Tracking the RIAA Source
John Young
jya at pipeline.com
Thu Oct 11 11:08:26 PDT 2001
Thanks to help from a person here we have developed a
likely source for the RIAA meeting messages, and at the
moment it appears likely Safeweb was used to send the
messages as well as check on the Cryptome file.
Safeweb appears to dynamically assign addresses to users,
though within a limited range which might be set by the location
of the user, but we are not sure of that. Indeed, if Safeweb
does not cloak location by avoiding a predictable range that
would be a serious weakness. But we need to test that.
Safeweb is, at least in part, hosted by the giant ISP Abovenet,
home-based in San Jose, CA, with facilities all around the
US and overseas. To help us triangulate a likely location
from which the messages were sent we need to log accesses
to Cryptome from a variety of US and overseas locations.
For example I get the same range of addresses as those of the
RIAA messages and file accesses by logging in from New York
City to Safeweb.com then using Safeweb to request a Cryptome
file. What I don't know is whether those same addresses would
be used from other physical locations around the world.
For anybody who wants to risk giving away their own location
I ask that accesses be made from the Safeweb.com from any
location in the world to a fictitious file on Cryptome:
http://cryptome.org/this-is-safeweb-xxxxxxxx.htm
Replace xxxxxxx with a clue to your location, say, texas, germany,
whereever I could identify.
The request will generate an error code and an originating address
from Safeweb which I can use to compare to what I've got for
the RIAA messages and for NYC. Presumably Safeweb will cloak
your actual IP address.
Let me emphasize that I do not yet believe the source was
perpetrating a hoax, or if so whether the hoax was run to
benefit RIAA which is the current outcome. My intention is
not to out the source if the leak is legitimate, but I damn well
want to broadcast it if RIAA, its friends or a TLA cooked up
the ruse.
Declan has jumped the gun on assigning blame here, apparently
doing little more checking than Tony Smith. But hell that
snotty Net competition at its best: fire, aim, oh, the safety was
off.
More information about the cypherpunks-legacy
mailing list