On Fri, 22 Aug 2003, Thomas Shaddack wrote:
> Yet more info. Let's not overreact before we get complete dataset.
It is worth noting that the notice mentioned below was placed on the JAP
website only after the news of the back channel was made public on Usenet
and the various security mailing list
Yet more info. Let's not overreact before we get complete dataset.
-- Forwarded message --
Date: Fri, 22 Aug 2003 09:34:27 +0200
Subject: Re: Popular Net anonymity service back-doored
From: nordi <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
On Thursday, 21. August
At 10:39 PM 8/21/2003 +0200, Thomas Shaddack wrote:
However, perhaps the JAP team at TU Dresden hadn't much choice. I
haven't seen the court order, but I could imagine that they weren't
allowed to inform the users because it would have harmed the criminal
investigation. Following the order while
More informations.
-- Forwarded message --
Date: Thu, 21 Aug 2003 20:38:46 +0200
Subject: Re: Popular Net anonymity service back-doored
From: Florian Weimer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Cc: Thomas C. Greene <[EMAIL PROTECTED]>
-BEGIN PGP SIGNED
At 06:44 PM 8/21/03 +0200, Thomas Shaddack wrote:
>Popular Net anonymity service back-doored
>Fed-up Feds get court order
>http://theregister.co.uk/content/55/32450.html
>
>The popular Java Anonymous Proxy (JAP), used to anonymise one's comings
and
>goings across the Internet, has been back-doored
The good thing on the bad thing is that Java is relatively easy to
decompile and audit. The bad thing on this good thing is that next to
nobody will bother. The good thing on this bad thing is that at least
someone will do, as it turned out in this case.
Wondering how difficult it would be to make