I was back at my house, reviewing my notes. It was about 3:30 in the afternoon, the weather was partly cloudy, with a temperature of about 80 degrees. A nice breeze was blowing, keeping things cool. I was out on the front porch, sitting in the Adirondack chair, with the usual snack. You can probably guess: oatmeal raisin cookies from Hilda's, and a big glass of cold milk.
Here's where I stood. I had installed "Herman" into a lot of systems. And, with any luck, Herman was able to find other systems to get into. So those systems were looking for packet headers that contain the delay codes. For each delay header found, the programs made a copy of the packet, and encrypted each packet, creating a mail message. That mail message was sent to an anonymous remailer. I'd collect the mail messages later.
There are two key concepts in that last paragraph that I might as well explain for those that need it.
I had set up the mailing program to use PGP - "Pretty Good Privacy". PGP uses public-key encryption to encrypt a file. You can send an encrypted file to another person, and you don't have to worry about a secure way to send the file. With PGP, you can exchange files or messages with privacy, authentication, and convenience. With privacy, only the intended recipient can read the message or file. Authentication ensures that if a message is from a particular person, that person originated the message. With convenience, you don't have to mess with managing the keys or passwords. That's because PGP is based on the technology of 'public key' cryptography.
The other concept is the anonymous remailer. It lets you send a message to another person without the other person knowing who it is from. A normal message will have information in the header of the message that identifies the sender, sending system, and other information. With that information in the header, you can tell who and where the message came from. The header information is added automatically to each message you send out.
The anonymous remailer lets you send mail anonymously. You get an email account on the mailer. You send mail to the remailer; the remailer strips off your identifying header, and then sends it from your anonymous user account. There is no information in your message that identifies its real source, or your real account name. And it works both ways. If someone sends a message to your anonymous account, it will be forwarded - remailed - to your user account. There are no records kept of your message, and no way for anyone to determine your anonymous mail ID. You can't tell whom the message is from. You can't track it.
So I was covered several ways, just in case anyone had found one of my intrusions. They might find the mailing program that sends the mail (although each message was overwritten after it was sent), but the encryption would make it unreadable. And the remailer I sent it through would stop any tracing that way.
In fact, just to make it a bit harder to trace, I had set up ten different remailer accounts, and each message was remailed at least three times. The messages were sent to several different mail drops. And I had written a script file for the terminal program that would connect to each mail drop and get the messages that were stored there.
I finished the last of the cookies, and went inside. It was time to set up the mail retrieval system.