[cryptome] Cryptome has been leaking its user logs for over a year
Mirimir
mirimir at riseup.net
Fri Oct 9 17:58:39 PDT 2015
On 10/09/2015 03:52 AM, rysiek wrote:
> Dnia czwartek, 8 października 2015 20:45:50 Mirimir pisze:
>> On 10/08/2015 07:42 PM, coderman wrote:
>>> On 10/7/15, Michael Best <themikebest at gmail.com> wrote:
>>>> Let me begin by saying that Cryptome initially denied the leak, then that
>>>> the data was stolen, then that the whole thing was a fake "a lie by [a]
>>>> spy-newbie."
>>>
>>> the lie is assuming these requests over plain-text were ever private :P
>>
>> That is the key point!
>>
>> And anyway, all traffic to all websites is public.
>
> Oh for fucks' sake. There are fuckers who do listen in and surveil, etc, but
> it is *not* okay to make their work easier. And it is *not* okay to make one's
> server logs broadly available in such a context.
Look, Cryptome did fuck up. First, by keeping logs for more than a day
or so, whatever necessary for debugging and responding to attacks.
Second, by sending them to a third party. And third, by being so obtuse
with that third party that he felt compelled to publish them.
> Why the fuck are people on this list slamming Snowden and freedom.press for
> using Cloudflare, and at the same time defending JYA for sending out server
> logs with dates and IP addresses?
You'll never catch me slamming Snowden or defending JYA ;) And I gotta
say, Cloudflare starts looking good when your site is getting DOSed.
> The hell is this bullshit?
Bullshit, mostly ;)
More information about the cypherpunks
mailing list