It's simple.
Someone made a mistake. Best was initially assumed full of shit by JYA, as he's a neophyte - and is consistently 'off-message' for this list.

Others, wishing to read more into it, other than face value of hubris, see plans within plans.

At the end of the day, Bests' disclosures amount to nothing of consequence. At best he overhyped them, being a neophyte. At worst he's JTRIGd the list, hilariously easily. The technical cognoscenti on the list stay quiet, "code compiling" as the good doctor says.

In general, this oversight is valuable because it demonstrates one thing:
Even if you try to delete it.
If there's a signal it will leak. Purposefully or not.

When the protocol you use doesn't provide metadata anonymity, don't expect it because you won't get it. If you don't understand this - keep studying.

Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put your money where your mouth is - improve it, donate, write your own, fix the bug & plug the hole.

Travis


On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <drjfeinstein@mail.com> wrote:
Maybe, but why those foldersmonths only? Itd be good to hear from JYA, especially b/c Netsol contradicts him.

> Sent: Sunday, October 11, 2015 at 9:13 PM
> From: "Alfie John" <alfiej@fastmail.fm>
> To: cypherpunks@cpunks.org
> Subject: Re: Why cryptome sold web logs to their paying customers?
>
> On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > Resend–HTML email scrubbed
> >
> > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > netsol won't let him delete the logs but Netsol says logs are disabled
> > by default[
> > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/]
> > and you have to turn them on.
> >
> > So how the fuckd this really happen?
> >
> > Mirimir <mirimir@riseup.net> Are you arguing that users could have
> > found those logs?
> >
> > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> > and I can't imagine making them searchable. And indeed, I can't
> > imagine how Cryptome archives would have included anything from
> > /var/log/, even after system restore from backups.
> >
> > <--SNIP-->
> >
> > > Should access logs be kept for that long? Absolutely not. From what
> > > I> have read in the email exchange that was posted, the log files
> > > were> included in a NetSol total restore. My guess is that
> > > John/Cryptome did> not intentionally keep these files, and did not
> > > realize these files were> included in the archive.
> > But that's the thing. Logs should have been in /var/log/. And how
> > would the "NetSol total restore" have changed that?
>
> Not necessarily...
>
> Logs in /var/log is where they should be by default, but if the box is
> on a shared hosting account, then things are completely different. For
> instance, Bluehost charges $3.95/month, which gets you a home directory
> on a box shared with hundreds of other users. In your home directory,
> you get something like (from memory, which was a long, long time ago):
>
>   ~/
>   ~/public_www/
>   ~/public_www/html/
>   ~/public_www/access_log
>   ~/public_www/error_log
>
> So as you can see, the user does have permissions to access logs, but
> are kept in the user's _home_ directory. Now you can see why this could
> have mistakenly been distributed:
>
>   tar zcf cryptome-backup.tar.gz ~/
>
> The backup would have also slurped in all the logs. There was no malice,
> just an easy mistake that everyone here could have make given the same
> circumstances.
>
> Alfie
>
> --
>   Alfie John
>   alfiej@fastmail.fm
>
>