Why cryptome sold web logs to their paying customers?

Tony Arcieri bascule at gmail.com
Sun Oct 11 17:33:56 PDT 2015 

Cryptome is run by a crank who refuses to use HTTPS and thinks it's better
to just let all the passive observers see completely what is being read by
anyone who accesses Cryptome. If you ask him why, you'll get a deluge of
crazy.

I think the role of Cryptome would be better served by someone who actually
wants to use cryptography to secure content delivery. Call me crazy...

Cue claims i've been deluded by the CA cabal or don't understand SSL/TLS
attacks. I don't care. Fuck your plaintext

On Sunday, October 11, 2015, Dr. J Feinstein <drjfeinstein at mail.com> wrote:

> Calling bullshit. Mirimirs right, explanation makes no sense. And JYA says netsol won't let him delete the logs but Netsol says logs are disabled by default <https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/> and you have to turn them on.
>
> So how the fuckd this really happen?
>
> Mirimir <mirimir at riseup.net <javascript:_e(%7B%7D,'cvml','mirimir at riseup.net');>>
> Are you arguing that users could have found those logs?
>
> I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> and I can't imagine making them searchable. And indeed, I can't imagine
> how Cryptome archives would have included anything from /var/log/, even
> after system restore from backups.
>
> <--SNIP-->
>
> >* Should access logs be kept for that long?  Absolutely not.  From what I
> *>* have read in the email exchange that was posted, the log files were
> *>* included in a NetSol total restore.  My guess is that John/Cryptome did
> *>* not intentionally keep these files, and did not realize these files were
> *>* included in the archive.
> *
> But that's the thing. Logs should have been in /var/log/. And how would
> the "NetSol total restore" have changed that?
>
> >* When I do incremental backups or updates on my own systems, I don't
> *>* usually go back and check the integrity of files I've already archived
> *>* in my closed system.  I can see where this could be an honest mistake
> *>* that has gotten blown way out of proportion.  It's a good lesson to be
> *>* more aware of these types of glitches.
> *
> I still don't get how logs would have ended up in archives. Maybe JYA
> prepared a special set of archives for a collaborator. Maybe for someone
> helping him to understand what had happened. And then maybe he forgot
> about doing that. Hard to say.
>
>

-- 
Tony Arcieri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2918 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151011/a0b46827/attachment-0002.txt>

More information about the cypherpunks mailing list