alt.anonymous.messages fetcher (aamFetch)
Introduction
aamFetch is a utility to download anonymous nym messages from
alt.anonymous.messages. It supports esub headers and random download
of foreign messages (to increase your anonymity). You can find a more
detailed description below. However, if the terms
"nymserver", "anonymous remailer", "esub" and "alt.anonymous.messages"
are unfamiliar for you, you most probably won't need this tool...
Download
aamFetch requires a Java Runtime Environment (Standard Edition, 1.4
or higher). If you do not have it yet, download it for free from java.sun.com.
It also requires the bouncycastle crypto provider libraries for
decryption of esub subjects - however, if you use a binary package,
you do not have to download them, since they are included. If you want
to build aamFetch from source, you can download them from
the bouncycastle website.
Binary
download (Version 0.9.1, 870 KB)
Source
download (Version 0.9.1, 31 KB)
NOTE: I accidentally compiled aamfetch 0.9.1 with Java5 optimizations,
so if you want to run it on Java 1.4, you'll either have to compile it yourself,
or use this jar file
instead of the original one.
Sourceforge project page
is located here.
CVS
You can also get the latest "bleeding edge" source code from CVS.
Browse
it or use the following commands to check it out anonymously:
cvs -d:pserver:anonymous@aamfetch.cvs.sourceforge.net:/cvsroot/aamfetch
login
cvs -z3 -d:pserver:anonymous@aamfetch.cvs.sourceforge.net:/cvsroot/aamfetch
co aamfetch
Description
Sometimes you get into situations where it is helpful to write someone
an "anonymous" message and still be able to get replies. Depending on
your "threat model", it might be enought to create an e-mail account
at a freemailer for that purpose. But some people have a bit more
anonymous needs (or are just to paranoid the freemailer will give
their details away...). For that purpose there are some so called "nym
servers" available. One can send anonymous mails to them (by using,
e. g., the mixmaster
remailer network) and get a repliable mail address where mails
sent to it will be posted to the alt.anonmyous.messages newsgroup. (I
know, you can use nym servers to send mails back to your mail address
via reply blocks as well, but that scenario is not important here
since aamFetch won't help you in those cases). The content will be
sent encrypted (both with your PGP key and with a passphrase) and have
a subject chosen by you. However, the subject can be constant but it
does not need to. You can also use "encrypted subjects" - i.e. your
subject will be encrypted with a cipher feedback algorithm which will
bear a new ciphertext for every message. Only someone who knows the
key (also known as the "Encrypt-Subject" or short "esub") can see all
those messages belong together. Especially if you use this feature,
you are out of luck if you want to use your favourite news reader for
fetching your messages. Further more, if your news reader allows to
filter your messages, it might be possible for an attacker (sitting at
your NNTP server) to notice which messages you downloaded, and - even
worse - which messages belong together (since some newsreaders will
apply the filters sequentially, so all messages matching the first
filter will be downloaded "en bloc"). aamFetch can help you here. You
can specify as many Subjects and Subject/ESub combinations as you
like. Additionally you can specify to download (and discard) all other
messages as well - so that your nntp server admin cannot know
*anything* about what messages are for you. Or - if that is too much
traffic for you - you can limit foreign messages by size (Caution: If
an attacker sends a really large message for *you*, this might
compromise your anonmyity if you download it and no other large
messages!) or you can download only say 50% of the messages (randomly
chosen). This will use a SHA1 PRNG algorithm for the randomness. Since
there are lots of options to set up, there is a simple and an advanced
config interface available - just to meet everyone's needs. Messages
will be stored in .mbox format to simplify importing them into your
e-mail program. For those who don't have a mbox-capable e-mail
program, there is also a simple mbox viewer included.
More information can be found in the manual.
Contact me
You can contact me by (anonymous) mail at my sourceforge e-mail address.
Have fun!
