Did you notice they mentioned it was revealed here? Dumbass, check before
posting your stupid ****.
"Rip" <rip@no.mail> wrote in message
news:06MN8QXP37855.8302430556@Gilgamesh-frog.org...
> http://theregister.co.uk/content/55/32450.html
>
> Net anonymity service back-doored
> By Thomas C Greene in Washington
> Posted: 21/08/2003 at 11:53 GMT
>
> The popular Java Anonymous Proxy (JAP), used to anonymise one's
> comings and goings across the Internet, has been back-doored by court
> order. The service is currently logging access attempts to a
> particular, and unnamed, Web site and reporting the IP addys of those
> who attempt to contact it to the German police.
>
> We know this because the JAP operators immediately warned users that
> their IP traffic might be going straight to Big Brother, right? Wrong.
> After taking the service down for a few days with the explanation that
> the interruption was "due to a hardware failure", the operators then
> required users to install an "upgraded version" (ie. a back-doored
> version) of the app to continue using the service.
>
> "As soon as our service works again, an obligatory update (version
> 00.02.001) [will be] needed by all users," the public was told. Not a
> word about Feds or back doors.
>
> Fortunately, a nosey troublemaker had a look at the 'upgrade' and
> noticed some unusual business in it, such as:
>
> "CAMsg:rintMsg(LOG_INFO,"Loading Crime Detection Data....\n");"
> "CAMsg:
> \n%s\n",id,crimeBuff,payLen);"
>
> and posted it to alt.2600.
>
> Soon the JAP team replied to the thread, admitting that there is now a
> "crime detection function" in the system mandated by the courts. But
> they defended their decision:
>
> "What was the alternative? Shutting down the service? The security
> apparatchiks would have appreciated that - anonymity in the Internet
> and especially AN.ON are a thorn in their side anyway."
>
> Sorry, the Feds undoubtedly appreciated the JAP team's willingness to
> back-door the app while saying nothing about it a lot more than they
> would have appreciated seeing the service shut down with a warning
> that JAP can no longer fulfill its stated obligation to protect
> anonymity due to police interference.
>
> Admittedly, the JAP team makes some good points in its apology. For
> one, they say they're fighting the court order but that they must
> comply with it until a decision is reached on their appeal.
>
> Jap is a collaborative effort of Dresden University of Technology,
> Free University Berlin and the Independent Centre for Privacy
> Protection Schleswig-Holstein, Germany (ICPP). A press release from
> ICPP assures users that JAP is safe to use because access to only one
> Web site is currently being disclosed, and only under court-ordered
> monitoring.
>
> But that's not the point. Disclosure is the point. The JAP Web site
> still claims that anonymity is sacrosanct: "No one, not anyone from
> outside, not any of the other users, not even the provider of the
> intermediary service can determine which connection belongs to which
> user."
>
> This is obviously no longer true, if it ever was. And that's a serious
> problem, that element of doubt. Anonymity services can flourish only
> if users trust providers to be straight with them at all times. This
> in turn means that providers must be absolutely punctilious and
> obsessive about disclosing every exception to their assurances of
> anonymity. One doesn't build confidence by letting the Feds plug in to
> the network, legally or otherwise, and saying nothing about it.
>
> Justifying it after the fact, as the JAP team did, simply isn't good
> enough.
>
> Telling us that they only did it to help catch criminals isn't good
> enough either. Sure, no normal person is against catching criminals -
> the more the merrier, I say. But what's criminal is highly relative,
> always subject to popular perception and state doctrine. If we accept
> Germany's definition of criminal activity that trumps the natural
> right to anonymity and privacy, then we must accept North Korea's,
> China's and Saudi Arabia's. They have laws too, after all. The entire
> purpose of anonymity services is to sidestep state regulation of
> what's said and what's read on the basis of natural law.
>
> The JAP Web site has a motto: "Anonymity is not a crime." It's a fine
> one, even a profound one. But it's also a palpably political one. The
> JAP project inserted itself, uncalled, into the turbulent confluence
> between natural law and state regulation, and signaled its allegiance
> to the former. It's tragic to see it bowing to the latter.
>
>
>
Reply With Quote