On October 10, 2015 10:16:55 AM Razer <Rayzer@riseup.net> wrote:
From the article:
"He discovered the files when he uploaded the contents of the sticks to the Internet Archive..."
Where the fuck does Michael Best, "researcher", get off publishing material THAT IS NOT HIS WORKS OR PLAINLY PUBLIC DOMAIN to IA?
This is an example of the kind of material IA expects to see:
https://archive.org/details/CabaleNewsServices
With permission of the creator... NOT server logs he just happens to have lying around.
RR
The Cryptome archives *are* publicly accessible. John limits bots and leechers to a certain number of files per day (as is his right, he is paying for the bandwidth), approx 100 iirc, but anyone who can use search strings can find anything on the site. In the past, John has given his blessing to uploading the Cryptome archives to the torrents. The files number close to 100K: I would not expect someone to inspect each document and folder of a public archive before uploading it, but Mike Best took the extra step to contact JY when he saw the log files and asked if those were part of the public archive or if they'd been included by mistake. If it had been resolved at that time, the log files would not have been published and we would not be having this particular discussion. We can see from the hash on coderman's torrent from 2014 that those same log files were indeed included on the USB drives sent out by Cryptome and in the archives John uploaded a few months ago for us to seed on torrents. (Which, incidentally, I'd planned on seeding as well, until my seeder box bit the dust and I have yet to replace it. I can tell you I would *not* have parsed 98,000 files before seeding the torrent.) I haven't yet stated my personal opinion on this because I have wanted this to be about the slide in question. I've been taken aback by the attacks on the researcher and I am worried that it's going to scare off the next person with important info to share. That's a lose/lose situation. There is no clear answer here. Yes, we are all responsible for our own opsec. Absolutely. If we access the clearnet without encryption we are leaving digital DNA everywhere and we get to face the consequences. This incident is a good reminder of this fact. Should access logs be kept for that long? Absolutely not. From what I have read in the email exchange that was posted, the log files were included in a NetSol total restore. My guess is that John/Cryptome did not intentionally keep these files, and did not realize these files were included in the archive. When I do incremental backups or updates on my own systems, I don't usually go back and check the integrity of files I've already archived in my closed system. I can see where this could be an honest mistake that has gotten blown way out of proportion. It's a good lesson to be more aware of these types of glitches. Can we collectively agree that it's not an ideal situation, but that we are all human and, as such, make mistakes - and just move on to the real issue of the veracity/provenance of the slide attributed to the GCHQ, which purportedly shows the (illegal) interception of the data of Cryptome visitors? That's the real issue here, and it *does* matter. I implore us all to let the noise die down and get to the matter at hand. Yes, with UKUSA / five eyes, GCHQ likely gets access to this type of data from the NSA just for the asking. That, too, is not the point in this instance. /rant -Shelley
On 10/09/2015 11:53 PM, Georgi Guninski wrote:
The main question is:
1. Why cryptome sold web logs to their paying customers?
Related questions:
2. Did they do it on purpose? 3. Did LEAs already had the logs via sniffing (at that time cryptome.org didn't have SSL AFAIK)? 4. Is it likely that the web server (and likely all internet connected machines of cryptome operators) was compromised?
In other news JYA talks in nearly prose: http://www.dailydot.com/politics/cryptome-ip-leak-john-young-michael-best/