
  > 
  > The Electronic Frontier Foundation has been established to help
  > civilize the electronic frontier; to make it truly useful and
  > beneficial not just to a technical elite, but to everyone; and to
  > do this in a way which is in keeping with our society's highest
  > traditions of the free and open flow of information and
  > communication.
  
  EFF was started by the multimillionaire Mitchell Kapor, founder of
  Lotus software, and John Barlow, lyricist for the Grateful Dead
  rock band.  A highly publicized endeavor of the organization
  involved the legal defense of  Steve Jackson Games after an FBI
  raid and an accompanying civil suit  (see section on ``Steve
  Jackson Games'').  The foundation publishes EFF News (EFFector
  Online) electronically, send requests to effnews-request@eff.org.
  
  In a letter to Mitchell Kapor from the Chairman of the Subcommittee
  with primary jurisdiction over telecommunications policy dated
  November 5, 1991,  Representative  Edward J. Markey complemented
  Mitchell Kapor on his ``insights on the development of a national
  public information infrastructure'' which ``were appreciated greatly
  by myself and the Members of the Subcommittee'' (complete text in 
  ftp.eff.com:/pub/pub-infra/1991-12):

  > ...we need to pursue policies that encourage the Bell companies to
  > work with other sectors of the communications industry to create
  > a consumer-oriented, public information network. Please let me or
  > my staff know what policies you and others in the computer
  > industry believe would best serve the public interest in creating
  > a reasonably priced, widely available network in which
  > competition is open and innovation rewarded.  I also want to
  > learn what lessons from the computer industry over the past ten
  > to fifteen years should apply to the current debate on
  > structuring the information and communications networks of the
  > future....I ask your help in gaining input from the computer
  > industry so that the Subcommittee can shape policies that will
  > bring this spirit of innovation and entrepreneurship to the
  > information services industry.  

  ftp.eff.org
  ===========
  
  /pub/eff/about-eff
  ---
    A file of basic information about EFF including goals, mission,
    achievements, and current projects. Contains a membership form.

  /pub/eff/mission-statement
  ---
    EFF mission statement.

  /pub/eff/historical/founding-announcement
  ---
    EFF founding press release.

  /pub/eff/historical/eff-history
  ---
    John Perry Barlow's ``Not Terribly Brief History of the EFF'' (July
    10, 1990).  How EFF was conceived and founded, major legal cases,
    and the organizational directions.

  /pub/eff/historical/legal-case-summary
  ---
    EFF legal case summary.


_____
<6.2> Who are Computer Professionals for Social Responsibility (CPSR)?

  The Computer Professionals for Social Responsibility have been
  working to protect and promote electronic civil liberties issues
  since ~1982.  The group has three offices (Palo Alto, Cambridge,
  Washington, DC) and 20 chapters. It is involved in  litigation
  against the FBI, The NSA, NIST, the Secret Service and other other
  U.S. government agencies  to declassify and provide documentation
  on issues such as Operation Sundevil, the FBI wiretap proposal,
  NSA's interference in crypography, the breakup of the 2600 raid in
  Arlington, Va in Nov 1992. Members speak frequently in front on
  Congress, state legislators and public utility commissions to
  testify on privacy, information policy, computer security, and
  caller identification.

  CPSR has created an extensive Internet Privacy library available
  via FTP, Gopher, WAIS, and email at cpsr.org, currently comprising
  the largest collection of privacy documents on the internet.  For
  more information, anonymous FTP  cpsr.org:/cpsr/.


  (Thanks to Dave Banisar <banisar@washofc.cpsr.org> for contributions
  here.)

_____
<6.3> What was `Operation Sundevil' and the Steve Jackson Game case?

  In the early 1990's a fear spread among U.S. law enforcement agencies
  on the illicit activities of `hackers' and `phreakers' involved in
  such activities as credit card fraud and long-distance call thievery.
  
  (see ftp.eff.org:/pub/SJG/General_Information/EFFector1.04):

  > `Operation Sundevil,' the Phoenix-inspired crackdown of May
  > 8,1990, concentrated on telephone code-fraud and credit-card
  > abuse, and followed this seizure plan with some success. 
  > [Bulletin Board Systems] went down all over America, terrifying
  > the underground and swiftly depriving them of at least some of
  > their criminal instruments.  It also saddled analysts with some
  > 24,000 floppy disks, and confronted harried Justice Department
  > prosecutors with the daunting challenge of a gigantic nationwide
  > hacker show-trial involving highly technical issues in dozens of
  > jurisdictions.

  Massive `show-trials' never materialized, although isolated
  instances of prosecution were pursued.  The movement reached a
  crescendo in Texas with the highly publicized case of illegal
  search and seizure involving the Steve Jackson Games company of
  Austin Texas on March 1, 1990.  From the column GURPS' LABOUR LOST
  by Bruce Sterling <bruces@well.sf.ca.us> in Fantasy and Science
  Fiction Magazine:

  > In an early morning raid with an unlawful and unconstitutional
  > warrant, agents of the Secret Service conducted a search of the
  > SJG office.  When they left they took a manuscript being prepared
  > for publication, private electronic mail, and several computers,
  > including the hardware and software of the SJG Computer Bulletin
  > Board System.  Yet Jackson and his business were not only
  > innocent of any crime, but never suspects in the first place. 
  > The raid had been staged on the unfounded suspicion that
  > somewhere in Jackson's office there `might be' a document
  > compromising the security of the 911 telephone system.

  FBI agents involved in the seizure were named in a civil suit filed
  on behalf of Steve Jackson Games by The Electronic Frontier
  Foundation.  See information on EFF below.  From an article by Joe
  Abernathy in the Houston Chronicle ~Feb 1, 1993:
  
  > AUSTIN -- An electronic civil rights case against the Secret
  > Service closed Thursday with a clear statement by federal
  > District Judge Sam Sparks that the Service failed to conduct a
  > proper investigation in a notorious computer crime crackdown,
  > and went too far in retaining  custody of seized equipment. 
  > 
  > Secret Service Special Agent Timothy Foley of Chicago, who was in
  > charge of three Austin computer search-and-seizures on March 1,
  > 1990, that led to the lawsuit, stoically endured Spark's rebuke
  > over the Service's poor investigation and abusive computer
  > seizure policies.  While the Service has seized dozens of
  > computers since the crackdown began in 1990, this is the first
  > case to challenge the practice. 
  > 
  > Sparks grew visibly angry when it was established that the Austin
  > science fiction magazine and game book publisher was never
  > suspected of a crime, and that agents did not do even marginal
  > research to establish a criminal connection between the firm and
  > the suspected illegal activities of an employee, or to determine
  > that the company was a publisher. Indeed, agents testified that
  > they were not even trained in the Privacy Protection Act at the
  > special Secret Service school on computer crime. 
  > 
  > "How long would it have taken you, Mr. Foley, to find out what
  > Steve Jackson Games did, what it was?" asked Sparks. "An hour? 
  > 
  > "Was there any reason why, on March 2, you could not return to
  > Steve Jackson Games a copy, in floppy disk form, of everything
  > taken? 
  > 
  > "Did you read the article in Business Week magazine where it had
  > a picture of Steve Jackson -- a law-abiding, tax-paying citizen
  > -- saying he was a computer crime suspect? 
  > 
  > "Did it ever occur to you, Mr. Foley, that seizing this material
  > could harm Steve Jackson economically?" 
  > 
  > Foley replied, "No, sir," but the judge offered his own answer. 
  > 
  > "You actually did, you just had no idea anybody would actually go
  > out and hire a lawyer and sue you." 
  > 
  > More than $200,000 has been spent by the Electronic Frontier 
  > Foundation in bringing the case to trial. The EFF was founded by 
  > Mitchell Kapor amid a civil liberties movement sparked in large
  > part by the Secret Service computer crime crackdown. 


  ftp.eff.org
  ===========
  
  /pub/cud/papers/sundevil
  ---
    A collection of information on Operation SunDevil by the Epic
    nonprofit publishing project. Everything you wanted to know but
    could never find.

  /pub/cud/papers/sj-resp
  ---
    Steve Jackson's response to the charges against him.

_____
<6.4> What is Integrated Services Digital Network (ISDN)?

  ISDN is a high-speed data communications standard that utilizes
  existing copper telephone lines, and is a possible inexpensive and
  intermediate alternative to laying fiber optic cable for phone
  networks.  The speeds involved may be sufficient for audio and
  video transmission applications.  G. V. der Leun in the file
  ftp.eff.org: /pub/pub-infra/1991-11:

  > Telecommunications in the United States is at a crossroads.  With
  > the Regional Bell Operating Companies now free to provide
  > content, the shape of the information networking is about to be
  > irrevocably altered.  But will that network be the open,
  > accessible, affordable network that the American public needs? 
  > You can help decide this question.
  > 
  > The Electronic Frontier Foundation recently presented a plan to
  > Congress calling for the immediate deployment of a national
  > network based on existing ISDN technology, accessible to anyone
  > with a telephone connection, and priced like local voice service.
  >  We believe deployment of such a platform will spur the
  > development of innovative new information services, and maximize
  > freedom, competitiveness, and civil liberties throughout the
  > nation.
  > 
  > The EFF is testifying before Congress and the FCC; making
  > presentations to public utility commisions from Massachusetts to
  > California; and meeting with representatives from telephone
  > companies, publishers, consumer advocates, and other stakeholders
  > in the telecommunications policy debate.
  > 
  > The EFF believes that participants on the Internet, as pioneers on
  > the electronic frontier, need to have their voices heard at this
  > critical moment.

  To automatically receive a description of the platform and details,
  send mail to archive-server@eff.org, with the following line:

    send documents open-platform-overview

  or send mail to eff@eff.org.  See also the Introduction to the EFF
  Open Platform Proposal in ftp.eff.org:/pub/pub-infra/1991-02.

  
  References
  ==========

  ``Digital Data On Demand.'' MacWorld, 2/82 (page 224).
  ---
    56Kbps vs. ISDN services and products. See comments by J. Powers
    in ftp.eff.org:pub/pub-infra/1992-02.

  ``Telephone Service That Rings of the Future.'' By Joshua Quittner. 
  Newsday, Tue, Jan 7 1992.
  ---
    Implications of ISDN for the masses, written in popular science
    style.   John Perry Barlow (cofounder EFF). Regional telephone
    companies (Ohio Bell).  ISDN as ``Technological Rorschach Test.''
     Anecdotes about McDonald's,  Barbara Bush teleconferencing. See
    complete text in ftp.eff.org:/pub/pub-infra/1992-01.
    
  ftp.eff.org:/pub/pub-infra/
  ---
    Files 1991-11 through 1992-05 containing email from the EFF public
    infrastructure group organized by month.  Opinions and facts on
    the pros and cons of ISDN, Integrated Services Digital Network. 
    Uses of ISDN (phone video, audio, etc.)  Japanese model.
    Alternatives to ISDN (HDSL, ADSL, fiber optics). Technical 
    specifications of ISDN, implementation details, cost issues,
    political obstacles, (RBOC, Regional Bell Operating Companies or
    `Baby Bells', e.g. NET, New England Telephone).  Influencing
    development of future networks (e.g. ISDN and NREN, National
    Research and Education  Network), encouraging competition (cable
    TV systems). Press releases and news articles.  Letter from Rep.
    E. J. Markey to M. Kapor.

_____
<6.5> What is the National Research and Education Network (NREN)?

  The Nation Research and Education Network was introduced in
  legislation cosponsored by Sen. A. Gore to promote high-speed data
  network infrastructure augmenting the internet with up to 50 times
  faster transmission rates.  The bill passed the House on November
  20, 1991, the Senate on November 22, 1991, and was signed by the
  President on December 9, 1991.

  ftp.eff.org
  ===========
  
  /pub/EFF/legislation/nren-bill-text
  ---
    The complete text of the House-Senate compromise version of S.
    272, the High-Performance Computing Act.

  /pub/internet-info/gore.bill
  ---
    102nd congress 1st Session. Text of high performance computing
    bill cosponsored by Sen. A. Gore.


  /pub/EFF/legislation/gore-infrastructure-bill
  ---
    The text of S.2937, the Information Infrastructure and Technology
    Act of 1992 introduced by Senator Gore to expand Federal efforts
    to develop technologies for applications of high-performance
    computing and high-speed networking, and to provide for a
    coordinated Federal program to accelerate development and
    deployment of an advanced information infrastructure.

  U.S. SAID TO PLAY FAVORITES IN PROMOTING NATIONWIDE COMPUTER NETWORK
  By John Markoff, N.Y. Times (~18 Dec 91).
  ---
    President Bush's legislation for natiowide computer data
    `superhighway.'  IBM-MCI venture as monopoly destructive to fair
    competition and  innovation?  National Science Foundation NSFnet.
    complete text in  /pub/pub-infra/1991-12.

  Commentary
  ==========

  /pub/academic/statements/nren.privacy.cpsr
  ---
    ``Proposed Privacy Guidelines for the NREN'' -- Statement of Marc
    Rotenberg, Washington Director Computer Professionals for Social
    Responsibility (CPSR).

  /pub/internet-info/cisler.nren
  ---
    The National Research and Education Network: Two meetings Steve
    Cisler, Senior Scientist Apple Computer Library December 17, 1990
    Summary of meetings exploring educational issues of NREN by
    diverse members of academia and industry.

  /pub/internet-info/privatized.nren
  ---
    Feb. 14 1991 essay by M. Kapor advocating advantages of a private
    National Public  Network, and specific recommendations for open
    NREN policies encouraging  competition.


  /pub/eff/papers/netproposition
  ---
    An FYI about the proposed NREN setup.

_____
<6.6> What is the FBI's proposed Digital Telephony Act?

  ``Providers of electronic communication services and private branch
  exchange operators shall provide within the United States
  capability and capacity for the government to intercept wire and
  electronic communications when authorized by law...''
  
  From `BBS Legislative Watch: FBIs Wiretapping Proposal Thwarted' by
  S. Steele in Boardwatch Magazine, Feb. 1993, p. 19-22:
 
  > In a move that worried privacy experts, software manufacturers and
  > telephone companies, the FBI proposed legislation to amend the
  > Communications Act of 1934 to make it easier for the Bureau to
  > perform electronic wiretapping. The proposed legislation,
  > entitled 'Digital Telephony,' would have required communications
  > service providers and hardware manufacturers to make their
  > systems 'tappable' by providing 'back doors' through which law
  > enforcement officers could intercept communications. Furthermore,
  > this capability would have been provided undetectably, while the
  > communications was in progress, exclusive of any communications
  > between other parties, regardless of the mobility of the target
  > of the FBI's investigation, and without degradation of service.
  >  
  > ...under the proposal, the Department of Justice (DOJ) can keep
  > communications products off the market if it determines that
  > these products do not meet the DOJ's own ... guidelines. This
  > [could] result in increased costs and reduced competitiveness for
  > service providers and equipment manufacturers, since they will be
  > unlikely to add any features that may result in a DOJ rejection
  > of their entire product. ...the FBI proposal suggests that the
  > cost of this wiretapping 'service' to the Bureau would have to be
  > borne by the service provider itself...
  > 
  > The Electronic Frontier Foundation organized a broad coalition of
  > public interest and industry groups, from Computer Professionals
  > for Social Responsibilty (CPSR) and the ACLU to AT&T and Sun
  > Microsystems, to oppose the legislation. A white paper produced
  > by the EFF and ratified by the coalition, entitled, `An Analysis
  > of the FBI Digital Telephony Proposal,' was widely distributed
  > throughout the Congress.  ... The Justice Department lobbied hard
  > in the final days to get Congress to take up the bill before
  > Congress adjourned, but the bill never ... found a Congressional
  > sponsor (and was therefore never officially introduced). The FBI
  > [may] reintroduce "Digital Telephony" when the 103rd Congress
  > convenes in January.

  ftp.eff.org
  ===========
  
  /pub/eff/legislation/fbi-wiretap-bill
  /pub/EFF/legislation/new-fbi-wiretap-bill
  ---
    A bill to ensure the continuing access of law enforcement to the
    content of wire and electronic communications when authorized by
    law and for other purposes. Version 2 of the bill after FBI
    changes in response to public response.

  /pub/cud/law/hr3515
  ---
    House of Rep bill 3515, Telecommunications Law.

  Commentary
  ==========
  
  /pub/eff/papers/eff-fbi-analysis
  ---
    The EFF-sponsored analysis of the FBI's Digital Telephony proposal.

  /pub/eff/papers/ecpa.layman
  ---
    The Electronic Communications Privacy Act of 1986: A Layman's View.

  /pub/eff/papers/nightline-wire
  ---
    Transcript of ABC's Nightline of May 22, 1992, on the FBI,
    Privacy, and Proposed Wire-Tapping Legislation. Featured are Marc
    Rotenberg of the CPSR and William Sessions, Director of the FBI.

  /pub/eff/papers/edwards_letter
  ---
    A letter from the Director of the Secret Service to US Rep. Don
    Edwards, D-California, in response to questions raised by
    Edwards' Subcommittee. This copy came from Computer Professionals
    for Social Responsibility in Washington, D.C.

  /pub/eff/papers/fbi.systems
  ---
    A description of how information is stored on the FBI's computer
    systems.


_____
<6.7> What other U.S. legislation is related to privacy?

  ftp.eff.org
  ===========
  
  /pub/cud/law/<state>  
  ---
    State computer crime laws:
                                  AL, AK, AZ, CA, CO, CT, DE, FL, GA,
                                  HI, IA, ID, IL, IN, MD, MN, NC, NJ,
                                  NM, NY, OR, TX, VT, VA, WA, WI, WV.

  /pub/cud/law/<country>
  ---
    Current computer crime laws for: The United States (federal
    code), Canada, Ghana, and Great Britain.

  /pub/cud/law/bill.s.618
  ---
    Senate bill 618, addressing registration of encryption keys with
    the government.

  /pub/cud/law/improve
  ---
    Improvement of Information Access bill.

  /pub/cud/law/monitoring
  ---
    Senate bill 516; concerning abuses of electronic monitoring in the
    workplace.

  /pub/cud/law/us.e-privacy
  ---
    Title 18, relating to computer crime & email privacy.

  /pub/academic/law/privacy.electronic.bill
  ---
    The text of Simon's electronic privacy bill, S. 516. ``To prevent
    potential abuses of electronic monitoring in the workplace.''

_____
<6.8> What are references on rights in cyberspace?

  ftp.eff.org
  ===========

  /pub/cud/papers/const.in.cyberspace
  ---
    Laurence Tribe's keynote address at the first Conference on
    Computers, Freedom, & Privacy. `The Constitution in Cyberspace'

  /pub/cud/papers/denning
  ---
    Paper presented to 13th Nat'l Comp Security Conf ``Concerning
    Hackers Who Break into Computer Systems'' by Dorothy E Denning.

  /pub/cud/papers/privacy
  ---
    ``Computer Privacy vs First and Fourth Amendment Rights'' by
    Michael S. Borella

  /pub/cud/papers/rights-of-expr
  ---
    Rights of Expression in Cyberspace by R. E. Baird

  /pub/academic/eff.rights
  ---
    Bill of Rights' meaning in the Electronic Frontier.

_____
<6.9> What is the Computers and Academic Freedom (CAF) archive?

  The CAF Archive is an electronic library of information about
  computers and academic freedom. run by the Computers and Academic
  Freedom group on the Electronic Frontier Foundation FTP site.
  
  > If you have gopher, the archive is browsable with the command:
  >   gopher -p academic gopher.eff.org
  > 
  > It is available via anonymous ftp to ftp.eff.org (192.88.144.4) in
  > directory `pub/academic'. It is also available via email. For
  > information on email access send email to archive-server@eff.org.
  > In the body of your note include the lines `help' and `index'.
  > 
  > For more information, to make contributions, or to report typos
  > contact J.S. Greenfield (greeny@eff.org).

  ftp.eff.org
  ===========
  
  /pub/academic/statements/caf-statement
  ---
    Codifies the application of academic freedom to academic
    computers, reflecting seven months of on-line discussion about
    computers and academic freedom.  Covers free expression, due
    process, privacy, and user participation.

  /pub/academic/books
  ---
    Directory of book references related to Computers and Academic
    Freedom or mentioned in the CAF discussion. The file books/README
    is a bibliography.

  /pub/academic/faq/archive
  ---
    List of files available on the Computers and Academic Freedom
    archive.

  /pub/academic/news
  ---
    Directory of all issues of the Computers and Academic Freedom
    News. A full list of abstracts is available in file `abstracts'.
    The special best-of-the-month issues are named with their month,
    for example, `June'.


FOOTNOTES
=========


_____
<7.1> What is the background behind the Internet?
 
  The article ``Internet'' in Fantasy and Science Fiction by Bruce
  Sterling <bruces@well.sf.ca.us> contains general and nontechnical
  introductory notes on origins of the Internet, including the role
  of the RAND corporation, the goal of network resilience in face of
  nuclear attack, MIT, UCLA, ARPANET, TCP/IP, NSF, NREN, etc.:

  > ARPANET itself formally expired in 1989, a happy victim of its 
  > own overwhelming success.  Its users scarcely noticed, for
  > ARPANET's  functions not only continued but steadily improved. 
  > The use of  TCP/IP standards for computer networking is now
  > global.  In 1971, a  mere twenty-one years ago, there were only
  > four nodes in the  ARPANET  network.  Today there are tens of
  > thousands of  nodes in  the Internet,  scattered over forty-two
  > countries, with more coming  on-line every day.   Three million,
  > possibly four million people use  this gigantic
  > mother-of-all-computer-networks.   
  > 
  > The Internet is especially popular among scientists, and is 
  > probably the most important scientific instrument of the late 
  > twentieth century.   The  powerful, sophisticated access that it 
  > provides to specialized data and personal communication  has sped
  > up the pace of scientific research enormously.  
  > 
  > The Internet's pace of growth in the early 1990s is  spectacular, 
  > almost ferocious.  It is spreading faster than cellular phones,
  > faster  than fax machines.  Last year the Internet was growing at
  > a rate of  twenty percent a *month.*  The number of `host'
  > machines with direct  connection to TCP/IP has been doubling
  > every year since  1988.   The Internet is moving out of  its
  > original base in military and  research institutions,  into
  > elementary and high schools, as well as into  public libraries
  > and the commercial sector.

  References
  ==========

  Bowers, K., T. LaQuey, J. Reynolds, K. Roubicek, M. Stahl, and A.
  Yuan, ``Where to Start - A Bibliography of General Internetworking
  Information'' (RFC-1175), CNRI, U Texas, ISI, BBN, SRI, Mitre,
  August 1990.

  The Whole Internet Catalog & User's Guide by Ed Krol.  (1992)
  O'Reilly  and Associates, Inc.
  ---
    A clear, non-jargonized introduction to the  intimidating business
    of network literacy written in humorous style.

  Krol, E., ``The Hitchhikers Guide to the Internet'' (RFC-1118),
  University of Illinois Urbana, September 1989.

  ``The User's Directory to Computer Networks'', by Tracy LaQuey.

  The Matrix: Computer Networks and Conferencing Systems Worldwide. 
  by John Quarterman.  Digital Press: Bedford, MA. (1990)  
  ---
    Massive and highly technical compendium detailing the
    mind-boggling scope and  complexity of global internetworks.

  ``!%@:: A Directory of Electronic Mail Addressing and Networks'' by
  Donnalyn Frey and Rick Adams.
      
  The Internet Companion, by Tracy LaQuey with Jeanne C. Ryer (1992)  
  Addison Wesley. 
  ---
    ``Evangelical'' etiquette guide to the Internet featuring 
    anecdotal tales of life-changing Internet experiences.  Foreword
    by  Senator Al Gore.

  Zen and the Art of the Internet: A Beginner's Guide by Brendan P. 
  Kehoe (1992)  Prentice Hall. 
  ---
    Brief but useful Internet guide with  plenty of good advice on
    useful databases.


  See also ftp.eff.com:/pub/internet-info/.  (Thanks to Bruce Sterling
  <bruces@well.sf.ca.us> for contributions here.)


  General
  =======

  Cunningham, Scott and Alan L. Porter. ``Communication Networks: A
  dozen  ways they'll change our lives.'' The Futurist 26, 1
  (January-February,  1992): 19-22.

  Brian Kahin, ed., BUILDING INFORMATION INFRASTRUCTURE (New York: 
  McGraw-Hill, 1992) ISBN# 0-390-03083-X
  ---
    Essays on information infrastructure.  Policy and design issues,
    research and NREN, future visions, information markets.  See
    table  of contents in ftp.eff.org:/pub/pub-infra/1992-03.

  Shapard, Jeffrey. ``Observations on Cross-Cultural Electronic 
  Networking.'' Whole Earth Review (Winter) 1990: 32-35.

  Varley, Pamela. ``Electronic Democracy.'' Technology Review 
  (November/December, 1991): 43-51.

______
<7.2> How Internet `anarchy' like the English language?

  According to Bruce Sterling <bruces@well.sf.ca.us>:

  > The Internet's `anarchy' may seem strange or even unnatural,  but
  > it makes a certain deep and basic sense.  It's rather like the 
  > `anarchy' of the English language.  Nobody rents English, and
  > nobody  owns English.    As an English-speaking person, it's up
  > to you to learn  how to speak English properly  and make whatever
  > use you please  of it (though the government provides certain
  > subsidies to help you  learn to read and write a bit).  
  > Otherwise, everybody just sort of  pitches in, and somehow the
  > thing evolves on its own, and somehow  turns out workable.  And
  > interesting.   Fascinating, even.   Though a lot  of people earn
  > their living from using and exploiting  and teaching  English,
  > `English' as an institution is public property, a public good.  
  > Much the same goes for the Internet.   Would English  be improved
  > if  the `The English Language, Inc.'  had a board of directors
  > and a chief  executive officer, or a President and a Congress?  
  > There'd probably be  a lot fewer new words in English, and a lot
  > fewer new ideas.  


_____
<7.3> Most Wanted list

  Hopefully you have benefitted from this creation, compilation, and
  condensation of information from various sources regarding privacy,
  identity, and anonymity on the internet.  The author is committed
  to keeping this up-to-date and strengthening it, but this can only
  be effective with your feedback.  In particular, the following
  items are sought:
  
  - Short summaries of RFC documents and other references listed,
    esp. CPSR files.
  - More data on the specific uses and penetration of RFC-931.
  - Internet traffic statistics.  How much is email?  How much
    USENET?  What are the costs involved?
  - Famous or obscure examples of compromised privacy
    on the internet.
        - FTP site for the code (NOT the code) to turn the .plan file into a
                named pipe for sensing/reacting to remote `fingers'.
  - Knowledge on the `promiscuous' mode of receipt or transmission 
    on network  cards.
  - Details on the infamous experiment where a scientist resubmitted 
    previously accepted papers to a prominent journal with new and
    unknown authors that were subsequently rejected.
  - X Windows, EFF, CPSR FAQhood in news.answers.
  
  Commerical use of this document is negotiable and is a way for the
  author to recoup from a significant time investment. Email feedback
  to ld231782@longs.lance.colostate.edu.  Please note where you saw
  this (which newsgroup, etc.).

_____
<7.4> Change history

  3/3/93 v2.1 (current)
    
    CPSR pointer, new UNIX mode examples, digital telephony act,
    Steve Jackson incident, additions/ reorganization to
    anonymity section, part 3.  Note: v2.0 post to sci.crypt,
    alt.privacy, news.answers, alt.answers, sci.answers was cancelled
    by J. Kamens because of incorrect subject line.
    
  2/14/93 v2.0

    Major revisions.  New section for X Windows.  Some email privacy
    items reorganized to network security section.  New sections for
    email liability issues, anonymity history and responsibilities. 
    Split into three files.  Many new sources added, particularly
    from EFF and CAF in new `issues' part. `commentary' from 
    news.admin.policy.  21 day automated posting starts.

  2/3/93 v1.0

    More newsgroups & FAQs added.  More `Most Wanted'.  Posted to
    news.answers.  Future monthly posting to sci.crypt, alt.privacy.

  2/1/93 v0.3
  
    Formatted to 72 columns for quoting etc. `miscellaneous,'
    `resources' sections added with cypherpunk servers and use
    warnings.  More UNIX examples (`ls' and `chmod').  Posted to
    alt.privacy, comp.society.privacy.
  
  1/29/93 v0.2
    
    `Identity' and `Privacy' sections added.  `Anonymity' expanded.
    Remailer addresses removed due to lack of information and
    instability.  Posted to sci.crypt.
  
  1/25/93 v0.1
  
    Originally posted to the cypherpunks mailing list on 1/25/93 as a
    call to organize a list of anonymous servers.
  
  email ld231782@longs.lance.colostate.edu for earlier versions.


* * *

SEE ALSO
========

Part 1 (previous file)
------

<1.1> What is `identity' on the internet?
<1.2> Why is identity (un)important on the internet?
<1.3> How does my email address (not) identify me and my background?
<1.4> How can I find out more about somebody from their email address?
<1.5> Why is identification (un)stable on the internet? 
<1.6> What is the future of identification on the internet?

<2.1> What is `privacy' on the internet?
<2.2> Why is privacy (un)important on the internet?
<2.3> How (in)secure are internet networks?
<2.4> How (in)secure is my account?
<2.5> How (in)secure are my files and directories?
<2.6> How (in)secure is X Windows?
<2.7> How (in)secure is my email?
<2.8> How am I (not) liable for my email and postings?
<2.9> How do I provide more/less information to others on my identity?
<2.10> Who is my sysadmin?  What does s/he know about me?
<2.11> Why is privacy (un)stable on the internet?
<2.12> What is the future of privacy on the internet?

<3.1> What is `anonymity' on the internet?
<3.2> Why is `anonymity' (un)important on the internet?
<3.3> How can anonymity be protected on the internet?
<3.4> What is `anonymous mail'?
<3.5> What is `anonymous posting'?
<3.6> Why is anonymity (un)stable on the internet?
<3.7> What is the future of anonymity on the internet?

Part 3 (next file)
------

<8.1> What are some known anonymous remailing and posting sites?
<8.2> What are the responsibilities associated with anonymity?
<8.3> How do I `kill' anonymous postings?
<8.4> What is the history behind anonymous posting servers?
<8.5> What is the value of anonymity?
<8.6> Should anonymous posting to all groups be allowed?
<8.7> What should system operators do with anonymous postings?
<8.8> What is going on with anon.penet.fi maintained by J. Helsingius?


* * *

This is Part 2 of the Privacy & Anonymity FAQ, obtained via anonymous
  FTP to pit-manager@mit.edu:/pub/usenet/news.answers/net-privacy/ or 
  newsgroups news.answers, sci.answers, alt.answers every 21 days.
Written by L. Detweiler <ld231782@longs.lance.colostate.edu>.
All rights reserved.

Archive-name: net-privacy/part3
Last-modified: 1993/3/3
Version: 2.1


NOTES on ANONYMITY on the INTERNET
==================================

Compiled by L. Detweiler <ld231782@longs.lance.colostate.edu>.


<8.1> What are some known anonymous remailing and posting sites?
<8.2> What are the responsibilities associated with anonymity?
<8.3> How do I `kill' anonymous postings?
<8.4> What is the history behind anonymous posting servers?
<8.5> What is the value of anonymity?
<8.6> Should anonymous posting to all groups be allowed?
<8.7> What should system operators do with anonymous postings?
<8.8> What is going on with anon.penet.fi maintained by J. Helsingius?


* * *

_____
<8.1> What are some known anonymous remailing and posting sites?

  Currently the most stable of anonymous remailing and posting sites
  is anon.penet.fi operated by julf@penet.fi for several months, who
  has system adminstrator privileges and owns the equipment. 
  Including anonymized mail, Usenet posting, and return addresses 
  (no encryption).  Send mail to help@penet.fi for information.
 
  Hal Finney has contributed an instruction manual for the cypherpunk
  remailers on the ftp site soda.berkeley.edu (128.32.149.19):
  pub/cypherpunks/hal's.instructions. See also scripts.tar.Z (UNIX
  scripts to aid remailer use) and anonmail.arj (MSDOS batch files to
  aid remailer use).

  ebrandt@jarthur.claremont.edu
  -----------------------------
    Anonymized mail.  Request information from above address.
    
  elee7h5@rosebud.ee.uh.edu
  -------------------------
    Experimental anonymous remailer run Karl Barrus
    <elee9sf@Menudo.UH.EDU>, with encryption to the server.  Request
    information from that address.
    
  hal@alumni.caltech.edu
  ----------------------
    Experimental remailer with encryption to server and return
    addresses.  Request information from above address.

  hh@soda.berkeley.edu
  hh@cicada.berkeley.edu
  hh@pmantis.berkeley.edu
  ----------------------
    Experimental remailer.  Include header `Request-Remailing-To'.

  nowhere@bsu-cs.bsu.edu 
  ----------------------
    Experimental remailer allowing one level of chaining.  Run by
    Chael Hall.  Request information from above address.

  phantom@mead.u.washington.edu 
  -----------------------------
    Experimental remailer with encryption to server.  `finger' site
    address for information.

  Notes
  =====
  
  - Cypherpunk remailers tend to be unstable because they are often
    running without site administrator knowledge. Liability issues
    are wholly unresolved.
  
  - So far, all encryption is based on public-key cryptography and PGP
    software (see the question on cryptography). 

  - Encryption aspects (message text, destination address, replies)
    vary between sites.

  - Multiple chaining, alias unlinking, and address encryption are
    mostly untested, problematic, or unsupported at this time.

_____
<8.2> What are the responsibilities associated with anonymity?

  
  Users
  -----

  - Use anonymity only if you have to. Frivolous uses weaken the
    seriousness and usefulness of the capability for others.
  - Do not use anonymity to provoke, harass, or threaten others.
  - Do not hide behind anonymity to evade established conventions on
    Usenet,  such as posting binary pictures to regular newsgroups.
  - If posting large files, be attentive to bandwidth considerations.
    Remember, simply sending the posting to the service increases
    network traffic.
  - Avoid posting anonymously to the regular hierarchy of Usenet; this
    is the mostly likely place to alienate readers. The `alt'
    hierarchy is preferred.
  - Give as much information as possible in the posting (i.e.
    references, etc.) Remember that content is the only means for
    readers to judge the truth of the message, and that any
    inaccuracies will tend to discredit the entire message and even
    future ones under the same handle.
  - Be careful not to include information that will reveal your
    identity or enable someone to deduce it.  Test the system by
    sending anonymized mail to yourself.
  - Be aware of the policies of the anonymous site and respect them. 
    Be prepared to forfeit your anonymity if you abuse the privilege.
  - Be considerate and respectful of other's objections to anonymity.
  - ``Hit-and-run'' anonymity should be used with utmost reservation.
    Use services that provide anonymous return addresses instead.
  - Be courteous to the system operator, who may have invested large
    amounts of time, be personally risking his account, or dedicating
    his hardware, all for your convenience.

  Operators
  ---------

  - Document thoroughly acceptable and unacceptable uses in an
    introductory file that is sent to new users.  Have a coherent and
    consistent policy and stick to it. State clearly what logging and
    monitoring is occurring. Describe your background, interest, and
    security measures. Will the general approach be totalitarian or
    lassaiz-faire?
  - Formulate a plan for problematic ethical situations and anticipate
    potentially intense moral quandaries and dilemmas. What if a user
    is blackmailing someone through your service? What if a user
    posts suicidal messages through your service? Remember, your
    users trust you to protect them.
  - In the site introductory note, give clear examples  of situations
    where you will take action and what these actions will be (e.g.
    warn the user, limit anonymity to email or posting only, revoke
    the account, 'out' the user, contact local administrator, etc.)
  - Describe exactly the limitations of the software and hardware.
    Address the bandwidth limitations of your site. Report candidly
    and thoroughly all bugs that have  occurred.  Work closely with
    users to isolate and fix bugs. Address all bugs noted below under
    ``(in)stability of anonymity''.
  - Document the stability of the site---how long has it been running?
    What compromises have occured? Why are you running it? What is
    your commitment to it?
  - Include a disclaimer in outgoing mail and messages.  Include an
    address for complaints, ideally appended to every outgoing item. 
    Consult a lawyer about your liability.
  - Be committed to the long-term stability of the site. Be prepared
    to deal with complaints and `hate mail' addressed to you.  If you
    do not own the hardware the system runs on or are not the system
    adminstrator, consult those who do and are.
  - Be considerate of providing anonymity to various groups.  If
    possible, query group readers.
  - Keep a uniformity and simplicity of style in outgoing message
    format that can be screened effectively by kill files.  Ensure
    the key text `Anon' is  somewhere in every header.
  - Take precautions to ensure the security of the server from
    physical and  network-based attacks and infiltrations.

  Readers
  -------
  
  - Do not complain, attack, or discredit a poster for the sole reason
    that he is posting anonymously, make blanket condemnations that
    equate anonymity with cowardice and criminality, or assail
    anonymous traffic in general for mostly neutral reasons (e.g. its
    volume is heavy or increasing).
  - React to the anonymous information unemotionally.  Abusive posters
    will be encouraged further if they get irrationally irate
    responses.  Sometimes the most effective response is silence.
  - Notify operators if very severe abuses occur, such as piracy,
    harassment, extortion, etc.
  - Do not complain about postings being inappropriate because they
    offend you personally.
  - Use kill files to screen anonymous postings if you object to the
    idea of anonymity itself.
  - Avoid the temptation to proclaim that all anonymous postings
    should be barred from particular groups because no `possible' or
    `conceivable' need exists.

  References
  ----------
  
  See e.g. ftp.eff.org:/pub/academic/anonymity:

  > This article is an excerpt from an issue of FIDONEWS on individual
  > privacy and the use of handles.  It accepts the need of a system
  > operator to know the name of a user; but suggests that the use of
  > a handle is analogous to a request to withhold the name in a
  > letter to the editor. The article concludes with a set of
  > guidelines for preserving the right to be anonymous.

_____
<8.3> How do I `kill' anonymous postings?

  James Thomas Green <jgreen@zeus.calpoly.edu>:

  > Try putting this in your kill file:
  >   
  >   /Anon/h:j
  >   /Anonymous/h:j
  > 
  > This will search the headers of the messages and kill any that
  > contain `Anon' or `Anonymous' in them.  Not perfect and won't
  > kill followups. 
  
  Note that anonymous server operators have the capability to mask
  anonymous postings under which the above method will not work; so
  far this practice is not widespread, but it may become more common
  as a countermeasure to widespread anonymous filtering.
  
_____
<8.4> What is the history behind anonymous posting servers?

  Originally anonymous posting services were introduced for
  individual, particularly volatile newsgroups, where anonymity is
  almost the preferred method of communication, such as talk.abortion
  and alt.sex.bondage.  One of the first was one by Dave Mack
  started in ~1988 for alt.sex.bondage. Another early one was
  wizvax.methuen.ma.us run by Stephanie Gilgut (Gilgut Enterprises)
  but was disbanded due to  lack of funds.  The system provided
  anonymous return addresses. n7kbt.rain.com (John Opalko) took up
  the functions of this server, including reinstating the anonymous
  alias file. The group ``alt.personals has been chewing through
  servers like there's no tomorrow.''
  
  Spurred by the disappearance of `wizvax' and interested in
  researching the idea, Karl Kleinpaste
  <Karl_Kleinpaste@godiva.nectar.cs.cmu.edu> developed his own system
  from scratch in six hours. By this time the idea of extending the
  server to new, more `mainstream'  groups was starting to emerge,
  and he explored the possibility partly at the specific request  by
  multiple users for anonymity in other groups. ``The intended
  advantage of my system was specifically to allow multiple group
  support, with a single anon identifier across all.  This was
  arguably the single biggest deficiency of previous anon systems.'' 
  K. Kleinpaste posted a message on rec.nude asking users whether an
  anonymous service would be welcome there, and judged a consensus
  against it. 

  K. Kleinpaste introduced what he calls a ``fire extinguisher'' to
  `squelch' or `plonk' abusive users in response to complaints, and
  used this in three cases. Nevertheless, after a few months of
  intense traffic he was eventually overwhelmed by the abuses of his
  server. ``Even as restricted as it was, my system was subjected to
  abuses to the point where it was ordered dismantled by the
  facilities staff here. Such abuses started right after it was
  created.''

  In ~Nov 1992, Johan Helsingius (julf@penet.FI) set up the most
  controversial anonymous site to date. anon.penet.fi is based on
  scripts and C code written by K. Kleinpaste and supports anonymized
  mail, posting, and return addresses. He initially wanted to confine
  the service to Scandinavian users but expanded it to worldwide
  accessability in response to 'lots' of international requests.
  
  J. Helsingius policy of allowing anonymous posting to every Usenet
  newsgroup has been met with strong and serious ideological
  opposition (e.g. by news adminstrators in news.admin.policy).
  Because of the relative newness and recent emergence of the medium,
  abuses by anonymous posters  tend to have higher visibility than
  ``routine'' abuses. His total commitment to preservation of
  anonymity is also controversial.

  For example, in a highly controversial and publicized case in ~Feb
  1993,  an anonymous user posted a supposed transcript of desperate
  crew dialogue during the Challenger shuttle disaster via
  anon.penet.fi to sci.astro. Despite that the transcript had been
  posted in the same place up to a year earlier (then
  non-anonymously) and actually originated not with the poster but a
  New York news tabloid, subsequent responses consisted largely of
  vociferous outrage at the poster's use of anonymity, reverberating
  through many newsgroups. 
  
  The original poster, using the same anonymous handle, later conceded
  that the story ``seemed likely to have been fabricated,''
  suggesting the plausible possibility that the original intent was
  not to provoke outrage but gauge reactions on the authenticity of
  the story (albeit crudely), free of personal risk from perceived
  association with the item.  The ensuing commotion generated queries
  for the original article by late-entering readers. The anonymous
  user later posted deliberately offensive comments at his
  detractors.

  Despite piercingly irate and outraged complaints, and even the vocal
  opposition and verbal abuse of K. Kleinpaste and eminent news
  operators, J. Helsingius has largely avoided use of the ``fire
  extingisher'' and the ``group bouncer'' mechanisms that limit the
  scope of the service. As of ~March 1993 the anon.penet.fi site is
  best described as `inundated': it has registered over 13,000 users
  in its initial three months of operation, forwards ~3000 messages a
  day, and approximately 5% of all Usenet postings are anonymized
  through the site. The immense popularity is probably largely due
  to the capability for `global' anonymity which has allowed users to
  find creative uses in diverse areas not previously envisioned.

  Johan Helsingius has been subject to extraordinary pressure to
  dismantle his server in ~Feb 1993. At one point K. Kleinpaste
  threatened publicly to organize a sort of vigilante group of irate
  news operators to  send out revocation commands on all messages
  originating from the site.  J. Helsingius has also alluded to
  threats of flooding the  server.  The server has crashed several
  times, at least once due to a saturation `mailbombing' through it
  by an anonymous user.  Mr. Helsingius reports spending up to 5
  hours per day  answering email requests alone associated with the
  service's administration. In response to the serious threats he
  disabled global group access temporarily for one week and
  encouraged his users to defend the service publicly.
  
  Based on fast-moving dialogue and creative suggestions by
  ``cypherpunks,'' J. Helsingius has identified many security
  weaknesses and valuable new features for the service, and is
  currently in the process of code development and testing. He is
  planning on upgrading the IBM compatible 386 machine to a 486 soon
  to handle the voluminous load and is  considering integrating a new
  system with very sophisticated functionality, including multiple
  email aliases, alias allocation control, public-key encryption,
  etc.

  A very sophisticated anonymous posting system was set up in Dec.
  1992 by D. Clunie <dclunie@pax.tpa.com.au> that used cryptography
  in both directions (to/from) the server for the highest degree of
  confidentiality seen so far.  However, it was running on a public
  access account, and he had to shut it down after only several
  weeks, upon receiving requests and conditions apparently ultimately
  originating from NSF representatives. D. Clunie has released the
  software to the public domain.

  Recently the idea of a newsgroup devoted to `whistleblowing' on
  government abuses has received wide and focused attention, and
  group formation is currently underway.  In the basic scenario the
  group would allow people to post pseudonymously using remailers,
  and even establish reputations based on their authentifiable
  digital signatures. The traffic may eventually reach reporters in
  the mainstream news media.  deltorto@aol.com has volunteered to
  attack multiple aspects of this project, including distributing
  easy-to-read documentation on posting, anonymization, and
  encryption.

  See also sections on ``views on anonymous posting'' below and ``what
  is going on with anon.penet.fi?'' in this document.
  
  (Thanks to Carl Kleinpaste
  <Karl_Kleinpaste@godiva.nectar.cs.cmu.edu>, David Clunie
  <dclunie@pax.tpa.com.au> and Johan Helsingius <julf@penet.fi> for
  contributions here.)


_____
<8.5> What is the value of anonymity?

  KONDARED@PURCCVM.BITNET:
    
  > I think anonymous posts do help in focusing our attention on the
  > content of one's message. Sure lot of anonymous posts are abusive
  > or frivolous but in most cases these are by users who find the
  > anon facility novel. Once the novelty wears off they are stopping
  > their pranks...

  morgan@engr.uky.edu (Wes Morgan):

  > I don't mind seeing the miscellaneous hatred/prejudice/racism;
  > those things are part of our nature.  However,  the notion of
  > providing anonymity's shield for these ideas repulses me.  If
  > they have such strong feelings, why can't they put their name(s)
  > on  their postings? ... Quite frankly, I loathe communication
  > with people who refuse to use their names.

  dclunie@pax.tpa.com.au (David Clunie)
   
  > Many seem to question the value of anonymity. But who are they to
  > say what risks another individual should take ? There is no
  > question that in this rather conservative society that we live
  > in, holding certain views, making certain statements, adopting a
  > certain lifestyle, are likely to result in public censure,
  > ridicule, loss of status, employment, or even legal action. Given
  > the heterogeneity of the legal jurisdictions from where the many
  > contributors to usenet post, who knows what is legal and what is
  > not ! Some say that anonymous posters are "cowards" and should
  > stand up and be counted. Perhaps that is one point of view but
  > what right do these detractors have to exercise such censorship ?

  From: doug@cc.ysu.edu (Doug Sewell)
  
  > Why is it censorship to not expect someone to speak for
  > themselves, without the cloak of anonymity. This is at best a
  > lame argument. 
  > 
  > You tell me why what you have to say requires anonymity.  And you
  > tell me why the wishes of a majority of non-anonymous users of a
  > newsgroup should be disregarded when they don't want anonymous
  > posts.
  > 
  > Anonymous users have LESS rights than any others. They are not
  > legitimate usenet participants. I would not honor RFDs, CFVs,
  > control messages, or votes from one.

  brad@clarinet.com (Brad Templeton):
  
  > I can think of no disadvantage caused by anon posting sites that
  > doesn't already exist, other than the fact that they do make more
  > naive net users who don't know how to post anonymously the old
  > way more prone to do it.

  From: mandel@netcom.com (Tom Mandel)
  
  > I cannot speak for others but I regard anonymous postings in a
  > serious discussion as pretty much worthless. ... views that hide 
  > behind the veil of anon are hardly worth the trouble of reading.
  
  n8729@anon.penet.fi (Hank Pankey)
  
  > Since I began posting anonymously (to show support for general
  > principles of personal privacy) I have been subject to far more
  > abuse and attack than I ever received before. People seem to
  > find it easier to flame and insult someone whose name they don't
  > know. Perhaps it's easier to pretend that there is no person
  > behind the email address who feels the sting of abusive comments.
  > 
  > Anonymity does hinder some methods of controlling other posters'
  > actions.  People who seek such control will naturally oppose it.

  From: 00acearl@leo.bsuvc.bsu.edu
  
  > Instead of making this a "free-er medium" by allowing posters to
  > "protect themselves" with anonymity, simply require that all
  > posters be prepared to discuss their sources of information and
  > take the heat for unsubstantiated dribble.  This seems to be the
  > way things are currently done; 

  xtkmg@trentu.ca (Kate Gregory):
  
  > In misc.kids there are three threads going on started by anonymous
  > posters. One was about changing jobs so as to work less hours,
  > job sharing and so on, from a woman who didn't want anyone at her
  > current place of work to know she was thinking of looking for
  > work elsewhere. The next was from a woman who is thinking of
  > having a baby sometime soon and doesn't want coworkers, friends,
  > family etc etc to know all about it, but who wants advice. The
  > third is about sex after parenthood -- actually this was started
  > by people posting in the usual way but then it was pointed out
  > that the anonymous posting service might let more people
  > participate.
  > 
  > Misc.kids doesn't seem to be suffering any harm from the presence
  > of anonymous posters; in fact it seems to have been helped by it.

  hoey@zogwarg.etl.army.mil (Dan Hoey):
  
  > While there has never been any real security against anonymous or
  > forged postings on Usenet, the process has until now been
  > sufficiently inconvenient, error-prone, and undocumented to limit
  > its use by persons who have not learned the culture of the net.
  >
  > On the other hand, a recent use of the anonymous posting service
  > on sci.math seemed seemed to be a student asking help on a
  > homework problem. It has now been attributed to a teacher,
  > asking for an explanation of a dubious answer in his teaching
  > guide.  He says his news posting is broken, so he is using the
  > anonymous service as a mail-to-news gateway.

  Karl Barrus <elee9sf@Menudo.UH.EDU>
   
  > Some argue that the opinions of the people who hide behind a veil
  > of anonymity are worthless, and that people should own up to
  > their thoughts.  I agree with the latter point - in an ideal
  > world we would all be sitting around engaging in Socratic
  > dialogues, freely exchanging our opinions in an effort to
  > learn.  But in an ideal world nobody will threaten you for your
  > thoughts, or ridicule you.
  > 
  > But we live in a world where the people who don't agree with you
  > may try to harm you.  Let's face it, some people aren't going to
  > agree with your opinion no matter how logically you try to
  > present it, or how reasoned out it may be.  This is sad since it
  > does restrict people from voicing their opinions.

  red@redpoll.neoucom.edu (Richard E. Depew):

  > The consensus seems to be that a general anonymous posting service
  > such as that at anon.penet.fi seems sufficiently corrosive of the
  > trust and civility of the net that this particular experiment
  > should be ended.  Perhaps the next time the question comes up we
  > can say: "We tried it - we learned it does more harm than good -
  > and we stopped it." 

  From: C96@vm.urz.uni-heidelberg.de (Alexander EICHENER)

  > anonymous posting has not created major problems aside from
  > angering irate people (like you?) who would rather ban
  > anonymous/pseudonymous posting altogether because "real men can
  > stand up for what they said" or comparable puerile arguments as
  > others have brought up.

  dave@elxr.jpl.nasa.gov (Dave Hayes):

  > What a primal example of human nature. I have three questions for
  > you folks. 
  > 
  > Do people really say different things to each other based upon
  > whether their identity is or isn't known?
  > 
  > Are people really so affected by what other people say that the
  > verbage is labeled "abuse"?
  > 
  > Most importantly, on a forum that prizes itself on the freedom of
  > communication that it enjoys, is there really such a thing as
  > freedom of communication?
  
  From: terry@geovision.gvc.com (Terry McGonigal)
  
  > <sigh>...  Just how many anon services are needed?  Will
  > *everybody* start running one soon?  What's the purpose?  Who
  > stands to benefit when there are N anon services, then 2*N, then
  > N^2, out there.  Where *has* this sudden fasination with anon
  > services come from?
  > 
  > For better or (IMHO) worse, it looks like we'er gonna get stuck
  > with these things, and as much as I don't like the idea (of
  > services like this becoming the norm) I don't really think
  > there's much to be done since it's obvious that anyone who wants
  > to can set one up with a bit of work.

  Karl_Kleinpaste@cs.cmu.edu (Karl Kleinpaste):

  > Weak reasoning.
  > With freedom comes responsibility.

  dave@elxr.jpl.nasa.gov (Dave Hayes):
  
  > Responsibility isn't real if it is enforced. True responsibilty
  > comes with no coercion. 

_____
<8.6> Should anonymous posting to all groups be allowed?

  morgan@engr.uky.edu (Wes Morgan):
  
  > I will be the first to admit that I hold some controversial
  > opinions; indeed, I'm sure that none of us are completely
  > orthodox in our opinions. However,  I've received *hundreds* of
  > anonymous email messages over the last few years; fewer than 20
  > of them were "reasonable posts made with good motives." It's 
  > getting more and more difficult to remember why we need anonymity
  > at all; the abusers are (once again) lousing things up for those
  > who truly need the service  (or those who would put it to good
  > use).
  > 
  > I'm not suggesting that we should ban anonymous servers; as I've
  > said, there are several situations in which anonymity is a Good
  > Thing (tm). 
  > 
  > However, the notion that anonymity's shield should be
  > automatically extended to every Usenet discussion is ridiculous;
  > it opens the door to further abuse. 

  twpierce@unix.amherst.edu (Tim Pierce):
  
  > Of course, how does one determine whether a "group" requests the
  > service?  A flat majority of posters voting in favor? A positive
  > margin of 100 votes?  Or what?  No one speaks for a newsgroup.
  > 
  > I'm not convinced by the arguments that an anonymous posting
  > service for all newsgroups is inherently a bad idea, simply
  > because it's a diversion from the status quo. Since the status
  > quo previously permitted anonymous posting to *no* newsgroups,
  > any anonymous posting service would reject the status quo.
  
  hartman@ulogic.UUCP (Richard M. Hartman) writes:
  
  > It is facist to suggest that a newsgroup is best able to decide
  > whether it wants to allow anonymous postings instead of having
  > them forced upon them by an service administrator?

  ogil@quads.uchicago.edu (Brian W. Ogilvie):

  > The service provides a mechanism for forwarding mail to the
  > original poster. Since most Usenet readers don't know John Smith
  > from Jane Doe except by their opinions and their address, the
  > effect of having an anonymous posting to which mail replies can
  > be directed is minimal, except for those who personally know the
  > poster--and ... the lack of anonymity could be serious. Any
  > mechanism like this is liable to abuse, but the benefits as well
  > as the costs must be weighed. Limiting the service to alt groups,
  > or specific groups, would not help those who want advice on
  > sensitive issues in more 'professional' newsgroups.

  From: tarl@sw.stratus.com (Tarl Neustaedter)
  
  > An additional point is that some of us find anonimity in technical
  > matters to be profoundly offensive; anonimity in different forums
  > has different meanings. If I get a phone call from someone who
  > won't identify himself, I hang up. If I get U.S. mail with no
  > return address, it goes into the garbage unopened. If someone
  > accosts me in the street while wearing a mask, I back away -
  > carefully, and expecting violence. In a technical discussion,
  > anonimity means that the individual isn't willing to associate
  > himself with the matter being discussed, which discredits his
  > utterances and makes listening to them a waste of time.
  >   
  > Anonimity leads to fun psych experiments; the literature is filled
  > with all the various things that people will do anonymously that
  > they won't otherwise. Including one notorious study involving
  > torture that would not have passed today's ethical standards. Fun
  > stuff, in any case.
  > 
  > FINE. LEAVE US OUT OF IT.

  From: jbuck@forney.berkeley.edu (Joe Buck)

  > You obviously have never submitted an article to a refereed
  > journal, where you will receive anonymous reviews through a server
  > (the editor) that behaves much like the one in Finland (e.g. you 
  > may reply and the editor will maintain the anonymity).  ...  Your
  > comparison of someone who wants to express him/herself on a 
  > technical issue anonymously with a person who approaches you on a 
  > dark street with a ski mask is just emotionally overwrought 
  > nonsense; such posters pose no physical threat to you.
 
  jik@mit.edu (J. Kamens):
  
  > It seems obvious to me that the default should be *not* to allow
  > anonymous postings in a newsgroup.  The Usenet has always
  > operated on the principle that the status quo should be kept
  > unless there's a large number of people who want to change it.
  > 
  > If someone REALLY needs to post a message anonymous in a newsgroup
  > in which this usually isn't done, they can usually find someone
  > on the net to do this for them. They don't need an automated
  > service to do it, and the automated service is by its nature
  > incapable of making the judgment call necessary to decide whether
  > a particular posting really needs to be anonymous.

  From: twpierce@unix.amherst.edu (Tim Pierce)
  
  > For any newsgroup you name, I bet I can envision a scenario
  > involving a need for secrecy. If an accurate content-based
  > filter of each anonymous posting could be devised to screen out
  > those that don't require secrecy, wonderful.  But it can't be
  > done.

  From: lhp@daimi.aau.dk (Lasse Hiller|e Petersen)
  
  > If a newsgroup wants to be noise- and nuisance-free, then it
  > should call for moderation. This should happen on a per-newsgroup
  > basis, and not as a general USENET ban on anonymous postings. Of
  > course one principle of moderation might be to keep out all
  > anonymous postings, and could be achieved automatically. It would
  > still be _moderation_. Personally I would prefer moderation
  > criteria being based on actual content.

  David A. Clunie (dclunie@pax.tpa.com.au)
  
  > If a "group" doesn't want to receive certain posts it should
  > become moderated - there are clearly defined mechanisms on
  > non-alt groups for this to take place. An automated moderator
  > excluding posts from certain (eg. anonymous) sites or individuals
  > could easily be established. If anyone wants to take such a
  > draconian approach then they are welcome to do so and good luck
  > to them. I doubt if I will be reading their group !

  From: dave@frackit.UUCP (Dave Ratcliffe)
  
  > What possible need would someone have for posting anonymously to a
  > sci.* group? 
  > 
  > Sure most adults are willing to post under their own names. Why
  > would they want to hide behind an anonymous posting service?
  > Ashamed of what they have to say or just trying to rile people
  > without fear of being identified? 
  > 
  > Anonymous posting have their place in CERTAIN groups. If I or
  > anyone else needs to tell you what those groups are then you've
  > been on another planet breathing exotic gases for too long.

  From: Karl_Kleinpaste@cs.cmu.edu
  
  > It's bloody fascinating that (all?) the proponents of unimpeded
  > universal anon posting access can't seem to find any middle
  > ground at all.  Why is there such a perception of
  > absolutism? Where does this instant gratification syndrome come
  > from, "I want anon access and I want it NOW"?  Who are the
  > control freaks here?
  
  From: 00acearl@leo.bsuvc.bsu.edu

  > Remember, this is a newsgroup for posters writing about SCIENTIFIC
  > issues. Anonymous discussion of scientific issues leads to bad
  > science.

  From: noring@netcom.com (Jon Noring)
  
  > Though many have personal philosophical arguments against
  > anonymous posters, their arguments have not been compelling
  > enough to convince me that omni-newsgroup anonymous posting
  > should be banned or severely restricted.  Though I cannot prove
  > it, it seems to me that those who do not like anonymous posting
  > (in principle) do so for reasons that are personal (read,
  > psychological discomfort) rather than for reasons related to
  > maintaining the "integrity" of Usenet.
  > 
  > Remember, it is impossible to be able to ascertain all the
  > conceivable and legitimate motives for anonymous posting to
  > newsgroups one normally would not deem to be "sensitive". ... in
  > general, I fear even letting newsgroup readers vote on either
  > allowing or not allowing anonymous posting, since a priori they
  > *cannot* know all the motives of *legitimate* posters, and I do
  > not believe that any system should ever be instituted that would
  > inhibit the posting of legitimate and informative posts. 

  lestat@wixer.cactus.org (Lyle J. Mackey) writes:

  > I personally don't believe that pseudonymous postings are
  > appropriate in a serious discussion area.  If there is a
  > LEGITIMATE reason for concealing the posters' identity, perhaps,
  > but simply because they're not so sure if they want their name
  > attached doesn't qualify as LEGITIMATE in my book.  (Oh, and if
  > you can come up with a legitimate purpose for anonymous postings,
  > please, enlighten me.)

  sderby@crick.ssctr.bcm.tmc.edu (Stuart P. Derby)
  
  > Three of our (the U.S.'s) founding fathers, Madison, Hamilton, and
  > Jay, seemed to think "anonymous posting" was OK. The Federalist
  > papers were originally printed in New York newspapers with
  > authorship attributed to "Publius". I wonder if you would find
  > their purpose "LEGITIMATE"?


_____
<8.7> What should system operators do with anonymous postings?

  From: emcguire@intellection.com (Ed McGuire)
  
  > I would like to know how to junk all articles posted by the
  > anonymous service currently being discussed.  Ideally I would
  > actually tell my feed site not to feed me articles posted by the
  > anonymous service. Assuming the C News Performance Release, what
  > is a simple way to accomplish this? Or where should I look to
  > learn how to do it myself?
  
  From: dclunie@pax.tpa.com.au (David Clunie)
  
  > That's a bit draconian isn't it ? Have your users unanimously
  > decided that they would like you to do this or have you decided
  > for them ?
  
  From: emcguire@intellection.com (Ed McGuire)
  
  > Good question.  Nobody has decided. I have no definite plan to do
  > this, just wanted the technical data.

  Carl Kleinpaste (Karl_Kleinpaste@godiva.nectar.cs.cmu.edu):
  
  > ...were I to be in the position of offering such a service again,
  > my promises of protection of anonymity would be limited.  Not on
  > the basis of personal opinion of what gets posted, but on the
  > basis of postings which disrupt the smooth operation of the
  > Usenet. The most obvious and direct recourse would be to `out'
  > the abusive individual. Less drastic possibilities exist -- the
  > software supports a "fire extinguisher" by which individuals can
  > be prevented from posting.

  john@iastate.edu (John Hascall):
  
  > Since when is Usenet a democracy? If someone wants to run an
  > anonymous service, that's their business. If you want to put
  > that host in your killfile, that's your business. If a newsadmin
  > wants to blanket-drop all postings from that site, that's between
  > them and the other people at that site. If everyone ignores a
  > service, the service effectively doesn't exist.

  From: jik@athena.mit.edu (Jonathan I. Kamens)
  
  > NNTP servers that allow posting from anyone are NOT "a service to
  > the net."  They do the net a disservice.
  > 
  > Terminal servers have the same problems as open NNTP servers --
  > they allow people who want to do illegal/immoral/unethical things
  > on the Internet to do so without accountability.
  > 
  > There are, by now, public access sites all over this country, if
  > not all over the world, that allow very inexpensive access to the
  > Usenet and the Internet.  There is no reason for NNTP servers to
  > allow anyone to post messages through them, and there is no
  > reason for terminal servers to allow anyone to connect to them
  > and then make outbound connections through them.  Perhaps when it
  > was harder to get to the Internet or the Usenet, open servers
  > could be justified, but not now.

  jbotz@mtholyoke.edu (Jurgen Botz): 
  
  > I think that what ... these points show clearly is that an
  > anonymous posting service has a great deal of responsibility,
  > both towards its clients and towards the Net as a whole.  Such a
  > service should (IMHO) have a set of well-defined rules and a
  > contract that its clients should sign, under the terms of which
  > they are assured anonymity.

  From: an8785@anon.penet.fi
  
  > Is the problem that some are used to "punishing" posters who are
  > upsetting in some vague way by complaining to the (usually
  > acquiescent) sysadmin or organizations that the poster belongs
  > to? That surely is the most gutless approach to solving
  > problems, but my experience on the net shows that the same users
  > who vilify anonymous postings are the first to write obsessively
  > detailed grievances to the poster's supervisor when his or her
  > tranquility is disturbed by some "intrusive" or subversive post
  > or another.
  > 
  > Anonymous postings prevent just this kind of intimidation.

  From: gandalf@cyberspace.org (Eric Schilling)
  
  > The main point I would like to make here is that while we can go
  > through and revise the news sw to "reject anon posts to technical
  > newsgroups" or some such thing, I think the attempt will prove
  > futile. Each attempt to modify news can result in a changed
  > approach by anon service providers to thwart the change.  I think
  > this would be pointless.

  From: julf@penet.fi (Johan Helsingius)

  > I have tried to stay out of this discussion, and see where the
  > discussion leads. But now I rally feel like I have to speak up.
  > ... I have repeatedly made clear ... that I *do* block users if
  > they continue their abuse after having been warned. In many cases
  > the users have taken heed of the warning and stopped, and in some
  > cases even apologized in public. And when the warning has not had
  > the desired effect, I have blocked a number of users. I have also
  > blocked access to groups where the readership has taken a vote to
  > ban anonymous postings, although I feel changing the newsgroup
  > status to moderated is the only permanent solution for newsgroups
  > that want to "formalize" discussion.
 
  red@redpoll.neoucom.edu (Richard E. Depew)

  > Does this ... mean that you are volunteering to issue a Request 
  > For Discussion to ban anonymous postings or to moderate each of 
  > the 4000+ newsgroups that your server can reach?  I don't think 
  > so, but this illustrates the trouble that your server is causing!
  >
  > please listen to the consensus of the news administrators in this 
  > group:  any newsgroup should be consulted *before* letting your 
  > server post messages to that group.
 
  From: C96@vm.urz.uni-heidelberg.de (Alexander EICHENER)
  
  > There is no pompous "consensus of *the* news administrators" 
  > here - maybe you would like to invent one. There is a sizeable 
  > number of people who are concerned about the possible (and, to a 
  > minor extent, about the actual abuse of the server as it is 
  > configured now). These concerns are respectable; Johan is dealing
  > with them. ... There are some (few) who rage with foam before 
  > their mouth and condemn the service altogether. And a number who
  > defend it, pointing out, like Kate Gregory, that even a group 
  > like misc.kids. can benefit from pseudonymous postings.

  From: julf@penet.fi (Johan Helsingius)

  > I have answered a lot of personal mail related to server abuse,
  > and as a result of that, blocked a number of abusive users. I
  > have also withdrawn the service from several newsgroups where the
  > users have taken a vote on the issue. I have not made any
  > comments on news.admin.policy, partly because the
  > newly-implemented password feature (as a emergency measure
  > against a security hole) has kept me really busy answering user
  > queries the last two weeks, and partly because I feel it is not
  > for me to justify the service, but for the users. The problem
  > with news.admin.policy is that the readership is rather elective,
  > representing people whith a strong interest in centralised
  > control.

  From: hartman@ulogic.UUCP (Richard M. Hartman)
  
  > This seems to be a rather bigoted attitude.  I would consider that
  > this group is for anyone who wishes to discuss how the net should
  > be controlled.  Saying that we only have an interest in
  > "centralized control" is a clear indication of bias.  You are
  > perfectly welcome to join in the discussions here to promote your
  > views on control.

  jbuck@ohm.berkeley.edu
  
  > This whole debate is a lot of "sound and fury signifying nothing"
  > because, even if you all decide to ban anonymous posting servers,
  > it is not enforceable.  The only people who conceivably could
  > enforce retrictions are those that control the international
  > links.
  > 
  > Policy changes should be made by cooperation, not by attempting
  > to dictate. ...you need to persuade those who run the services
  > to act like this through friendly persuasion, not by trying to
  > beat them over the head with a stick (especially a stick you
  > don't even have).

  spp@zabriskie.berkeley.edu (Steve Pope)
  
  > I am finding this bias against pseudonymity boring.  Our friend
  > posting through penet has a point.  The old guard would like to
  > keep their network the way it always has been... and this new
  > thing, these pseudonymous servers, cuts into their turf.  So they
  > whine and bitch about it, and every time there's the slightest
  > abuse (such as somebody's .sig being too long),  they try to
  > parlay that into an argument against pseudonymity.
  > 
  > I'll go on record as saying: three cheers for the admins at anon
  > servers like penet, pax, and n7kbt... and for all the  access
  > service providers who are willing to preserve their clients
  > privacy.
  > 
  > And a pox on those who try to defeat and restrict pseudonymity.
  
  mimir@stein.u.washington.edu (Al Billings)
  
  > I wouldn't help people get rid of anon postings as a group. If you
  > don't like what someone says, then you put THAT anon address in
  > your kill file, not all of them. Of course, if and when I get an
  > anon site going, I'm just going to assign fake names like
  > "jsmith" instead of "anon5564" to avoid most of the hassles.
  > You'll never know it is anonymous will you?

  From: anne@alcor.concordia.ca (Anne Bennett)
  
  > I must admit to some astonishment at this argument.  I see the
  > value of anonymous postings under some circumstances, yet believe
  > strongly that these should be identified as such, so that people
  > who do not wish to read material from people who won't identify
  > themselves, don't have to.
  > 
  > I fail to see what good you would be accomplishing, and indeed
  > surmise that you will cause many people inconvenience and
  > annoyance, by hiding the anonymity of postings from your
  > anonymous site.  Would you care to justify where the hell you get
  > the gall to try to prevent people from effectively filtering
  > their news as they see fit?
  
  From: dclunie@pax.tpa.com.au (David Clunie)
  
  > I thought I was out of reach here in Australia too. Unfortunately
  > one of the US sites involved in the US/Aus feed complained to the
  > Australian Academic Reasearch Network through whom my site is
  > connected, not about anything in particular, just the concept of
  > anonymous mail having no redeeming features and consuming a
  > narrow bandwidth link (with which I can't argue) and that was
  > that ... stop the service or face disconnection.
  >
  > I consider the demise of [my] service to have been rather
  > unfortunate, and I wish the Finnish remailer luck ! It is a pity
  > that there are very few if any similar services provided with in
  > the US. I guess that's the benefit of having a constitution that
  > guarantees one freedom of speech and a legal and political system
  > that conspires to subvert it in the name of the public good.


_____
<8.8> What is going on with anon.penet.fi run by J. Helsingius?


  From: Karl_Kleinpaste@cs.cmu.edu
  
  > Funny, how beating the rest of the Usenet over the head with a
  > stick is OK if it's anon.penet.fi and universal anon access.  But
  > somehow people on the other side of the same equation (not even
  > arguing to shut it off entirely, but rather just to have some
  > control applied to the abuses that manifest themselves) aren't
  > allowed to do that.
  > 
  > I have written to Johan several times in the last couple of
  > weeks.  He used to reply to me quite readily. After all, I was
  > the source of the software as originally delivered to him -- he
  > used to be downright _prompt_ about replying to me. Funny, now
  > he's being an impolite bastard who doesn't answer mail _at_all_,
  > even when it consists of really very civil queries.
  
  From: julf@penet.fi (Johan Helsingius)
  
  > In your mail you told me you sent me one or more messages on Feb.
  > 8th. Feb 7th and 8th the server was down, and the flood of mail
  > that resulted from the server coming up again crashed my own mail
  > host. The problem was aggregated by an abusive user sending
  > thousands of messages to another user, filling up that users
  > mailbox. The bounce messages ended up in my mailbox, overflowing
  > my local disk as well.
  > 
  > I can only suppose that your message got lost in that hassle, as
  > I have tried to answer as much as possible of the anon-related
  > messages I get, from routine mis-addessed messages to complaints
  > about the service. On the average I spend 4-5 hours per day
  > answering anon-related messages.
  
  From: Karl_Kleinpaste@cs.cmu.edu
  
  > Why is it that everybody else has to put up with the impoliteness
  > and insensitivity of the misuse of anon.penet.fi?  Whose
  > definitions of "polite" and "sense" apply, and why? Why is
  > universal anon access considered to be within the realm of this
  > fuzzy concept of "politeness" in the first place?
  > 
  > I think Johan has long since crossed the line into being a rude
  > bastard, and I told him so in private mail a little while ago.
  > 
  > At this point, I deeply regret [a] having created an anonymous
  > system supporting >1 newsgroup and [b] having given the code to
  > Johan.  I didn't copyright it, but I thought that some concept of
  > politeness and good sense might follow it to new
  > homes.  Interesting that Johan's ideas of politeness and good
  > sense seem to have nearly no interesection with mine. I could
  > even cope with universal anon access _if_ Johan would be willing
  > to engage in abuse control, but somehow that seems to be outside
  > the range of reality...

  From: julf@penet.fi (Johan Helsingius)
  
  > There is no way for me to convey how sad and upset your message
  > made me. I do, to some extent, understand your feelings, but it
  > still feels really bad. Running the server requires getting used
  > to a lot of flames, but mindlessly abusive hate mail is so much
  > easier to deal with than something like this, as I do respect and
  > value your views and opinions to a high degree. No, I'm not
  > asking for sympathy, I just wanted you to know that I am really
  > giving your views quite a lot of weight.
  > 
  > When I asked for the software, I was actually only going to
  > provide the service to scandinavian users. But a lot of people
  > requested that I keep the service open to the international
  > community. I now realize that I ought to have contacted you at
  > that point to ask how you feel about me using your stuff in such
  > a context. Again, I really want to apologise. And I will replace
  > the remaining few pieces of code thet still stem from your
  > system. Unfortunately there is no way to remove the ideas and
  > structure I got from you.
  > 
  > Again, I am really sorry that the results of your work ended up
  > being used in a way that you don't approve of. And I will be
  > giving a lot of hard thought to the possibility of shutting down
  > the server alltogether.
  
  From: Karl_Kleinpaste@cs.cmu.edu
  
  > I think I'm feeling especially rude and impolite.  If it's good
  > for Johan, it's good for me.  After all, he didn't ask the
  > greater Usenet whether universal anon access was a good idea; he
  > just did it. ... Yes, I'm a seriously rude pain in the ass now,
  > and I think I'll arm the Usenet Death Penalty, slightly modified,
  > not for strategic whole-site attack, but tactical assault, just
  > "an[0-9]*@anon.penet.fi" destruction. Only outside alt.*, too,
  > let's say.
  > 
  > To parrot this line...people have been doing things like the UDP
  > (that is, cancelling others' postings) for years, no one could
  > ever stop them, and it's only politeness and good sense that has
  > prevented them up to now.
  > 
  > In fact, I have 8 people who have expressed privately the desire
  > and ability to arm the UDP.
  > 
  > ...
  > 
  > PS- No, in fact there are not 8 newsadmins ready to arm the
  > UDP.  It would be amusing to know how many people gulped hard
  > when they read that, though.  I don't see it as any different
  > from Johan's configuration.
  > 
  > PPS- Now that I've calmed some fears by the above PS...  There
  > are 2 newsadmins ready to arm the UDP.  They've asked for my
  > code.  I haven't sent it yet. Only one site would be necessary
  > to bring anon.penet.fi to a screeching halt.  Anyone can
  > implement the UDP on their own, if they care to.  Politeness and
  > good sense prevents them from doing so. I wonder how long before
  > one form of impoliteness brings on another form.

  From: julf@penet.fi (Johan Helsingius)
  
  > It would be trivially easy to bring anon.penet.fi to a screeching
  > halt. In fact it has happened a couple of times already. But as
  > we are talking threats here, let me make one as well. A very
  > simple one. If somebody uses something like the UDP or
  > maliciously brings down anon.penet.fi by some other means, it
  > will stay down. But I will let the users know why. And name the
  > person who did it. OK? As somebody said on this thread: "You have
  > to take personal responsibility for your actions", right?
  
  From: avs20@ccc.amdahl.com (  134 Atul V Salgaonkar)
  
  > I am very grateful and appreciative of this service , courtesey of
  > penet.fi.  Some important questions about my personal
  > life/career/job were resolved due to kind help of other people
  > who had been thru similar situations. In return, I have also
  > replied to anon postings where I thought I could make a positive
  > contribution.
  > 
  > In general, anon service is a great, in my opinion, although like
  > any tool some people will not use it responsibly. I suggest that
  > it should be kept alive. Wasting bandwidth is less important than
  > saving lives, I think.
  
  From: us273532@mmm.serc.3m.com (Elisa J. Collins)
  
  > I have been informed that the anonymous posting service to many
  > newsgroups has been turned off as a result of discussions in this
  > newsgroup over people abusing it.
  > 
  > I had been posting to a nontechnical misc newsgroup about an
  > intimate topic for which I felt I required privacy. I have
  > received immeasurable help from the people in that newsgroup, and
  > I have never used anonymity to behave in an abusive, immature, or
  > unethical fashion toward anyone.
  > 
  > Please, folks, believe me, I *need* this service.  Please
  > consider my point of view and permit admin@anon.penet.fi to turn
  > the service back on...
  > 
  > Thank you.

* * *

SEE ALSO
========

Part 1 (first file)
------

<1.1> What is `identity' on the internet?
<1.2> Why is identity (un)important on the internet?
<1.3> How does my email address (not) identify me and my background?
<1.4> How can I find out more about somebody from their email address?
<1.5> Why is identification (un)stable on the internet? 
<1.6> What is the future of identification on the internet?

<2.1> What is `privacy' on the internet?
<2.2> Why is privacy (un)important on the internet?
<2.3> How (in)secure are internet networks?
<2.4> How (in)secure is my account?
<2.5> How (in)secure are my files and directories?
<2.6> How (in)secure is X Windows?
<2.7> How (in)secure is my email?
<2.8> How am I (not) liable for my email and postings?
<2.9> How do I provide more/less information to others on my identity?
<2.10> Who is my sysadmin?  What does s/he know about me?
<2.11> Why is privacy (un)stable on the internet?
<2.12> What is the future of privacy on the internet?

<3.1> What is `anonymity' on the internet?
<3.2> Why is `anonymity' (un)important on the internet?
<3.3> How can anonymity be protected on the internet?
<3.4> What is `anonymous mail'?
<3.5> What is `anonymous posting'?
<3.6> Why is anonymity (un)stable on the internet?
<3.7> What is the future of anonymity on the internet?

Part 2 (previous file)
------

<4.1> What UNIX programs are related to privacy?
<4.2> How can I learn about or use cryptography?
<4.3> What is the cypherpunks mailing list?
<4.4> What are some privacy-related newsgroups?  FAQs?
<4.5> What is internet Privacy Enhanced Mail (PEM)?
<4.6> What are other Request For Comments (RFCs) related to privacy?
<4.7> How can I run an anonymous remailer?
<4.8> What are references on privacy in email?
<4.9> What are some email, Usenet, and internet use policies?
<4.10> What is the MIT ``CROSSLINK'' anonymous message TV program?

<5.1> What is ``digital cash''?
<5.2> What is a ``hacker'' or ``cracker''?
<5.3> What is a ``cypherpunk''?
<5.4> What is `steganography' and anonymous pools?
<5.5> What is `security through obscurity'?
<5.6> What are `identity daemons'?
<5.7> What standards are needed to guard electronic privacy?

<6.1> What is the Electronic Frontier Foundation (EFF)?
<6.2> Who are Computer Professionals for Social Responsibility (CPSR)?
<6.3> What was `Operation Sun Devil' and the Steve Jackson Game case?
<6.4> What is Integrated Services Digital Network (ISDN)?
<6.5> What is the National Research and Education Network (NREN)?
<6.6> What is the FBI's proposed Digital Telephony Act?
<6.7> What other U.S. legislation is related to privacy on networks?
<6.8> What are references on rights in cyberspace?
<6.9> What is the Computers and Academic Freedom (CAF) archive?

<7.1> What is the background behind the Internet?
<7.2> How is Internet `anarchy' like the English language?
<7.3> Most Wanted list
<7.4> Change history


* * *

This is Part 3 of the Privacy & Anonymity FAQ, obtained via anonymous
  FTP to pit-manager@mit.edu:/pub/usenet/news.answers/net-privacy/ or 
  newsgroups news.answers, sci.answers, alt.answers every 21 days.
Written by L. Detweiler <ld231782@longs.lance.colostate.edu>.
All rights reserved.