Why cryptome sold web logs to their paying customers?

Alfie John alfiej at fastmail.fm
Sun Oct 11 14:13:50 PDT 2015 

On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> Resend–HTML email scrubbed
>
> Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> netsol won't let him delete the logs but Netsol says logs are disabled
> by default[
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/]
> and you have to turn them on.
>
> So how the fuckd this really happen?
>
> Mirimir <mirimir at riseup.net> Are you arguing that users could have
> found those logs?
>
> I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> and I can't imagine making them searchable. And indeed, I can't
> imagine how Cryptome archives would have included anything from
> /var/log/, even after system restore from backups.
>
> <--SNIP-->
>
> > Should access logs be kept for that long? Absolutely not. From what
> > I> have read in the email exchange that was posted, the log files
> > were> included in a NetSol total restore. My guess is that
> > John/Cryptome did> not intentionally keep these files, and did not
> > realize these files were> included in the archive.
> But that's the thing. Logs should have been in /var/log/. And how
> would the "NetSol total restore" have changed that?

Not necessarily...

Logs in /var/log is where they should be by default, but if the box is
on a shared hosting account, then things are completely different. For
instance, Bluehost charges $3.95/month, which gets you a home directory
on a box shared with hundreds of other users. In your home directory,
you get something like (from memory, which was a long, long time ago):

  ~/
  ~/public_www/
  ~/public_www/html/
  ~/public_www/access_log
  ~/public_www/error_log

So as you can see, the user does have permissions to access logs, but
are kept in the user's _home_ directory. Now you can see why this could
have mistakenly been distributed:

  tar zcf cryptome-backup.tar.gz ~/

The backup would have also slurped in all the logs. There was no malice,
just an easy mistake that everyone here could have make given the same
circumstances.

Alfie

-- 
  Alfie John
  alfiej at fastmail.fm

More information about the cypherpunks mailing list