Logging of Web Usage
Bill Frantz
frantz at pwpconsult.com
Wed Apr 2 13:24:58 PST 2003
At 2:58 PM -0800 4/2/03, John Young wrote:
>Ben,
>
>Would you care to comment for publication on web logging
>described in these two files:
>
> http://cryptome.org/no-logs.htm
>
> http://cryptome.org/usage-logs.htm
>
>Cryptome invites comments from others who know the capabilities
>of servers to log or not, and other means for protecting user privacy
>by users themselves rather than by reliance upon privacy policies
>of site operators and government regulation.
>
>This relates to the data retention debate and current initiatives
>of law enforcement to subpoena, surveil, steal and manipulate
>log data.
>
>Thanks,
>
>John
The http://cryptome.org/usage-logs.htm URL says:
>Low resolution data in most cases is intended to be sufficient for
>marketing analyses. It may take the form of IP addresses that have been
>subjected to a one way hash, to refer URLs that exclude information other
>than the high level domain, or temporary cookies.
Note that since IPv4 addresses are 32 bits, anyone willing to dedicate a
computer for a few hours can reverse a one way hash by exhaustive search.
Truncating IPs seems a much more privacy friendly approach.
This problem would be less acute with IPv6 addresses.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
frantz at pwpconsult.com | American way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cypherpunks-legacy
mailing list