On Sat, Oct 10, 2015 at 10:45:21PM +0200, rysiek wrote:
Dnia sobota, 10 października 2015 15:27:45 Georgi Guninski pisze:
On Sat, Oct 10, 2015 at 01:13:06PM +0200, rysiek wrote:
Dnia piątek, 9 października 2015 15:42:51 Travis Biehn pisze:
2) I hope IA and other parties don't know I was drooling over TS dox. Use an anonymizing platform. If you're relying on the operator to 'not keep logs' *you're doing it wrong*, not JY.
This is classic "blaming the victim" move.
And who is the victim?
All whose IP addresses and metadata (date, time UA string, etc) got published within the logfiles.
Should I take care of my own opsec? By all means. Is it okay to publish/sell logs by the service provider? No, no it isn't.
Selling logs to the customers you logged and who (if they notice) likely will do the best to discredit you?
Selling logs with such data to anywone, really.
You know the majority of customers buying USBs almost surely regularly browsed cryptome? Selling THEIR logged info to them is definitely insane business plan. IMHO in this incident cryptome made several mistakes (possibly with a little help from their "friends"). If I were JYA I would apologize for the mistakes. Observe that running such site makes usa your adversary, so the task is highly non-trivial.