Alpha.c2.org Remailer FAQ
Andre Bacard
*** FAQ for the ALPHA.C2.ORG Remailer ***
by
Andre Bacard, Author of
"Computer Privacy Handbook"
[FAQ Updated October 25, 1995
[Links at http://www.well.com/user/abacard]
=================================================================
This article offers an unofficial, semi-technical user's guide to the
ALPHA.C2.ORG remailer. I have written this especially for persons with
a sense of humor. You may distribute this (unaltered) FAQ for
non-commercial purposes.
=================================================================
Who can benefit from this FAQ?
This FAQ assumes that you have used a remailer, for example the
popular ANON.PENET.FI in Finland. If you are a novice to remailers,
please read the "Anonymous Remailer FAQ" at my web site. This other
FAQ provides a overview of remailers plus links to technical info.
[See the top of this FAQ for Web address].
This ALPHA.C2.ORG article is designed for people who seek a higher-
security remailer than ANON.PENET.FI. Let's be blunt. ALPHA.C2.ORG
confuses many intelligent would-be users. This FAQ shows how to open
an account and how to use ALPHA.C2.ORG. I use as little jargon as
possible.
[Note: Some wizards will criticize me for omitting extra-security
tricks. If I cover these topics, 95% of the people reading this FAQ
will press the delete key. This FAQ is written for beginners. People
who want more details can visit the links at my Web site.]
What is ALPHA.C2.ORG?
ALPHA.C2.ORG is a PSEUDO-anonymous remailer based in Berkeley,
California. In 1994, Sameer Parekh <sam...@c2.org> founded a pro-
privacy internet service provider called the Community ConneXion.
ALPHA.C2.ORG is part of the Community ConneXion. Matt Ghio, well-
known in remailer circles, wrote the software for ALPHA.C2.ORG. The
code for ALPHA.C2.ORG is publicly available from Mr. Ghio
<gh...@c2.org>.
C2.ORG is a computer that serves various remailers. For example, you
may have seen <syr...@c2.org>, <rem...@c2.org>, or <hro...@c2.org>.
These remailers are separate from <alpha.c2.org>. I say this because
people tell me that they're confused that these remailers have
similar addresses.
What's special about ALPHA.C2.ORG?
ALPHA.C2.ORG uses PGP (Pretty Good Privacy) encryption for all
messages (and headers!) between your machine and the C2.ORG machine.
Why is this important? For most e-mail users, the greatest privacy
threat comes from their internet service provider; namely, from
employees who read mail as part of "routine security maintenance."
ALPHA.C2.ORG protects you from these employees, as well as from
other snoops.
[For curious readers only. ALPHA.C2.ORG is a PSEUDO-anonymous
remailer. This means that the person(s) who operate ALPHA.C2.ORG can
read your mail. In addition, your internet provider (and others) can
monitor when you send or receive material from remailers. This
"traffic analysis" may or may not concern you.]
What software/data do I need to use ALPHA.C2.ORG?
a) You need PGP version 2.6 or later installed in your computer.
Better yet, it helps if you know how to use PGP. :-)
b) You need an email program that can process two colons in
succession ("::"). [Strictly speaking, you will need this
feature to test your reply block, which is part of the process
of opening an ALPHA.C2.ORG account]. I use the popular Pine
mail reader for this task.
c) You need an email account that permits you to send and receive
PGP encrypted mail.
d) You need a text editor (word processing software) that can save
a page of text as an ASCII file.
e) You need the PGP public key for al...@alpha.c2.org on your PGP
key ring. This FAQ provides that public key. [It is always
possible that Community ConneXion will change this key. Write
<he...@alpha.c2.org> to be sure you are using the latest key].
f) You need the PGP public key for AT LEAST ONE active (cypherpunk)
remailer on your key ring. This FAQ provides the public key
for one sample remailer called <h...@alumni.caltech.edu>. [It
is always possible that "hal" will shut down by the time you
read this FAQ]. You can get up-do-date remailer PGP keys from
various sources, including:
1) finger pgp...@kiwi.cs.berkeley.edu
2) http://www.cs.berkeley.edu/~raph/remailer-list.html
Click on the link to Matt Ghio's site.
g) You need an up-to-date list of active (cypherpunk) remailers.
You can get this list via:
1) finger remail...@kiwi.cs.berkeley.edu
2) http://www.cs.berkeley.edu/~raph/remailer-list.html
What are the fewest steps I need to use ALPHA.C2.ORG?
a) You need to build a "reply block". This FAQ shows exactly how to
accomplish this.
b) You need to e-mail an "application form" to ALPHA.C2.ORG. This
FAQ explains the exact details.
c) You need to test that your ALPHA.C2.ORG is open and working. You
guessed correctly... This FAQ shows how to do this.
How do I build a "reply block"?
A reply block is a PGP encrypted message that tells a (cypherpunk)
remailer your e-mail address.
In the following illustrations, l have used my dog's e-mail address
<wuff...@well.com>. I have also employed "cut here" lines. The
material that you need is BETWEEN these lines. Do not actually type
the "cut here" lines. Blank lines are important. Thus, I have marked
where blank lines are required. Do not actually type "<blank line>".
Step 1) Using your text editor, type text that looks EXACTLY as
follows. [Of course, you will use your e-mail address rather
than <wuff...@well.com>].
+++ cut here +++
::
Request-Remailing-To: wuff...@well.com
<blank line>
+++ cut here +++
Step 2) Save these three lines as an ASCII file called FILE1.TXT.
This file must be a purely ASCII file, as your text editor's
command codes will cause chaos.
Step 3) Decide what remailer(s) you want to use for your reply
block. You can use one or more remailers. To my mind, it is
overkill to use more than three. The good news... The more
remailers you use, the better you hide your real e-mail
address. The bad news... The more remailers you use, the
better chance that one of the remailers is DOWN and that your
email gets lost! For his FAQ, I use the PGP public key for
<h...@alumni.caltech.edu>. At present, "hal" is a reliable
remailer.
Here is the <h...@alumni.caltech.edu> PGP public key:
+++ cut here +++
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7
mQBNAisCtU0AAAEB/jNOYzN1B2YzOxlK/Zb6axoOaGlPq5I7DV9GH3hcGRN5N6Fi
T4sRLhi53Sc5rUdYDa8mFQd4tqvFG6rHcT8LtDcABRG0KlJlbWFpbGluZyBTZXJ2
aWNlIDxoYWxAYWx1bW5pLmNhbHRlY2guZWR1PokAlQIFECsGk/aoEwOvWCFMNwEB
24gEAJlpxL88gdKUxdgXCTCeFZ45bTbyiS0Mfy86iGthyuLRYjAEjJB5yerRaKDi
JNOgCTvnO+I9YyFdXnPEpvBjqVfpqHF2WCc4f7BgzBbOKg79EyiOp2/eYIQT1Fkk
cvisjRGlmHncfGgoq+OhVUw81imeSUPbv8vZyqskUU7djZKb
+4W6s
-----END PGP PUBLIC KEY BLOCK-----
+++ cut here +++
Step 4) Encrypt FILE1.TXT as shown in the next command line. [If
you use a graphical interface, click the proper boxes.]
+++ cut here +++
pgp -eat FILE1.TXT h...@alumni.caltech.edu
+++ cut here +++
You just created a PGP encrypted file called FILE1.ASC. My FILE1.ASC
is reproduced below. Of course your PGP encrypted file will have
different characters than mine.
+++ cut here +++
-----BEGIN PGP MESSAGE-----
Version: 2.7
hEwDG6rHcT8LtDcBAf4qBi2PKnUyeK51i7PrmL919TSWUJEAYLoPanLrTfGulPJm
e1AsurWBzlHLRDwGFZvDAw0+0zSMZlk2Ka8c5GkmpgAAAE9gZuto8qo+tDEMnPTd
xSb47bzkrQB8GHduzdzpVosKEOqIMslkQKZOiBn2cR5qm7ZEIDGBYcGYYdYbhT0c
Rtb95yVmdHWDXiU88vmDTKwq
+hwGS
-----END PGP MESSAGE-----
+++ cut here +++
Step 5) Tell your remailer that you are sending it a PGP encrypted
message, so that it will know to decrypt your instructions. To
accomplish this, add three lines to the top of FILE1.ASC as
shown below:
+++ cut here +++
::
Encrypted: PGP
<blank line>
-----BEGIN PGP MESSAGE-----
Version: 2.7
hEwDG6rHcT8LtDcBAf4qBi2PKnUyeK51i7PrmL919TSWUJEAYLoPanLrTfGulPJm
e1AsurWBzlHLRDwGFZvDAw0+0zSMZlk2Ka8c5GkmpgAAAE9gZuto8qo+tDEMnPTd
xSb47bzkrQB8GHduzdzpVosKEOqIMslkQKZOiBn2cR5qm7ZEIDGBYcGYYdYbhT0c
Rtb95yVmdHWDXiU88vmDTKwq
+hwGS
-----END PGP MESSAGE-----
+++ cut here +++
Step 6) Save this purely ASCII file as FILE2.ASC. This new file is
your reply block. Congratulations!
Step 7) Test your reply block to be sure it works. To do so, send
FILE2.ASC to <h...@alumni.caltech.edu>. Your headers can look
like this:
+++ cut here +++
To: h...@alumni.caltech.edu
Subject: testing
+++ cut here +++
whereas your message will look like this,
+++ cut here +++
::
Encrypted: PGP
<blank line>
-----BEGIN PGP MESSAGE-----
Version: 2.7
hEwDG6rHcT8LtDcBAf4qBi2PKnUyeK51i7PrmL919TSWUJEAYLoPanLrTfGulPJm
e1AsurWBzlHLRDwGFZvDAw0+0zSMZlk2Ka8c5GkmpgAAAE9gZuto8qo+tDEMnPTd
xSb47bzkrQB8GHduzdzpVosKEOqIMslkQKZOiBn2cR5qm7ZEIDGBYcGYYdYbhT0c
Rtb95yVmdHWDXiU88vmDTKwq
+hwGS
-----END PGP MESSAGE-----
<blank line>
<You can write a message to yourself starting on this line. For example,
you can say "this reply block works.">
+++ cut here +++
If everything goes well, <h...@alumni.caltech.edu> will decrypt your
reply block and send you a message. This process could take minutes,
hours, or a couple days. Note that this "confirmation" message may
come from an anonymous remailer other than <h...@alumni.caltech.edu>!
Don't worry about this. It provides extra security for you. Here is
a sample confirmation:
+++ cut here +++
Date: Thu, 9 Oct 1995 15:06:09 -0700
To: wuff...@well.com
From: anonymous...@shell.portal.com
Subject: ignore
Comments: This message is NOT from the person listed in the From line.
It is from an automated software remailing service operating at that
address.
THE PORTAL SYSTEM DOES NOT CONDONE OR APPROVE OF THE CONTENTS OF THIS
POSTING. Please report problem mail to <hfi...@shell.portal.com>.
+++ cut here +++
If you do NOT receive a response, something has gone wrong. Do NOT
expect the remailer, in this case <h...@alumni.caltech.edu>, to send
you an error message. If you've made a mistake, there is no way for
the remailer to read your message and respond to you. It's also
possible that the remailer is down. All you can do is RECHECK and
then RESUBMIT your reply block. This can be frustrating, but nobody
says that finding glitches is easy.
In my experience, four problems are most common.
1) People do NOT build their reply block using ASCII files.
2) People do NOT encrypt their reply block with the proper "pgp -
eat" commands.
3) People make typos; for example, they misspell "Remailing".
4) The remailer(s) in your reply block are DOWN.
How do I open an ALPHA.C2.ORG account?
Step 1) Choose a unique username for yourself. For illustration, I
will pick "bigwuff".
Step 2) Pick a passphrase that includes alpha-numeric characters
and/or the hyphen. ALPHA.C2.ORG will use this passphrase to
encrypt messages to you using PGP's conventional option. Thus,
you'll have to retype your passphrase to decrypt every e-mail
that you receive from ALPHA.C2.ORG. Give yourself a break.
Create a passphrase that you can type without making typos. Do
NOT use the same passphrase that you use for your PGP
secret\public key. For this demo, I'll use "pussycat".
Step 3) Build a message to ALPHA.C2.ORG that includes the reply
block that you have ALREADY TESTED. Your message should look
like this:
+++ cut here +++
From: big...@alpha.c2.org
Password: pussycat
Reply-Block:
::
Anon-To: h...@alumni.caltech.edu
<blank line>
::
Encrypted: PGP
<blank line>
-----BEGIN PGP MESSAGE-----
Version: 2.7
hEwDG6rHcT8LtDcBAf4qBi2PKnUyeK51i7PrmL919TSWUJEAYLoPanLrTfGulPJm
e1AsurWBzlHLRDwGFZvDAw0+0zSMZlk2Ka8c5GkmpgAAAE9gZuto8qo+tDEMnPTd
xSb47bzkrQB8GHduzdzpVosKEOqIMslkQKZOiBn2cR5qm7ZEIDGBYcGYYdYbhT0c
Rtb95yVmdHWDXiU88vmDTKwq
+hwGS
-----END PGP MESSAGE-----
+++ cut here +++
Step 4) Save this as the purely ASCII file FILE3.TXT.
Step 5) Add the PGP public key for ALPHA.C2.ORG to your key ring.
Here is the PGP key, which is called al...@alpha.c2.org. [Contact
<he...@alpha.c2.org> to be sure this is the latest key.]
+++ cut here +++
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7
mQCNAi7K8rQAAAEEAMiK09Nd+NfaL4Q14bKT0Ivdj3MdbCjAG6Cs5ULYBS1ZWSLA
KiHsm0+kPNHqBVOufN7FT2iK0Mbuyk+dZgHG6ScicDkImysRkmso7eh5c9mU9V8K
M0+ImKJyOwgVLEgyRK5e4h2XHpwSTtpx3zZpk4CsexLGCQNXF+ikm236U0rNAAUR
tCpQc2V1ZG9ueW1vdXMgUmVtYWlsZXIgPGFsaWFzQGFscGhhLmMyLm9yZz4+
+xmQf
-----END PGP PUBLIC KEY BLOCK-----
+++ cut here +++
Step 6) Encrypt FILE3.TXT as shown in the next command line. [If
you use a graphical interface, click the proper boxes.]
+++ cut here +++
pgp -eat FILE3.TXT al...@alpha.c2.org
+++ cut here +++
You just created a PGP encrypted file called FILE3.ASC that will
look something like this:
+++ cut here +++
-----BEGIN PGP MESSAGE-----
Version: 2.7
hIwD6KSbbfpTSs0BA/9tSqalNSgCqiIy6jf/LsxlD3BX3d+bc3BiRoP/FcFwoxB5
pZjki8gX8vmYqXDRvjDdohfH2glCzwDPOaYpshr0RbL1zY+7dqZDwY+ABtqivls4
ng5s1R+3JZjksadzjJ3Xtvftk5nre+S66r33bwrZvz/4ay3XBcsLN/RInNypeXia
+6UjG
-----END PGP MESSAGE-----
+++ cut here +++
[For curious readers only. Note that you do NOT add the ":: PGP:
Encrypted" headers to ALPHA.C2.ORG encrypted messages as is required
by (cypherpunk) remailers].
Step 7) Send this "application form" to ALPHA.C2.ORG as follows.
You don't need to put anything in the Subject: header unless
your mailer software requires it. Here is a sample.
headers,
+++ cut here +++
To: al...@alpha.c2.org
Subject: dogs and cats
+++ cut here +++
message,
+++ cut here +++
-----BEGIN PGP MESSAGE-----
Version: 2.7
hIwD6KSbbfpTSs0BA/9tSqalNSgCqiIy6jf/LsxlD3BX3d+bc3BiRoP/FcFwoxB5
pZjki8gX8vmYqXDRvjDdohfH2glCzwDPOaYpshr0RbL1zY+7dqZDwY+ABtqivls4
ng5s1R+3JZjksadzjJ3Xtvftk5nre+S66r33bwrZvz/4ay3XBcsLN/RInNypeXia
+6UjG
-----END PGP MESSAGE-----
+++ cut here +++
If all goes well, this will open your account and your new e-mail
address will be <big...@alpha.c2.org>. Your account might take a
few minutes, hours, or days to open.
How do I know my ALPHA.C2.ORG account works?
In theory, you will receive a "confirmation" note from ALPHA.C2.ORG
that your account has been opened. In practice, I have not received
one. [As a wit once noted, "In theory, there is no difference
between theory and practice. In practice, there is a big
difference.] To save yourself from a sleepless night, I recommend:
Step 1) Send mail to <big...@alpha.c2.org> and see if the mail is
forwarded to you. Here is a sample test message:
headers,
+++ cut here +++
To: big...@alpha.c2.org
Subject: Testing
+++ cut here +++
message,
+++ cut here +++
Send any test message you want here. It can be encrypted or unencrypted.
++ cut here +++
[For curious readers only. Notice that the above demo message is NOT
encrypted. This means that your internet provider can read this
outgoing e-mail. He might be able to guess that you
<wuff...@well.com> are the person behind the <big...@alpha.c2.org>
account. For greater security, you could send the above message
encrypted and through an intermediate anonmyous remailer.]
If all goes well, you will receive a message similar to this:
++ cut here +++
To: wuff...@well.com
From: anonymous...@shell.portal.com
Comments: This message is NOT from the person listed in the From
line. It is from an automated software remailing service operating at
that address.
THE PORTAL SYSTEM DOES NOT CONDONE OR APPROVE OF THE CONTENTS OF THIS
POSTING. Please report problem mail to <hfi...@shell.portal.com>.
-----BEGIN PGP MESSAGE-----
Version: 2.6
pgAAAcU+Awu6CMYZoYDKc2vSwWiIWnXUksVWAFe1vjMzUTbpVYuXi3qMxmj8jFz1
jkiopHGTYliegjhLYOUGakdierthgj84+2ablecIOPlepglapeKHYaMxnkrlwplf
XLFlK4/59J6HfI06WAb2/VzDpfIUFs78XlE+
+/7ZV
-----END PGP MESSAGE-----
++ cut here +++
ALPHA.C2.ORG encrypted the above message to you using your
passphrase "pussycat".
Step 2) Use PGP and your passphrase "pussycat" to decrypt your test
message. If it reads "Send any test message you want here. It
can be encrypted or unencrypted", you are in business.
What happens if you do NOT receive a response? Again, ALPHA.C2.ORG
or the remailer(s) in your reply block might be down. You must
simply try again!
Here is another possibility. Suppose that someone has already opened
the account <big...@alpha.c2.org>. Your "application form" will
have the wrong password. You cannot know that your choice for a
username has been taken. You will know only that you do NOT receive
a response to your test mailing. Meanwhile, whoever does control
<big...@alpha.c2.org> will get your test message!
How do I send mail via ALPHA.C2.ORG?
Step 1) Using your text edit, write any message that you want to
send to a correspondent. You can leave this message as
plaintext, or you can PGP ASCII encrypt the message before you
send it to someone. At the top of your message, add the
appropriate headers. Here is a sample.
++ cut here +++
From: big...@alpha.c2.org
Password: pussycat
To: ti...@zoo.org
Subject: Size of Tigers
<blank line>
Mr. Tiger,
My seven pound pussycat friend says that you weigh five hundred pounds.
I promise never to bark at you! Respectfully yours, Little Dog.
++ cut here +++
Step 2) Save this as a purely ASCII file called FILE4.TXT.
Step 3) Encrypt FILE4.TXT as shown in the next command line. [If
you use a graphical interface, click the proper boxes.]
+++ cut here +++
pgp -eat FILE4.TXT al...@alpha.c2.org
+++ cut here +++
You just created the encrypted file FILE4.ASC.
Step 4) Send FILE4.ASC to al...@alpha.c2.org. You do NOT need any
additional headers.
[For curious readers only. For added security, you can make
al...@alpha.c2.org the last destination in a chain of remailers.
This way there is no direct link between you and alpha.c2.org.]
How do I change my account?
After all this work, do you really want to change anything??
Seriously, remailers come and go. If your reply block depends on a
remailer that no longer works, then ALPHA.C2.ORG will have NO WAY
to contact you. Thus, you'll have to change your reply block. You
might also periodically change your passphrase.
Step 1) Send ALPHA.C2.ORG an encrypted message just as you did to
set up your initial account. The only difference is that you
add a Password: header and/or a new reply block. Examine the
following example:
+++ cut here +++
From: big...@alpha.c2.org
Password: pussycat
New-Password: tiger
Reply-Block:
::
Anon-To: h...@alumni.caltech.edu
<blank line>
::
Encrypted: PGP
<blank line>
-----BEGIN PGP MESSAGE-----
Version: 2.7
aj6kcstHcT8LtDcBAf4qBi2PKnUyeK51i7PrmL919TSWUJEAYLoPanLrTfGulPJm
e1AsurWBzlHLRDwGFZvDAw0+0zSMZlk2Ka8c5GkmpgAAAE9gZuto8qo+tDEMnPTd
xSb47bzkrQB8GHduzdzpVosKEOqIMslkQKZOiBn2cR5qm7ZEIDGBYcGYYdYbhT0c
Rtb95yVmdHWDXiU88vmDTKwq
+hwGS
-----END PGP MESSAGE-----
+++ cut here +++
Is there an easier way to do this?
Software programs such as Premail for UNIX and Private Idaho for
Windows automate the tedious process of building reply blocks and
sending messages via multiple remailers. See my Web site links for
technical details.
Can I respond to ANON.PENET.FI messages?
Yes. Write, say, <an...@anon.penet.fi> just as you would write to
any other address. ALPHA.C2.ORG will forward your message to
ANON.PENET.FI, whereupon ANON.PENET.FI will give
<big...@alpha.c2.org> an alias. ALPHA.C2.ORG will forward this
alias, for example, <an...@anon.penet.fi> to you.
Andre, have you written other privacy-related FAQs?
I'm circulating an (1) Anonymous Remailer FAQ, (2) E-Mail
Privacy FAQ, (3) (Non-Technical) PGP FAQ for Novices, and (4)
ALPHA.C2.ORG Remailer FAQ. To get these FAQs,
Visit my WEB site: http://www.well.com/user/abacard
Or send me this e-mail: To: aba...@well.com
Subject: Help
Message: [Ignored]
======================================================================
aba...@well.com Bacard wrote "The Computer Privacy
Stanford, California Handbook" [Intro by Mitchell Kapor].
"Playboy" Interview (See Below) Published by Peachpit Press, (800)
http://www.well.com/user/abacard 283-9444, ISBN # 1-56609-171-3.
=======================================================================