Cryptome has been leaking its user logs for over a year

oshwm oshwm at openmailbox.org
Wed Oct 7 23:43:21 PDT 2015



On 08/10/15 07:29, Mark Steward wrote:
> On 8 Oct 2015 07:15, "grarpamp" <grarpamp at gmail.com> wrote:
>>
>> At the previously mentioned Masked Halloween Ball,
>> Cryptome may welcome a systems and methodology
>> review by a qualified local admin. Or not. If you are such
>> a person, ask Cryptome.
> 
> I can't think of a more futile task. Watch out for JY's "outing" of any
> such person as a TLA stooge in the next few months.
> 

So, a helpful chap approaches JY, offers to asist with auditing systems
and processes in private so no risk of embarassment (if there is any).
Does job, assists JY in fixing issues without publicising any details.
JY announces an audit was done and some issues were resolved.
Everyone goes back to BAU.

Now, as part of total disclosure, this misses a valuable part of the
process which is to publicise the audit and detailed issues found and
fixed but DOES have an overall positive effect without too much
grumbling and moaning.

Of course, we could just slag JY off instead and expect a positive result?

> Mark
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151008/0b6e2b84/attachment-0002.sig>


More information about the cypherpunks mailing list