Why cryptome sold web logs to their paying customers?

Michael Best themikebest at gmail.com
Sun Oct 11 15:04:41 PDT 2015


Used to be you'd be accused of being COINTELPRO, now it's JTRIG. "Differing
opinion"? Almost never an option.
Different=wrong-bad-evil-enemy-hate-suspect-accuse.

On technical issues, I'm definitely a neophyte, but I'd been in contact
with JYA for quite sometime, he'd published a few documents I supplied and
shared many links on twitter. You'd think that would get him to look at the
data before smearing me. As for off-message? That's a spin term. I'm not
anti-authoritarian enough, I guess - that's quite possible by some
standards.

On Sun, Oct 11, 2015 at 5:43 PM, <cypherpunks-request at cpunks.org> wrote:

> Send cypherpunks mailing list submissions to
>         cypherpunks at cpunks.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://cpunks.org/mailman/listinfo/cypherpunks
> or, via email, send a message with subject or body 'help' to
>         cypherpunks-request at cpunks.org
>
> You can reach the person managing the list at
>         cypherpunks-owner at cpunks.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cypherpunks digest..."
>
>
> Today's Topics:
>
>    1. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (Razer)
>    2. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (bbrewer)
>    3. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (Shelley)
>    4. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (John Young)
>    5. Re: Why cryptome sold web logs to their paying customers?
>       (Alfie John)
>    6. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (Michael Best)
>    7. Re: Why cryptome sold web logs to their paying customers?
>       (Dr. J Feinstein)
>    8. Re: [cryptome] Re: Why cryptome sold web logs to their paying
>       customers? (Dr. J Feinstein)
>    9. Re: Why cryptome sold web logs to their paying customers?
>       (Travis Biehn)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 11 Oct 2015 13:25:03 -0700
> From: Razer <Rayzer at riseup.net>
> To: cypherpunks at cpunks.org
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID: <561AC59F.9070508 at riseup.net>
> Content-Type: text/plain; charset="windows-1252"
>
>
>
> On 10/11/2015 01:04 PM, Michael Best wrote:
> > That would explain keeping silent, *NOT* making up lies about me and
> > saying the data is fake.
>
> I'm not going to make JYA's argument here, even if what's been assumed
> is fact, but the strategy would be a stall at least with the potential
> for redirection from the 'dead canary' hypothesis because it's typical
> for people to explode into useless flame wars over the 'leakage' instead
> of giving serious thought beyond ego/profit motives to why the leak
> occurred.
>
> But, as a notable scientist once said... "Yes, but the whole point of
> the warrant canary is lost if you keep it a secret! Why didn't you tell
> the world, eh!?!"
>
> https://www.youtube.com/watch?v=cmCKJi3CKGE
>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 836 bytes
> Desc: OpenPGP digital signature
> URL: <
> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f2ef65a/attachment-0001.sig
> >
>
> ------------------------------
>
> Message: 2
> Date: Sun, 11 Oct 2015 16:30:00 -0400
> From: bbrewer <bbrewer at littledystopia.net>
> To: Michael Best <themikebest at gmail.com>
> Cc: cpunks <cypherpunks at cpunks.org>, cryptome <cryptome at freelists.org>
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID: <29FDC0FF-712A-4048-AA64-67845A7CDECA at littledystopia.net>
> Content-Type: text/plain; charset=utf-8
>
>
> > On Oct 11, 2015, at 4:22 PM, Michael Best <themikebest at gmail.com> wrote:
> >
> > Anyway to rule this out other than hearing it from John? How long before
> we begin to seriously consider it or assume it?
> >
> > And if there was a NSL, why not shut down? Why put users at ongoing
> risk??
>
>
> https://en.wikipedia.org/wiki/Lavabit
>
> "Levison said that he could be arrested for closing the site instead of
> releasing the information, and it was reported that the federal
> prosecutor's office had sent Levison's lawyer an e-mail to that effect.”
>
> I’m just blabbering on suppositions here, but I wouldn’t be surprised by…
> anything.
>
> -benjamin
>
>
> ------------------------------
>
> Message: 3
> Date: Sun, 11 Oct 2015 13:49:08 -0700
> From: Shelley <shelley at misanthropia.org>
> To: bbrewer <bbrewer at littledystopia.net>, Michael Best
>         <themikebest at gmail.com>
> Cc: cpunks <cypherpunks at cpunks.org>, cryptome <cryptome at freelists.org>
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID: <20151011204851.D5DBAC00016 at frontend1.nyi.internal>
> Content-Type: text/plain; charset="UTF-8"; format=flowed
>
> On October 11, 2015 1:35:42 PM bbrewer <bbrewer at littledystopia.net> wrote:
>
> >
> > > On Oct 11, 2015, at 4:22 PM, Michael Best <themikebest at gmail.com>
> wrote:
> > >
> > > Anyway to rule this out other than hearing it from John? How long
> before
> > we begin to seriously consider it or assume it?
> > >
> > > And if there was a NSL, why not shut down? Why put users at ongoing
> risk??
> >
> >
> > https://en.wikipedia.org/wiki/Lavabit
> >
> > "Levison said that he could be arrested for closing the site instead of
> > releasing the information, and it was reported that the federal
> > prosecutor's office had sent Levison's lawyer an e-mail to that effect.”
> >
> > I’m just blabbering on suppositions here, but I wouldn’t be surprised by…
> > anything.
> >
> > -benjamin
>
> That's exactly the example I was going to post, thank you.  Yes, the feds
> can force you to keep your compromised site up; basically, anything you
> might do to warn users is verboten.
>
> Someone flaming uncharacteristically could be one of the only ways... and,
> it *is* old data.
>
> If this is the case, and that's a very tentative IF, there is not much else
> he can do (and he did as much as he could without putting himself in legal
> hot water.)
>
> -S
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Sun, 11 Oct 2015 17:03:37 -0400
> From: John Young <jya at pipeline.com>
> To: cpunks <cypherpunks at cpunks.org>, cryptome <cryptome at freelists.org>
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID: <E1ZlNmH-0000VV-40 at elasmtp-curtail.atl.sa.earthlink.net>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> https://cryptome.org/2012/07/gent-forum-spies.htm
>
> 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects:
>
> <http://cryptome.org/2014/02/gchq-cyber-effects.pdf>
> http://cryptome.org/2014/02/gchq-cyber-effects.pdf
>
>
> 24 February 2014. Related: GCHQ Online Deception:
>
> <http://cryptome.org/2014/02/gchq-online-deception.pdf>
> http://cryptome.org/2014/02/gchq-online-deception.pdf
>
>
> GCHQ DISRUPTION Operational Playbook:
>
> <http://cryptome.org/2014/02/gchq-disruption.pdf>
> http://cryptome.org/2014/02/gchq-disruption.pdf
>
>
> 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations:
>
> <http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf>
> http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf
> (18MB)
>
> 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations:
>
> <http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html>
> http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/eeffc4aa/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 5
> Date: Mon, 12 Oct 2015 08:13:50 +1100
> From: Alfie John <alfiej at fastmail.fm>
> To: cypherpunks at cpunks.org
> Subject: Re: Why cryptome sold web logs to their paying customers?
> Message-ID:
>         <1444598030.829859.407317641.4ED309A5 at webmail.messagingengine.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > Resend–HTML email scrubbed
> >
> > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > netsol won't let him delete the logs but Netsol says logs are disabled
> > by default[
> >
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/
> ]
> > and you have to turn them on.
> >
> > So how the fuckd this really happen?
> >
> > Mirimir <mirimir at riseup.net> Are you arguing that users could have
> > found those logs?
> >
> > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> > and I can't imagine making them searchable. And indeed, I can't
> > imagine how Cryptome archives would have included anything from
> > /var/log/, even after system restore from backups.
> >
> > <--SNIP-->
> >
> > > Should access logs be kept for that long? Absolutely not. From what
> > > I> have read in the email exchange that was posted, the log files
> > > were> included in a NetSol total restore. My guess is that
> > > John/Cryptome did> not intentionally keep these files, and did not
> > > realize these files were> included in the archive.
> > But that's the thing. Logs should have been in /var/log/. And how
> > would the "NetSol total restore" have changed that?
>
> Not necessarily...
>
> Logs in /var/log is where they should be by default, but if the box is
> on a shared hosting account, then things are completely different. For
> instance, Bluehost charges $3.95/month, which gets you a home directory
> on a box shared with hundreds of other users. In your home directory,
> you get something like (from memory, which was a long, long time ago):
>
>   ~/
>   ~/public_www/
>   ~/public_www/html/
>   ~/public_www/access_log
>   ~/public_www/error_log
>
> So as you can see, the user does have permissions to access logs, but
> are kept in the user's _home_ directory. Now you can see why this could
> have mistakenly been distributed:
>
>   tar zcf cryptome-backup.tar.gz ~/
>
> The backup would have also slurped in all the logs. There was no malice,
> just an easy mistake that everyone here could have make given the same
> circumstances.
>
> Alfie
>
> --
>   Alfie John
>   alfiej at fastmail.fm
>
>
>
> ------------------------------
>
> Message: 6
> Date: Sun, 11 Oct 2015 17:18:33 -0400
> From: Michael Best <themikebest at gmail.com>
> To: cryptome <cryptome at freelists.org>
> Cc: cpunks <cypherpunks at cpunks.org>
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID:
>         <CANFTA0-jX-L8c-u+kusdY_D6YzDNwtRVXgv=
> pFoOamNSgXwVTQ at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> I'm not sure what the links are meant to imply. That the log leak was a
> disruption effort by the GCHQ that was planted when NetSol restored the
> site?
>
> On Sun, Oct 11, 2015 at 5:03 PM, John Young <jya at pipeline.com> wrote:
>
> > https://cryptome.org/2012/07/gent-forum-spies.htm
> >
> > 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects:
> >
> > http://cryptome.org/2014/02/gchq-cyber-effects.pdf
> >
> > 24 February 2014. Related: GCHQ Online Deception:
> >
> > http://cryptome.org/2014/02/gchq-online-deception.pdf
> >
> > GCHQ DISRUPTION Operational Playbook:
> >
> > http://cryptome.org/2014/02/gchq-disruption.pdf
> >
> > 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations:
> >
> > http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB)
> >
> > 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations:
> >
> > http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html
> >
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23af6a29/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 7
> Date: Sun, 11 Oct 2015 23:24:15 +0200
> From: "Dr. J Feinstein" <drjfeinstein at mail.com>
> To: alfiej at fastmail.fm
> Cc: cypherpunks at cpunks.org
> Subject: Re: Why cryptome sold web logs to their paying customers?
> Message-ID:
>
> <trinity-b3ad17af-4e1b-4f86-9947-45853cfd1f4c-1444598654915 at 3capp-mailcom-lxa08
> >
>
> Content-Type: text/plain; charset=UTF-8
>
> Maybe, but why those foldersmonths only? Itd be good to hear from JYA,
> especially b/c Netsol contradicts him.
>
> > Sent: Sunday, October 11, 2015 at 9:13 PM
> > From: "Alfie John" <alfiej at fastmail.fm>
> > To: cypherpunks at cpunks.org
> > Subject: Re: Why cryptome sold web logs to their paying customers?
> >
> > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > > Resend–HTML email scrubbed
> > >
> > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > > netsol won't let him delete the logs but Netsol says logs are disabled
> > > by default[
> > >
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/
> ]
> > > and you have to turn them on.
> > >
> > > So how the fuckd this really happen?
> > >
> > > Mirimir <mirimir at riseup.net> Are you arguing that users could have
> > > found those logs?
> > >
> > > I almost can't imagine that. Logs are normally in /var/log/ somewhere,
> > > and I can't imagine making them searchable. And indeed, I can't
> > > imagine how Cryptome archives would have included anything from
> > > /var/log/, even after system restore from backups.
> > >
> > > <--SNIP-->
> > >
> > > > Should access logs be kept for that long? Absolutely not. From what
> > > > I> have read in the email exchange that was posted, the log files
> > > > were> included in a NetSol total restore. My guess is that
> > > > John/Cryptome did> not intentionally keep these files, and did not
> > > > realize these files were> included in the archive.
> > > But that's the thing. Logs should have been in /var/log/. And how
> > > would the "NetSol total restore" have changed that?
> >
> > Not necessarily...
> >
> > Logs in /var/log is where they should be by default, but if the box is
> > on a shared hosting account, then things are completely different. For
> > instance, Bluehost charges $3.95/month, which gets you a home directory
> > on a box shared with hundreds of other users. In your home directory,
> > you get something like (from memory, which was a long, long time ago):
> >
> >   ~/
> >   ~/public_www/
> >   ~/public_www/html/
> >   ~/public_www/access_log
> >   ~/public_www/error_log
> >
> > So as you can see, the user does have permissions to access logs, but
> > are kept in the user's _home_ directory. Now you can see why this could
> > have mistakenly been distributed:
> >
> >   tar zcf cryptome-backup.tar.gz ~/
> >
> > The backup would have also slurped in all the logs. There was no malice,
> > just an easy mistake that everyone here could have make given the same
> > circumstances.
> >
> > Alfie
> >
> > --
> >   Alfie John
> >   alfiej at fastmail.fm
> >
> >
>
>
>
> ------------------------------
>
> Message: 8
> Date: Sun, 11 Oct 2015 23:33:33 +0200
> From: "Dr. J Feinstein" <drjfeinstein at mail.com>
> To: "Michael Best" <themikebest at gmail.com>
> Cc: cpunks <cypherpunks at cpunks.org>, cryptome <cryptome at freelists.org>
> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying
>         customers?
> Message-ID:
>
> <trinity-135ce961-ec2d-4bd9-8df8-772b864b2834-1444599213281 at 3capp-mailcom-lxa08
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> An HTML attachment was scrubbed...
> URL: <
> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37caa80c/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 9
> Date: Sun, 11 Oct 2015 21:43:31 +0000
> From: Travis Biehn <tbiehn at gmail.com>
> To: "Dr. J Feinstein" <drjfeinstein at mail.com>, alfiej at fastmail.fm
> Cc: cypherpunks at cpunks.org
> Subject: Re: Why cryptome sold web logs to their paying customers?
> Message-ID:
>         <CAKtE3zexn9=fi1v_-7r0snYT+_+mG=ZZazfbkwoQaOFsYBat=
> A at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> It's simple.
> Someone made a mistake. Best was initially assumed full of shit by JYA, as
> he's a neophyte - and is consistently 'off-message' for this list.
>
> Others, wishing to read more into it, other than face value of hubris, see
> plans within plans.
>
> At the end of the day, Bests' disclosures amount to nothing of consequence.
> At best he overhyped them, being a neophyte. At worst he's JTRIGd the list,
> hilariously easily. The technical cognoscenti on the list stay quiet, "code
> compiling" as the good doctor says.
>
> In general, this oversight is valuable because it demonstrates one thing:
> Even if you try to delete it.
> If there's a signal it will leak. Purposefully or not.
>
> When the protocol you use doesn't provide metadata anonymity, don't expect
> it because you won't get it. If you don't understand this - keep studying.
>
> Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put
> your money where your mouth is - improve it, donate, write your own, fix
> the bug & plug the hole.
>
> Travis
>
> On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <drjfeinstein at mail.com>
> wrote:
>
> > Maybe, but why those foldersmonths only? Itd be good to hear from JYA,
> > especially b/c Netsol contradicts him.
> >
> > > Sent: Sunday, October 11, 2015 at 9:13 PM
> > > From: "Alfie John" <alfiej at fastmail.fm>
> > > To: cypherpunks at cpunks.org
> > > Subject: Re: Why cryptome sold web logs to their paying customers?
> > >
> > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote:
> > > > Resend–HTML email scrubbed
> > > >
> > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says
> > > > netsol won't let him delete the logs but Netsol says logs are
> disabled
> > > > by default[
> > > >
> >
> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/
> > ]
> > > > and you have to turn them on.
> > > >
> > > > So how the fuckd this really happen?
> > > >
> > > > Mirimir <mirimir at riseup.net> Are you arguing that users could have
> > > > found those logs?
> > > >
> > > > I almost can't imagine that. Logs are normally in /var/log/
> somewhere,
> > > > and I can't imagine making them searchable. And indeed, I can't
> > > > imagine how Cryptome archives would have included anything from
> > > > /var/log/, even after system restore from backups.
> > > >
> > > > <--SNIP-->
> > > >
> > > > > Should access logs be kept for that long? Absolutely not. From what
> > > > > I> have read in the email exchange that was posted, the log files
> > > > > were> included in a NetSol total restore. My guess is that
> > > > > John/Cryptome did> not intentionally keep these files, and did not
> > > > > realize these files were> included in the archive.
> > > > But that's the thing. Logs should have been in /var/log/. And how
> > > > would the "NetSol total restore" have changed that?
> > >
> > > Not necessarily...
> > >
> > > Logs in /var/log is where they should be by default, but if the box is
> > > on a shared hosting account, then things are completely different. For
> > > instance, Bluehost charges $3.95/month, which gets you a home directory
> > > on a box shared with hundreds of other users. In your home directory,
> > > you get something like (from memory, which was a long, long time ago):
> > >
> > >   ~/
> > >   ~/public_www/
> > >   ~/public_www/html/
> > >   ~/public_www/access_log
> > >   ~/public_www/error_log
> > >
> > > So as you can see, the user does have permissions to access logs, but
> > > are kept in the user's _home_ directory. Now you can see why this could
> > > have mistakenly been distributed:
> > >
> > >   tar zcf cryptome-backup.tar.gz ~/
> > >
> > > The backup would have also slurped in all the logs. There was no
> malice,
> > > just an easy mistake that everyone here could have make given the same
> > > circumstances.
> > >
> > > Alfie
> > >
> > > --
> > >   Alfie John
> > >   alfiej at fastmail.fm
> > >
> > >
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8ddd42d/attachment.html
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> cypherpunks mailing list
> cypherpunks at cpunks.org
> https://cpunks.org/mailman/listinfo/cypherpunks
>
>
> ------------------------------
>
> End of cypherpunks Digest, Vol 28, Issue 47
> *******************************************
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 29976 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20151011/4bf6d837/attachment-0002.txt>


More information about the cypherpunks mailing list