Used to be you'd be accused of being COINTELPRO, now it's JTRIG. "Differing opinion"? Almost never an option. Different=wrong-bad-evil-enemy-hate-suspect-accuse. 

On technical issues, I'm definitely a neophyte, but I'd been in contact with JYA for quite sometime, he'd published a few documents I supplied and shared many links on twitter. You'd think that would get him to look at the data before smearing me. As for off-message? That's a spin term. I'm not anti-authoritarian enough, I guess - that's quite possible by some standards.

On Sun, Oct 11, 2015 at 5:43 PM, <cypherpunks-request@cpunks.org> wrote:
Send cypherpunks mailing list submissions to
        cypherpunks@cpunks.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://cpunks.org/mailman/listinfo/cypherpunks
or, via email, send a message with subject or body 'help' to
        cypherpunks-request@cpunks.org

You can reach the person managing the list at
        cypherpunks-owner@cpunks.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of cypherpunks digest..."


Today's Topics:

   1. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (Razer)
   2. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (bbrewer)
   3. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (Shelley)
   4. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (John Young)
   5. Re: Why cryptome sold web logs to their paying customers?
      (Alfie John)
   6. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (Michael Best)
   7. Re: Why cryptome sold web logs to their paying customers?
      (Dr. J Feinstein)
   8. Re: [cryptome] Re: Why cryptome sold web logs to their paying
      customers? (Dr. J Feinstein)
   9. Re: Why cryptome sold web logs to their paying customers?
      (Travis Biehn)


----------------------------------------------------------------------

Message: 1
Date: Sun, 11 Oct 2015 13:25:03 -0700
From: Razer <Rayzer@riseup.net>
To: cypherpunks@cpunks.org
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID: <561AC59F.9070508@riseup.net>
Content-Type: text/plain; charset="windows-1252"



On 10/11/2015 01:04 PM, Michael Best wrote:
> That would explain keeping silent, *NOT* making up lies about me and
> saying the data is fake.

I'm not going to make JYA's argument here, even if what's been assumed
is fact, but the strategy would be a stall at least with the potential
for redirection from the 'dead canary' hypothesis because it's typical
for people to explode into useless flame wars over the 'leakage' instead
of giving serious thought beyond ego/profit motives to why the leak
occurred.

But, as a notable scientist once said... "Yes, but the whole point of
the warrant canary is lost if you keep it a secret! Why didn't you tell
the world, eh!?!"

https://www.youtube.com/watch?v=cmCKJi3CKGE

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f2ef65a/attachment-0001.sig>

------------------------------

Message: 2
Date: Sun, 11 Oct 2015 16:30:00 -0400
From: bbrewer <bbrewer@littledystopia.net>
To: Michael Best <themikebest@gmail.com>
Cc: cpunks <cypherpunks@cpunks.org>, cryptome <cryptome@freelists.org>
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID: <29FDC0FF-712A-4048-AA64-67845A7CDECA@littledystopia.net>
Content-Type: text/plain; charset=utf-8


> On Oct 11, 2015, at 4:22 PM, Michael Best <themikebest@gmail.com> wrote:
>
> Anyway to rule this out other than hearing it from John? How long before we begin to seriously consider it or assume it?
>
> And if there was a NSL, why not shut down? Why put users at ongoing risk??


https://en.wikipedia.org/wiki/Lavabit

"Levison said that he could be arrested for closing the site instead of releasing the information, and it was reported that the federal prosecutor's office had sent Levison's lawyer an e-mail to that effect.”

I’m just blabbering on suppositions here, but I wouldn’t be surprised by… anything.

-benjamin


------------------------------

Message: 3
Date: Sun, 11 Oct 2015 13:49:08 -0700
From: Shelley <shelley@misanthropia.org>
To: bbrewer <bbrewer@littledystopia.net>, Michael Best
        <themikebest@gmail.com>
Cc: cpunks <cypherpunks@cpunks.org>, cryptome <cryptome@freelists.org>
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID: <20151011204851.D5DBAC00016@frontend1.nyi.internal>
Content-Type: text/plain; charset="UTF-8"; format=flowed

On October 11, 2015 1:35:42 PM bbrewer <bbrewer@littledystopia.net> wrote:

>
> > On Oct 11, 2015, at 4:22 PM, Michael Best <themikebest@gmail.com> wrote:
> >
> > Anyway to rule this out other than hearing it from John? How long before
> we begin to seriously consider it or assume it?
> >
> > And if there was a NSL, why not shut down? Why put users at ongoing risk??
>
>
> https://en.wikipedia.org/wiki/Lavabit
>
> "Levison said that he could be arrested for closing the site instead of
> releasing the information, and it was reported that the federal
> prosecutor's office had sent Levison's lawyer an e-mail to that effect.”
>
> I’m just blabbering on suppositions here, but I wouldn’t be surprised by…
> anything.
>
> -benjamin

That's exactly the example I was going to post, thank you.  Yes, the feds
can force you to keep your compromised site up; basically, anything you
might do to warn users is verboten.

Someone flaming uncharacteristically could be one of the only ways... and,
it *is* old data.

If this is the case, and that's a very tentative IF, there is not much else
he can do (and he did as much as he could without putting himself in legal
hot water.)

-S




------------------------------

Message: 4
Date: Sun, 11 Oct 2015 17:03:37 -0400
From: John Young <jya@pipeline.com>
To: cpunks <cypherpunks@cpunks.org>, cryptome <cryptome@freelists.org>
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID: <E1ZlNmH-0000VV-40@elasmtp-curtail.atl.sa.earthlink.net>
Content-Type: text/plain; charset="utf-8"; Format="flowed"

https://cryptome.org/2012/07/gent-forum-spies.htm

25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects:

<http://cryptome.org/2014/02/gchq-cyber-effects.pdf>http://cryptome.org/2014/02/gchq-cyber-effects.pdf


24 February 2014. Related: GCHQ Online Deception:

<http://cryptome.org/2014/02/gchq-online-deception.pdf>http://cryptome.org/2014/02/gchq-online-deception.pdf


GCHQ DISRUPTION Operational Playbook:

<http://cryptome.org/2014/02/gchq-disruption.pdf>http://cryptome.org/2014/02/gchq-disruption.pdf


29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations:

<http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf>http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf
(18MB)

4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations:

<http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html>http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20151011/eeffc4aa/attachment-0001.html>

------------------------------

Message: 5
Date: Mon, 12 Oct 2015 08:13:50 +1100
From: Alfie John <alfiej@fastmail.fm>
To: cypherpunks@cpunks.org
Subject: Re: Why cryptome sold web logs to their paying customers?
Message-ID:
        <1444598030.829859.407317641.4ED309A5@webmail.messagingengine.com>
Content-Type: text/plain; charset="utf-8"

On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> Resend–HTML email scrubbed
>
> Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> netsol won't let him delete the logs but Netsol says logs are disabled
> by default[
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/]
> and you have to turn them on.
>
> So how the fuckd this really happen?
>
> Mirimir <mirimir@riseup.net> Are you arguing that users could have
> found those logs?
>
> I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> and I can't imagine making them searchable. And indeed, I can't
> imagine how Cryptome archives would have included anything from
> /var/log/, even after system restore from backups.
>
> <--SNIP-->
>
> > Should access logs be kept for that long? Absolutely not. From what
> > I> have read in the email exchange that was posted, the log files
> > were> included in a NetSol total restore. My guess is that
> > John/Cryptome did> not intentionally keep these files, and did not
> > realize these files were> included in the archive.
> But that's the thing. Logs should have been in /var/log/. And how
> would the "NetSol total restore" have changed that?

Not necessarily...

Logs in /var/log is where they should be by default, but if the box is
on a shared hosting account, then things are completely different. For
instance, Bluehost charges $3.95/month, which gets you a home directory
on a box shared with hundreds of other users. In your home directory,
you get something like (from memory, which was a long, long time ago):

  ~/
  ~/public_www/
  ~/public_www/html/
  ~/public_www/access_log
  ~/public_www/error_log

So as you can see, the user does have permissions to access logs, but
are kept in the user's _home_ directory. Now you can see why this could
have mistakenly been distributed:

  tar zcf cryptome-backup.tar.gz ~/

The backup would have also slurped in all the logs. There was no malice,
just an easy mistake that everyone here could have make given the same
circumstances.

Alfie

--
  Alfie John
  alfiej@fastmail.fm



------------------------------

Message: 6
Date: Sun, 11 Oct 2015 17:18:33 -0400
From: Michael Best <themikebest@gmail.com>
To: cryptome <cryptome@freelists.org>
Cc: cpunks <cypherpunks@cpunks.org>
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID:
        <CANFTA0-jX-L8c-u+kusdY_D6YzDNwtRVXgv=pFoOamNSgXwVTQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

I'm not sure what the links are meant to imply. That the log leak was a
disruption effort by the GCHQ that was planted when NetSol restored the
site?

On Sun, Oct 11, 2015 at 5:03 PM, John Young <jya@pipeline.com> wrote:

> https://cryptome.org/2012/07/gent-forum-spies.htm
>
> 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects:
>
> http://cryptome.org/2014/02/gchq-cyber-effects.pdf
>
> 24 February 2014. Related: GCHQ Online Deception:
>
> http://cryptome.org/2014/02/gchq-online-deception.pdf
>
> GCHQ DISRUPTION Operational Playbook:
>
> http://cryptome.org/2014/02/gchq-disruption.pdf
>
> 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations:
>
> http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB)
>
> 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations:
>
> http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23af6a29/attachment-0001.html>

------------------------------

Message: 7
Date: Sun, 11 Oct 2015 23:24:15 +0200
From: "Dr. J Feinstein" <drjfeinstein@mail.com>
To: alfiej@fastmail.fm
Cc: cypherpunks@cpunks.org
Subject: Re: Why cryptome sold web logs to their paying customers?
Message-ID:
        <trinity-b3ad17af-4e1b-4f86-9947-45853cfd1f4c-1444598654915@3capp-mailcom-lxa08>

Content-Type: text/plain; charset=UTF-8

Maybe, but why those foldersmonths only? Itd be good to hear from JYA, especially b/c Netsol contradicts him.

> Sent: Sunday, October 11, 2015 at 9:13 PM
> From: "Alfie John" <alfiej@fastmail.fm>
> To: cypherpunks@cpunks.org
> Subject: Re: Why cryptome sold web logs to their paying customers?
>
> On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > Resend–HTML email scrubbed
> >
> > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > netsol won't let him delete the logs but Netsol says logs are disabled
> > by default[
> > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/]
> > and you have to turn them on.
> >
> > So how the fuckd this really happen?
> >
> > Mirimir <mirimir@riseup.net> Are you arguing that users could have
> > found those logs?
> >
> > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> > and I can't imagine making them searchable. And indeed, I can't
> > imagine how Cryptome archives would have included anything from
> > /var/log/, even after system restore from backups.
> >
> > <--SNIP-->
> >
> > > Should access logs be kept for that long? Absolutely not. From what
> > > I> have read in the email exchange that was posted, the log files
> > > were> included in a NetSol total restore. My guess is that
> > > John/Cryptome did> not intentionally keep these files, and did not
> > > realize these files were> included in the archive.
> > But that's the thing. Logs should have been in /var/log/. And how
> > would the "NetSol total restore" have changed that?
>
> Not necessarily...
>
> Logs in /var/log is where they should be by default, but if the box is
> on a shared hosting account, then things are completely different. For
> instance, Bluehost charges $3.95/month, which gets you a home directory
> on a box shared with hundreds of other users. In your home directory,
> you get something like (from memory, which was a long, long time ago):
>
>   ~/
>   ~/public_www/
>   ~/public_www/html/
>   ~/public_www/access_log
>   ~/public_www/error_log
>
> So as you can see, the user does have permissions to access logs, but
> are kept in the user's _home_ directory. Now you can see why this could
> have mistakenly been distributed:
>
>   tar zcf cryptome-backup.tar.gz ~/
>
> The backup would have also slurped in all the logs. There was no malice,
> just an easy mistake that everyone here could have make given the same
> circumstances.
>
> Alfie
>
> --
>   Alfie John
>   alfiej@fastmail.fm
>
>



------------------------------

Message: 8
Date: Sun, 11 Oct 2015 23:33:33 +0200
From: "Dr. J Feinstein" <drjfeinstein@mail.com>
To: "Michael Best" <themikebest@gmail.com>
Cc: cpunks <cypherpunks@cpunks.org>, cryptome <cryptome@freelists.org>
Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
        customers?
Message-ID:
        <trinity-135ce961-ec2d-4bd9-8df8-772b864b2834-1444599213281@3capp-mailcom-lxa08>

Content-Type: text/plain; charset="utf-8"

An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37caa80c/attachment-0001.html>

------------------------------

Message: 9
Date: Sun, 11 Oct 2015 21:43:31 +0000
From: Travis Biehn <tbiehn@gmail.com>
To: "Dr. J Feinstein" <drjfeinstein@mail.com>, alfiej@fastmail.fm
Cc: cypherpunks@cpunks.org
Subject: Re: Why cryptome sold web logs to their paying customers?
Message-ID:
        <CAKtE3zexn9=fi1v_-7r0snYT+_+mG=ZZazfbkwoQaOFsYBat=A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

It's simple.
Someone made a mistake. Best was initially assumed full of shit by JYA, as
he's a neophyte - and is consistently 'off-message' for this list.

Others, wishing to read more into it, other than face value of hubris, see
plans within plans.

At the end of the day, Bests' disclosures amount to nothing of consequence.
At best he overhyped them, being a neophyte. At worst he's JTRIGd the list,
hilariously easily. The technical cognoscenti on the list stay quiet, "code
compiling" as the good doctor says.

In general, this oversight is valuable because it demonstrates one thing:
Even if you try to delete it.
If there's a signal it will leak. Purposefully or not.

When the protocol you use doesn't provide metadata anonymity, don't expect
it because you won't get it. If you don't understand this - keep studying.

Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put
your money where your mouth is - improve it, donate, write your own, fix
the bug & plug the hole.

Travis

On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <drjfeinstein@mail.com> wrote:

> Maybe, but why those foldersmonths only? Itd be good to hear from JYA,
> especially b/c Netsol contradicts him.
>
> > Sent: Sunday, October 11, 2015 at 9:13 PM
> > From: "Alfie John" <alfiej@fastmail.fm>
> > To: cypherpunks@cpunks.org
> > Subject: Re: Why cryptome sold web logs to their paying customers?
> >
> > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > > Resend–HTML email scrubbed
> > >
> > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > > netsol won't let him delete the logs but Netsol says logs are disabled
> > > by default[
> > >
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/
> ]
> > > and you have to turn them on.
> > >
> > > So how the fuckd this really happen?
> > >
> > > Mirimir <mirimir@riseup.net> Are you arguing that users could have
> > > found those logs?
> > >
> > > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> > > and I can't imagine making them searchable. And indeed, I can't
> > > imagine how Cryptome archives would have included anything from
> > > /var/log/, even after system restore from backups.
> > >
> > > <--SNIP-->
> > >
> > > > Should access logs be kept for that long? Absolutely not. From what
> > > > I> have read in the email exchange that was posted, the log files
> > > > were> included in a NetSol total restore. My guess is that
> > > > John/Cryptome did> not intentionally keep these files, and did not
> > > > realize these files were> included in the archive.
> > > But that's the thing. Logs should have been in /var/log/. And how
> > > would the "NetSol total restore" have changed that?
> >
> > Not necessarily...
> >
> > Logs in /var/log is where they should be by default, but if the box is
> > on a shared hosting account, then things are completely different. For
> > instance, Bluehost charges $3.95/month, which gets you a home directory
> > on a box shared with hundreds of other users. In your home directory,
> > you get something like (from memory, which was a long, long time ago):
> >
> >   ~/
> >   ~/public_www/
> >   ~/public_www/html/
> >   ~/public_www/access_log
> >   ~/public_www/error_log
> >
> > So as you can see, the user does have permissions to access logs, but
> > are kept in the user's _home_ directory. Now you can see why this could
> > have mistakenly been distributed:
> >
> >   tar zcf cryptome-backup.tar.gz ~/
> >
> > The backup would have also slurped in all the logs. There was no malice,
> > just an easy mistake that everyone here could have make given the same
> > circumstances.
> >
> > Alfie
> >
> > --
> >   Alfie John
> >   alfiej@fastmail.fm
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8ddd42d/attachment.html>

------------------------------

Subject: Digest Footer

_______________________________________________
cypherpunks mailing list
cypherpunks@cpunks.org
https://cpunks.org/mailman/listinfo/cypherpunks


------------------------------

End of cypherpunks Digest, Vol 28, Issue 47
*******************************************