I just ran across a post on alt.privacy.anon-server from yesterday announcing that the Matterhorn anonymous remailer is down, apparently due to a hard drive failure.  Since the operator is out of the country it’s likely to be months before it’s restored to operation.

What I thought was a completely non-thought out answer to that post was somebody suggesting that they just give instructions to somebody with physical access to the machine it runs on so that they could get it going again.

Obviously this is a bad idea.  Why?  Because a remailer is a security application and the only way that it can STAY that way is if ONLY the operator has the passphrases needed to access the machine and the PGP keys for the remailer program itself.  Having anyone else do anything with it means giving those passphrases to them in order for them to be able to do it.  It’s right up there with sharing your personal PGP/GnuPG key passphrase.  You just don’t do it… ever.

Why can’t people see really obvious things like this?

Technorati Tags: encryption, anonymous, remailer, passphrase, pgp, security

Be Sociable, Share!
  • Twitter
  • Facebook
  • email
  • Google Reader
If you enjoyed this post, make sure you subscribe to my RSS feed!

Tagged with:

Filed under: AnonymityCurrent EventsEncryptionSecurity

Like this post? Subscribe to my RSS feed and get loads more!