Why cryptome sold web logs to their paying customers?

Travis Biehn tbiehn at gmail.com
Sun Oct 11 19:31:04 PDT 2015


Your onion or your clearsite?
How do you establish that your onion and clearsite host the same content?
How do you federate changes from your onion to your clearsite?
What do you do if your clearsite gets seized and used to serve up TAO
payloads?
How do you prevent your upstream from logging the IP addresses that hit
port 80 and 443? The size of those messages (you know the https sizing
attacks which can reveal which particular pages your visitors are on,
right)?

How do you make your visitors aware of the above and more? How do you
ensure that they saw your message?

-Travis

On Sun, Oct 11, 2015 at 10:15 PM, Mirimir <mirimir at riseup.net> wrote:

> On 10/11/2015 07:49 PM, Travis Biehn wrote:
> > I'd rather have what you call 'lazy' over nothing.
>
> Look, I mean no disrespect to Cryptome. But I do think that there ought
> to be a warning for users to protect themselves, if they don't want
> their access logged by everyone and their little yellow dog.
>
> > The ideal is all distribution modes available: "Keep the info off the
> dark
> > web, off the deep web and in the search indexes."
> >
> > Cryptome shows up on google searches. Your onion does not.
>
> Well, Cryptome has been around for about 20 years, so hey ;)
>
> But Google is indexing it. And it shows up well enough in relevant
> searches. But I haven't been promoting it very much.
>
> > -Travis
> >
> > On Sun, Oct 11, 2015 at 9:38 PM, Mirimir <mirimir at riseup.net> wrote:
> >
> >> On 10/11/2015 06:20 PM, Travis Biehn wrote:
> >>> A billboard doesn't need much 'security.' *shrug*
> >>
> >> Well, there are the access logs ;)
> >>
> >> It ought to be an onion service, no? No sure bet, of course, but better
> >> than nothing. In my opinion.
> >>
> >> Putting it all on users is awfully lazy, I think.
> >>
> >>> Travis
> >>>
> >>> On Sun, Oct 11, 2015, 8:18 PM John Young <jya at pipeline.com> wrote:
> >>>
> >>>>
> >>>>> I would not have expected Cryptome to be on shared hosting ;) But
> yes,
> >>>>> that would explain it.
> >>>>
> >>>> Shared is cheap, so are we. Shared is vuln, so are we. So are the
> others
> >>>> despite credentials and billion-dollar armaments and above all else
> >>>> secrecy and shallow oversight. That explains it.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>
> >
> >
> >
>



-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com> | Google Plus
<https://plus.google.com/+TravisBiehn>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3732 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151011/514a3e35/attachment-0002.txt>


More information about the cypherpunks mailing list