[Mailman-Developers] [GSoC14] Full Anonymization Project Idea
Rashi Karanpuria
2013165 at iiitdmj.ac.in
Fri Feb 20 16:30:52 CET 2015
I totally understand that claiming to provide total privacy to any
individual could be vague and debatable in this case. And if we apply the
usual encryption it becomes very easy to hack. So using normal
cryptography is ruled out.
But if we could implement salting.
We generate a salt when a user is joins this list. It is stored in the
database with the individual's password and other details (assuming the
SQL database used is secure and does not give access rights to the
moderator or any one else). When user sends a mail we store the salt used
and fake mail id generated in another database (follows the previous
assumptions). In case of reply to same address we lookup the fake mail id
and corresponding salt and regenerate the address simultaneously applying
the process of fake mail id generation to the sender's mail id this time.
Also we need to filter the header from all the possible traces.
But then it depends on the accessibility of the database in question. Also
if we need to implement these processes someplace that is secure from
middle men or malware (server may be).
Or may be I guess the only way around is to trust the list admin but then
it won't be able to serve the needs when we wish to keep this thing out of
the hands of the admin. It then only keeps users anonymous from each other
while the admin knows everything.
If I am still thinking it all the wrong way. Please guide me as to how do
I approach the problem.
More information about the Mailman-Developers
mailing list