[cryptome] Re: Why cryptome sold web logs to their paying customers?

Michael Best themikebest at gmail.com
Sun Oct 11 12:03:52 PDT 2015


I hadn't thought of it that way. That's an interesting possibility, How
would we know?

John, can you deny receiving any NSLs, warrants, court orders, etc.?

Is the warrant canary doing it's Monty Python routine? (It has ceased to
be!)

On Sun, Oct 11, 2015 at 2:57 PM, Shelley <shelley at misanthropia.org> wrote:

> On October 11, 2015 11:44:07 AM Michael Best <themikebest at gmail.com>
> wrote:
>
> >
>> > Has anyone stopped to think that perhaps it was on absolute purpose as a
>> > warning of lack of safety on his servers due to known 'but unable to
>> speak
>> > about’ system compromise? Ie. The same fashion as a warrant canary, or
>> what
>> > have you?
>> > JYA’s stance has always seemed to have been: You’re not safe, please do
>> > not be deluded into believing any systems, statements, or mathematical
>> > systems will always have your back. Perhaps this is just to bring it
>> into
>> > the absolute light for those too dense to grasp this mindset.
>> > The above scenario would also explain his general lack of input on the
>> > situation — I myself have been expecting miles and miles of
>> (interestingly
>> > grotesque almost) prose about the situation.
>> > _benjamin
>> >
>>
>>
> bbrewer has made a good point, actually.  If someone is served a NSL, they
> are gagged - prohibited by law from saying anything about it.  Look at Nick
> from Calyx: after a decade, his gag order has finally been lifted but there
> is still a 90-day period during which the gag remains intact to give the
> feds time to appeal.  It's crazy stuff.
>
> Even if JY did it to "make a point" about all security being illusory BS,
> the log files dropped are old enough that they probably wouldn't cause much
> harm.  The same basic argument used by Wikileaks when they dropped the
> State Dept cables.
>
> -S
>
> If so, then why did he spend a week denying it, calling me a liar, saying
>> the data is fake and accusing it of being disinfo? And why not notify
>> people on the website instead of the occasional tweet about how all logs
>> leak/it's "not the worst"?
>>
>> And if it *was* purposeful, how is *that* okay? If he leaked four months
>> worth of his users' logs and metadata including search terms, *to make a
>> point*?
>>
>>
>>
>> > On Sun, Oct 11, 2015 at 2:02 PM, Shelley <shelley at misanthropia.org>
>> wrote:
>> >
>> > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
>> netsol
>> > won't let him delete the logs but Netsol says logs are disabled by
>> default[
>> >
>> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/
>> ]
>> > and you have to turn them on.
>> > So how the fuckd this really happen?
>> > I truly don't know.  I don't have any more info than anyone else, I was
>> > just musing about how it could have happened.  Obviously, hearing  JY's
>> > explanation would be the best thing.
>> > Also agree re: the /var/log issue, but I get the impression that the
>> > restored files weren't kept in the normal file tree structure.  Again, I
>> > simply don't know and I'm not trying to be an overt JY apologist - I'm
>> just
>> > saying sometimes, shit happens.  It would help if he would weigh in
>> instead
>> > of having dorks like me positing hypotheticals.
>> > -S
>> >
>> > Mirimir <mirimir at riseup.net>
>> > Are you arguing that users could have found those logs?
>> > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
>> > and I can't imagine making them searchable. And indeed, I can't imagine
>> > how Cryptome archives would have included anything from /var/log/, even
>> > after system restore from backups.
>> > <--SNIP-->
>> > > Should access logs be kept for that long? Absolutely not. From what I>
>> > have read in the email exchange that was posted, the log files were>
>> > included in a NetSol total restore. My guess is that John/Cryptome did>
>> not
>> > intentionally keep these files, and did not realize these files were>
>> > included in the archive.
>> > But that's the thing. Logs should have been in /var/log/. And how would
>> > the "NetSol total restore" have changed that?
>> > > When I do incremental backups or updates on my own systems, I don't>
>> > usually go back and check the integrity of files I've already archived>
>> in
>> > my closed system. I can see where this could be an honest mistake> that
>> has
>> > gotten blown way out of proportion. It's a good lesson to be> more
>> aware of
>> > these types of glitches.
>> > I still don't get how logs would have ended up in archives. Maybe JYA
>> > prepared a special set of archives for a collaborator. Maybe for someone
>> > helping him to understand what had happened. And then maybe he forgot
>> > about doing that. Hard to say.
>> >
>> >
>> >
>> > On October 11, 2015 10:14:15 AM "Dr. J Feinstein" <
>> drjfeinstein at mail.com>
>> > wrote:
>> >
>> >> Resend–HTML email scrubbed
>> >>
>> >
>> >>
>>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 6356 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151011/ceb1aba7/attachment-0002.txt>


More information about the cypherpunks mailing list