Why cryptome sold web logs to their paying customers?

Shelley shelley at misanthropia.org
Sat Oct 10 11:51:33 PDT 2015 

On October 10, 2015 10:16:55 AM Razer <Rayzer at riseup.net> wrote:

> From the article:
>
> > "He discovered the files when he uploaded the contents of the sticks
> > to the Internet Archive..."
>
> Where the fuck does Michael Best, "researcher", get off publishing
> material THAT IS NOT HIS WORKS OR PLAINLY PUBLIC DOMAIN to IA?
>
> This is an example of the kind of material IA expects to see:
>
> https://archive.org/details/CabaleNewsServices
>
> With permission of the creator... NOT server logs he just happens to
> have lying around.
>
> RR


The Cryptome archives *are* publicly accessible.  John limits bots and 
leechers to a certain number of files per day (as is his right, he is 
paying for the bandwidth), approx 100 iirc, but anyone who can use search 
strings can find anything on the site.

In the past, John has given his blessing to uploading the Cryptome archives 
to the torrents.  The files number close to 100K: I would not expect 
someone to inspect each document and folder of a public archive before 
uploading it, but Mike Best took the extra step to contact JY when he saw 
the log files and asked if those were part of the public archive or if 
they'd been included by mistake.  If it had been resolved at that time, the 
log files would not have been published and we would not be having this 
particular discussion.

We can see from the hash on coderman's torrent from 2014 that those same 
log files were indeed included on the USB drives sent out by Cryptome and 
in the archives John uploaded a few months ago for us to seed on torrents.  
(Which, incidentally, I'd planned on seeding as well, until my seeder box 
bit the dust and I have yet to replace it. I can tell you I would *not* 
have parsed 98,000 files before seeding the torrent.)

I haven't yet stated my personal opinion on this because I have wanted this 
to be about the slide in question.  I've been taken aback by the attacks on 
the researcher and I am worried that it's going to scare off the next 
person with important info to share.  That's a lose/lose situation.

There is no clear answer here.  Yes, we are all responsible for our own 
opsec.  Absolutely. If we access the clearnet without encryption we are 
leaving digital DNA everywhere and we get to face the consequences.  This 
incident is a good reminder of this fact.

Should access logs be kept for that long?  Absolutely not.  From what I 
have read in the email exchange that was posted, the log files were 
included in a NetSol total restore.  My guess is that John/Cryptome did not 
intentionally keep these files, and did not realize these files were 
included in the archive.  When I do incremental backups or updates on my 
own systems, I don't usually go back and check the integrity of files I've 
already archived in my closed system.  I can see where this could be an 
honest mistake that has gotten blown way out of proportion.  It's a good 
lesson to be more aware of these types of glitches.

Can we collectively agree that it's not an ideal situation, but that we are 
all human and, as such, make mistakes - and just move on to the real issue 
of the veracity/provenance of the slide attributed to the GCHQ, which 
purportedly shows the (illegal) interception of the data of Cryptome visitors?

That's the real issue here, and it *does* matter.  I implore us all to let 
the noise die down and get to the matter at hand.

Yes, with UKUSA / five eyes, GCHQ likely gets access to this type of data 
from the NSA just for the asking.  That, too, is not the point in this 
instance.

/rant

-Shelley


>
>
>
> On 10/09/2015 11:53 PM, Georgi Guninski wrote:
> > The main question is:
> >
> > 1. Why cryptome sold web logs to their paying customers?
> >
> > Related questions:
> >
> > 2. Did they do it on purpose?
> > 3. Did LEAs already had the logs via sniffing (at that time cryptome.org
> > didn't have SSL AFAIK)?
> > 4. Is it likely that the web server (and likely all internet connected
> > machines of cryptome operators) was compromised?
> >
> > In other news JYA talks in nearly prose:
> > http://www.dailydot.com/politics/cryptome-ip-leak-john-young-michael-best/
> >
>
>

More information about the cypherpunks mailing list