Groups | Search | Server Info | Login | Register
Groups > alt.privacy.anon-server > #50506
| From | Zax <admin@mixmin.net> |
|---|---|
| Newsgroups | alt.privacy.anon-server |
| Subject | Re: Type 1 Blocked Chains |
| Date | 2016-04-14 10:52 +0000 |
| Organization | Mixmin |
| Message-ID | <slrnngutjm.995.admin@fleegle.mixmin.net> (permalink) |
| References | <99688457279687a69a40d6ad2ca10fb8@remailer.cpunk.us> <slrnngsih5.995.admin@fleegle.mixmin.net> |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 13 Apr 2016 13:31:17 -0000 (UTC), Zax wrote in
Message-Id: <slrnngsih5.995.admin@fleegle.mixmin.net>:
> Interesting!
>
> Looking at my pinger, they all show a high percentage uptime so Echolot
> is getting flawless replies back from each of them.
>
> When messages are chained from any remailer to them, they appear to be
> completely broken: Echolot sees no responses.
>
> Holland and Brabus are Exit remailers so this isn't a randhop issue
> (Exits don't randhop).
>
> All the broken chains are to remailers running Mixmaster >= 3.0.3b,
> excepting Senshi that runs Reliable.
>
> I'm guessing at a PGP symmetric key issues but it is only a guess. Are
> any of those remops seeing errors in their mixmaster log?
No clear answer yet but a couple more pointers:
In GnuPG 1.4.13, the IDEA cipher was reenabled. Mixmaster uses openssl
for decryption and none of the Broken Chain remailers have IDEA compiled
into openssl. This shouldn't be an issue as none of them have IDEA in
their PGP key cipher preferences. E.g.
$ gpg --list-key leafy
pub 1024D/E28B4EAA 2015-11-09
uid Leafy Remailer <leafy@gpgvenue.com>
sub 1024g/58231BD0 2015-11-09
$ gpg --edit-key e28b4eaa
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 1024D/E28B4EAA created: 2015-11-09 expires: never usage: SCA
trust: unknown validity: unknown
sub 1024g/58231BD0 created: 2015-11-09 expires: never usage: E
[ unknown] (1). Leafy Remailer <leafy@gpgvenue.com>
gpg> showpref
[ unknown] (1). Leafy Remailer <leafy@gpgvenue.com>
Cipher: CAST5, AES, 3DES
Digest: SHA1
Compression: ZIP, Uncompressed
Features: MDC
So leafy's Cipher preference is CAST5.
Despite this, I'm quite suspicious that IDEA is part of the problem. I
checked hsub's error log and saw loads of:
Error: [18633] Unknown symmetric algorithm.
I recompiled Mixmaster to supply a more descriptive log message and got:
Error: [18633] Unknown symmetric algorithm: 1.
The cipher index is defined in pgp.h:
/* symmetric algorithms */
#define PGP_K_ANY 0
#define PGP_K_IDEA 1
#define PGP_K_3DES 2
#define PGP_K_CAST5 3
#define PGP_K_BF 4
#define PGP_K_AES128 7
#define PGP_K_AES192 8
#define PGP_K_AES256 9
In other words, hsub is seeing hundreds of IDEA encrypted messages that
it can't decrypt, despite not having IDEA in its cipher preferences.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXD3Z2AAoJEC3jHKG+PvqnY7wQAM3LQhXilV76aF/1bx+PBuFj
JX+O57fDZLDzaUMAiCzeamrDTRixGV9IZGDAeD5avLQIWqEE3+it50JDBi7xme2K
1b7w5HQmzLywKqR657KcYtGsCPXx/F1kQqyvFdgLjQv2fSNv1S5U/AidfxLntfni
NYdbyPYGRl75wNl3TZotcr4Mlf63+yMGvACULPWv60sCk4KBBuF4J9eHM6b76drR
bFwg6BBPZFJTJzuEOGOymATQvyMvYNt2FCi0x+AOQvKAcpknNihXvRgq9eCi2a+7
Or3BwhuxM/u8X8/fqPKeaJQuyB/IzjRIDcojdsJzWslRJZFlZCLgukJovIWQKGrp
Mkdz0Wg9j7UkXDPiO/tlj4hOZRKnfokEuGyJJpeXHAeQQRfQ8/4Bf+J02HSDUk6F
wTARihYsxEcKXGznw3dfAYUG7Bs4u8kuUk6K00RHMEZ5/WHdIvNRkYzOYIHE5qIY
wB3+7/f8UwzKQTqpYwLTQV/Quok+shGrGRDS1fTNMfc178DkzGkrt6fomk9X2y6f
kQeUUOCq3sSJmTezMjAHq8XX1VUFZ6N5RtfSwtonEKkuOX+86t0VbhiLcLgurQho
YOLstwlvNhTi8MqhzClJlaU3gN0skyK8ivxb6j3fW6awjdwN146kFo+wKu8lVmpw
N9ope1kr/QtQYKkoZL2l
=dWl5
-----END PGP SIGNATURE-----
--
pub 1024D/228761E7 2003-06-04 Steven Crook <steve@mixmin.net>
Key fingerprint = 1CD9 95E1 E9CE 80D6 C885 B7EB B471 80D5 2287 61E7
sub 4096R/BE3EFAA7 created: 2014-11-14 expires: 2016-11-13 usage: S
Back to alt.privacy.anon-server | Previous | Next — Previous in thread | Next in thread | Find similar
Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-12 08:53 -0400
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-13 00:18 +0200
Re: Type 1 Blocked Chains Brabus <altaylor06@gmail.com> - 2016-04-13 03:35 -0700
Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-13 12:14 +0100
Re: Type 1 Blocked Chains Anonymous <nobody@remailer.paranoici.org> - 2016-04-13 14:42 +0000
Type 1 Blocked Chains Anonymous <nobody@remailer.paranoici.org> - 2016-04-13 16:54 +0000
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-13 21:35 +0200
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-14 05:50 +0200
Re: Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-14 03:06 -0400
Re: Type 1 Blocked Chains Fritz Wuehler <fritz@spamexpire-201604.rodent.frell.theremailer.net> - 2016-04-15 00:40 +0000
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-15 08:45 +0200
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-15 15:30 +0200
Re: Type 1 Blocked Chains Brabus <altaylor06@gmail.com> - 2016-04-13 23:46 -0700
Re: Type 1 Blocked Chains Nomen Nescio <nobody@dizum.com> - 2016-04-14 08:37 +0200
Re: Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-14 16:41 +0100
Re: Type 1 Blocked Chains Cornelis Tromp <nobody@holland.remailer.nl> - 2016-04-14 22:54 +0100
Re: Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-14 07:22 +0100
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-13 13:31 +0000
Re: Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-13 17:14 +0100
Re: Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-13 17:54 +0100
Re: Type 1 Blocked Chains Red John <redjohn@nym.mixmin.net> - 2016-04-13 17:58 +0100
Re: Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-13 19:05 +0100
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-13 18:53 +0000
Re: Type 1 Blocked Chains Cornelis Tromp <nobody@holland.remailer.nl> - 2016-04-13 22:45 +0100
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-13 22:04 +0000
Re: Type 1 Blocked Chains SEC3 <sec3-pinger@sec3.invalid> - 2016-04-13 18:41 -0400
Re: Type 1 Blocked Chains Anonymous <anonymous@hoi-polloi.org> - 2016-04-14 08:33 +0200
Re: Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-14 11:07 -0400
Re: Type 1 Blocked Chains Jeremy Bentham <nobody@anemone.mooo.com> - 2016-04-14 22:30 +0200
Re: Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-13 18:36 -0400
Re: Type 1 Blocked Chains Nomen Nescio <nobody@dizum.com> - 2016-04-14 02:17 +0200
Re: Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-13 23:56 -0400
Re: Type 1 Blocked Chains elvis-85503@notatla.org.uk - 2016-04-14 08:55 +0000
Re: Type 1 Blocked Chains Fritz Wuehler <fritz@spamexpire-201604.rodent.frell.theremailer.net> - 2016-04-15 01:44 +0000
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-14 10:52 +0000
Re: Type 1 Blocked Chains SEC3 <sec3-pinger@sec3.invalid> - 2016-04-14 14:13 -0400
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-15 10:04 +0000
Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-15 13:01 +0100
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-15 13:22 +0000
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-15 13:55 +0000
Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-15 17:27 +0100
Re: Type 1 Blocked Chains Fritz Wuehler <fritz@spamexpire-201604.rodent.frell.theremailer.net> - 2016-04-15 18:12 +0000
Re: Type 1 Blocked Chains Anonymous <nobody@remailer.paranoici.org> - 2016-04-15 20:29 +0000
Type 1 Blocked Chains Nathan Hale <nobody@remailer.org.uk> - 2016-04-15 16:31 +0100
Re: Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-15 13:29 -0400
Re: Type 1 Blocked Chains Zax <admin@mixmin.net> - 2016-04-15 18:54 +0000
Type 1 Blocked Chains Jack Ryan <mixmaster@remailer.cpunk.us> - 2016-04-15 11:18 -0400
Re: Type 1 Blocked Chains SEC3 <sec3-pinger@sec3.invalid> - 2016-04-15 11:45 -0400
Re: Type 1 Blocked Chains elvis-85503@notatla.org.uk - 2016-04-16 09:06 +0000
csiph-web