Used to be you'd be accused of being COINTELPRO, now it's JTRIG. "Differing opinion"? Almost never an option. Different=wrong-bad-evil-enemy-hate-suspect-accuse. On technical issues, I'm definitely a neophyte, but I'd been in contact with JYA for quite sometime, he'd published a few documents I supplied and shared many links on twitter. You'd think that would get him to look at the data before smearing me. As for off-message? That's a spin term. I'm not anti-authoritarian enough, I guess - that's quite possible by some standards. On Sun, Oct 11, 2015 at 5:43 PM, <[1]cypherpunks-request@cpunks.org> wrote: Send cypherpunks mailing list submissions to [2]cypherpunks@cpunks.org To subscribe or unsubscribe via the World Wide Web, visit [3]https://cpunks.org/mailman/listinfo/cypherpunks or, via email, send a message with subject or body 'help' to [4]cypherpunks-request@cpunks.org You can reach the person managing the list at [5]cypherpunks-owner@cpunks.org When replying, please edit your Subject line so it is more specific than "Re: Contents of cypherpunks digest..." Today's Topics: 1. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (Razer) 2. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (bbrewer) 3. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (Shelley) 4. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (John Young) 5. Re: Why cryptome sold web logs to their paying customers? (Alfie John) 6. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (Michael Best) 7. Re: Why cryptome sold web logs to their paying customers? (Dr. J Feinstein) 8. Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? (Dr. J Feinstein) 9. Re: Why cryptome sold web logs to their paying customers? (Travis Biehn) -------------------------------------------------------------------- -- Message: 1 Date: Sun, 11 Oct 2015 13:25:03 -0700 From: Razer <[6]Rayzer@riseup.net> To: [7]cypherpunks@cpunks.org Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: <[8]561AC59F.9070508@riseup.net> Content-Type: text/plain; charset="windows-1252" On 10/11/2015 01:04 PM, Michael Best wrote: > That would explain keeping silent, *NOT* making up lies about me and > saying the data is fake. I'm not going to make JYA's argument here, even if what's been assumed is fact, but the strategy would be a stall at least with the potential for redirection from the 'dead canary' hypothesis because it's typical for people to explode into useless flame wars over the 'leakage' instead of giving serious thought beyond ego/profit motives to why the leak occurred. But, as a notable scientist once said... "Yes, but the whole point of the warrant canary is lost if you keep it a secret! Why didn't you tell the world, eh!?!" [9]https://www.youtube.com/watch?v=cmCKJi3CKGE -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: <[10]http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f 2ef65a/attachment-0001.sig> ------------------------------ Message: 2 Date: Sun, 11 Oct 2015 16:30:00 -0400 From: bbrewer <[11]bbrewer@littledystopia.net> To: Michael Best <[12]themikebest@gmail.com> Cc: cpunks <[13]cypherpunks@cpunks.org>, cryptome <[14]cryptome@freelists.org> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: <[15]29FDC0FF-712A-4048-AA64-67845A7CDECA@littledystopia.net> Content-Type: text/plain; charset=utf-8 > On Oct 11, 2015, at 4:22 PM, Michael Best <[16]themikebest@gmail.com> wrote: > > Anyway to rule this out other than hearing it from John? How long before we begin to seriously consider it or assume it? > > And if there was a NSL, why not shut down? Why put users at ongoing risk?? [17]https://en.wikipedia.org/wiki/Lavabit "Levison said that he could be arrested for closing the site instead of releasing the information, and it was reported that the federal prosecutor's office had sent Levison's lawyer an e-mail to that effect.” I’m just blabbering on suppositions here, but I wouldn’t be surprised by… anything. -benjamin ------------------------------ Message: 3 Date: Sun, 11 Oct 2015 13:49:08 -0700 From: Shelley <[18]shelley@misanthropia.org> To: bbrewer <[19]bbrewer@littledystopia.net>, Michael Best <[20]themikebest@gmail.com> Cc: cpunks <[21]cypherpunks@cpunks.org>, cryptome <[22]cryptome@freelists.org> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: <20151011204851.D5DBAC00016@frontend1.nyi.internal> Content-Type: text/plain; charset="UTF-8"; format=flowed On October 11, 2015 1:35:42 PM bbrewer <[23]bbrewer@littledystopia.net> wrote: > > > On Oct 11, 2015, at 4:22 PM, Michael Best <[24]themikebest@gmail.com> wrote: > > > > Anyway to rule this out other than hearing it from John? How long before > we begin to seriously consider it or assume it? > > > > And if there was a NSL, why not shut down? Why put users at ongoing risk?? > > > [25]https://en.wikipedia.org/wiki/Lavabit > > "Levison said that he could be arrested for closing the site instead of > releasing the information, and it was reported that the federal > prosecutor's office had sent Levison's lawyer an e-mail to that effect.” > > I’m just blabbering on suppositions here, but I wouldn’t be surprised by… > anything. > > -benjamin That's exactly the example I was going to post, thank you. Yes, the feds can force you to keep your compromised site up; basically, anything you might do to warn users is verboten. Someone flaming uncharacteristically could be one of the only ways... and, it *is* old data. If this is the case, and that's a very tentative IF, there is not much else he can do (and he did as much as he could without putting himself in legal hot water.) -S ------------------------------ Message: 4 Date: Sun, 11 Oct 2015 17:03:37 -0400 From: John Young <[26]jya@pipeline.com> To: cpunks <[27]cypherpunks@cpunks.org>, cryptome <[28]cryptome@freelists.org> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: <[29]E1ZlNmH-0000VV-40@elasmtp-curtail.atl.sa.earthlink.net> Content-Type: text/plain; charset="utf-8"; Format="flowed" [30]https://cryptome.org/2012/07/gent-forum-spies.htm 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: <[31]http://cryptome.org/2014/02/gchq-cyber-effects.pdf>[32]http://c ryptome.org/2014/02/gchq-cyber-effects.pdf 24 February 2014. Related: GCHQ Online Deception: <[33]http://cryptome.org/2014/02/gchq-online-deception.pdf>[34]http: //cryptome.org/2014/02/gchq-online-deception.pdf GCHQ DISRUPTION Operational Playbook: <[35]http://cryptome.org/2014/02/gchq-disruption.pdf>[36]http://cryp tome.org/2014/02/gchq-disruption.pdf 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: <[37]http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf>[38]http:/ /cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB) 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: <[39]http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage. html>[40]http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabot age.html -------------- next part -------------- An HTML attachment was scrubbed... URL: <[41]http://cpunks.org/pipermail/cypherpunks/attachments/20151011/ee ffc4aa/attachment-0001.html> ------------------------------ Message: 5 Date: Mon, 12 Oct 2015 08:13:50 +1100 From: Alfie John <[42]alfiej@fastmail.fm> To: [43]cypherpunks@cpunks.org Subject: Re: Why cryptome sold web logs to their paying customers? Message-ID: <[44]1444598030.829859.407317641.4ED309A5@webmail.messagingengine.co m> Content-Type: text/plain; charset="utf-8" On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > Resend–HTML email scrubbed > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > netsol won't let him delete the logs but Netsol says logs are disabled > by default[ > [45]https://www.networksolutions.com/support/how-to-enable-download- the-web-logs/] > and you have to turn them on. > > So how the fuckd this really happen? > > Mirimir <[46]mirimir@riseup.net> Are you arguing that users could have > found those logs? > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > and I can't imagine making them searchable. And indeed, I can't > imagine how Cryptome archives would have included anything from > /var/log/, even after system restore from backups. > > <--SNIP--> > > > Should access logs be kept for that long? Absolutely not. From what > > I> have read in the email exchange that was posted, the log files > > were> included in a NetSol total restore. My guess is that > > John/Cryptome did> not intentionally keep these files, and did not > > realize these files were> included in the archive. > But that's the thing. Logs should have been in /var/log/. And how > would the "NetSol total restore" have changed that? Not necessarily... Logs in /var/log is where they should be by default, but if the box is on a shared hosting account, then things are completely different. For instance, Bluehost charges $3.95/month, which gets you a home directory on a box shared with hundreds of other users. In your home directory, you get something like (from memory, which was a long, long time ago): ~/ ~/public_www/ ~/public_www/html/ ~/public_www/access_log ~/public_www/error_log So as you can see, the user does have permissions to access logs, but are kept in the user's _home_ directory. Now you can see why this could have mistakenly been distributed: tar zcf cryptome-backup.tar.gz ~/ The backup would have also slurped in all the logs. There was no malice, just an easy mistake that everyone here could have make given the same circumstances. Alfie -- Alfie John [47]alfiej@fastmail.fm ------------------------------ Message: 6 Date: Sun, 11 Oct 2015 17:18:33 -0400 From: Michael Best <[48]themikebest@gmail.com> To: cryptome <[49]cryptome@freelists.org> Cc: cpunks <[50]cypherpunks@cpunks.org> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: Content-Type: text/plain; charset="utf-8" I'm not sure what the links are meant to imply. That the log leak was a disruption effort by the GCHQ that was planted when NetSol restored the site? On Sun, Oct 11, 2015 at 5:03 PM, John Young <[52]jya@pipeline.com> wrote: > [53]https://cryptome.org/2012/07/gent-forum-spies.htm > > 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: > > [54]http://cryptome.org/2014/02/gchq-cyber-effects.pdf > > 24 February 2014. Related: GCHQ Online Deception: > > [55]http://cryptome.org/2014/02/gchq-online-deception.pdf > > GCHQ DISRUPTION Operational Playbook: > > [56]http://cryptome.org/2014/02/gchq-disruption.pdf > > 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: > > [57]http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB) > > 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: > > [58]http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.h tml > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <[59]http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23 af6a29/attachment-0001.html> ------------------------------ Message: 7 Date: Sun, 11 Oct 2015 23:24:15 +0200 From: "Dr. J Feinstein" <[60]drjfeinstein@mail.com> To: [61]alfiej@fastmail.fm Cc: [62]cypherpunks@cpunks.org Subject: Re: Why cryptome sold web logs to their paying customers? Message-ID: Content-Type: text/plain; charset=UTF-8 Maybe, but why those foldersmonths only? Itd be good to hear from JYA, especially b/c Netsol contradicts him. > Sent: Sunday, October 11, 2015 at 9:13 PM > From: "Alfie John" <[63]alfiej@fastmail.fm> > To: [64]cypherpunks@cpunks.org > Subject: Re: Why cryptome sold web logs to their paying customers? > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > Resend–HTML email scrubbed > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > netsol won't let him delete the logs but Netsol says logs are disabled > > by default[ > > [65]https://www.networksolutions.com/support/how-to-enable-download- the-web-logs/] > > and you have to turn them on. > > > > So how the fuckd this really happen? > > > > Mirimir <[66]mirimir@riseup.net> Are you arguing that users could have > > found those logs? > > > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > > and I can't imagine making them searchable. And indeed, I can't > > imagine how Cryptome archives would have included anything from > > /var/log/, even after system restore from backups. > > > > <--SNIP--> > > > > > Should access logs be kept for that long? Absolutely not. From what > > > I> have read in the email exchange that was posted, the log files > > > were> included in a NetSol total restore. My guess is that > > > John/Cryptome did> not intentionally keep these files, and did not > > > realize these files were> included in the archive. > > But that's the thing. Logs should have been in /var/log/. And how > > would the "NetSol total restore" have changed that? > > Not necessarily... > > Logs in /var/log is where they should be by default, but if the box is > on a shared hosting account, then things are completely different. For > instance, Bluehost charges $3.95/month, which gets you a home directory > on a box shared with hundreds of other users. In your home directory, > you get something like (from memory, which was a long, long time ago): > > ~/ > ~/public_www/ > ~/public_www/html/ > ~/public_www/access_log > ~/public_www/error_log > > So as you can see, the user does have permissions to access logs, but > are kept in the user's _home_ directory. Now you can see why this could > have mistakenly been distributed: > > tar zcf cryptome-backup.tar.gz ~/ > > The backup would have also slurped in all the logs. There was no malice, > just an easy mistake that everyone here could have make given the same > circumstances. > > Alfie > > -- > Alfie John > [67]alfiej@fastmail.fm > > ------------------------------ Message: 8 Date: Sun, 11 Oct 2015 23:33:33 +0200 From: "Dr. J Feinstein" <[68]drjfeinstein@mail.com> To: "Michael Best" <[69]themikebest@gmail.com> Cc: cpunks <[70]cypherpunks@cpunks.org>, cryptome <[71]cryptome@freelists.org> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying customers? Message-ID: Content-Type: text/plain; charset="utf-8" An HTML attachment was scrubbed... URL: <[72]http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37 caa80c/attachment-0001.html> ------------------------------ Message: 9 Date: Sun, 11 Oct 2015 21:43:31 +0000 From: Travis Biehn <[73]tbiehn@gmail.com> To: "Dr. J Feinstein" <[74]drjfeinstein@mail.com>, [75]alfiej@fastmail.fm Cc: [76]cypherpunks@cpunks.org Subject: Re: Why cryptome sold web logs to their paying customers? Message-ID: Content-Type: text/plain; charset="utf-8" It's simple. Someone made a mistake. Best was initially assumed full of shit by JYA, as he's a neophyte - and is consistently 'off-message' for this list. Others, wishing to read more into it, other than face value of hubris, see plans within plans. At the end of the day, Bests' disclosures amount to nothing of consequence. At best he overhyped them, being a neophyte. At worst he's JTRIGd the list, hilariously easily. The technical cognoscenti on the list stay quiet, "code compiling" as the good doctor says. In general, this oversight is valuable because it demonstrates one thing: Even if you try to delete it. If there's a signal it will leak. Purposefully or not. When the protocol you use doesn't provide metadata anonymity, don't expect it because you won't get it. If you don't understand this - keep studying. Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put your money where your mouth is - improve it, donate, write your own, fix the bug & plug the hole. Travis On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <[78]drjfeinstein@mail.com> wrote: > Maybe, but why those foldersmonths only? Itd be good to hear from JYA, > especially b/c Netsol contradicts him. > > > Sent: Sunday, October 11, 2015 at 9:13 PM > > From: "Alfie John" <[79]alfiej@fastmail.fm> > > To: [80]cypherpunks@cpunks.org > > Subject: Re: Why cryptome sold web logs to their paying customers? > > > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > > Resend–HTML email scrubbed > > > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > > netsol won't let him delete the logs but Netsol says logs are disabled > > > by default[ > > > > [81]https://www.networksolutions.com/support/how-to-enable-download- the-web-logs/ > ] > > > and you have to turn them on. > > > > > > So how the fuckd this really happen? > > > > > > Mirimir <[82]mirimir@riseup.net> Are you arguing that users could have > > > found those logs? > > > > > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > > > and I can't imagine making them searchable. And indeed, I can't > > > imagine how Cryptome archives would have included anything from > > > /var/log/, even after system restore from backups. > > > > > > <--SNIP--> > > > > > > > Should access logs be kept for that long? Absolutely not. From what > > > > I> have read in the email exchange that was posted, the log files > > > > were> included in a NetSol total restore. My guess is that > > > > John/Cryptome did> not intentionally keep these files, and did not > > > > realize these files were> included in the archive. > > > But that's the thing. Logs should have been in /var/log/. And how > > > would the "NetSol total restore" have changed that? > > > > Not necessarily... > > > > Logs in /var/log is where they should be by default, but if the box is > > on a shared hosting account, then things are completely different. For > > instance, Bluehost charges $3.95/month, which gets you a home directory > > on a box shared with hundreds of other users. In your home directory, > > you get something like (from memory, which was a long, long time ago): > > > > ~/ > > ~/public_www/ > > ~/public_www/html/ > > ~/public_www/access_log > > ~/public_www/error_log > > > > So as you can see, the user does have permissions to access logs, but > > are kept in the user's _home_ directory. Now you can see why this could > > have mistakenly been distributed: > > > > tar zcf cryptome-backup.tar.gz ~/ > > > > The backup would have also slurped in all the logs. There was no malice, > > just an easy mistake that everyone here could have make given the same > > circumstances. > > > > Alfie > > > > -- > > Alfie John > > [83]alfiej@fastmail.fm > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <[84]http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8 ddd42d/attachment.html> ------------------------------ Subject: Digest Footer _______________________________________________ cypherpunks mailing list [85]cypherpunks@cpunks.org [86]https://cpunks.org/mailman/listinfo/cypherpunks ------------------------------ End of cypherpunks Digest, Vol 28, Issue 47 ******************************************* References 1. mailto:cypherpunks-request@cpunks.org 2. mailto:cypherpunks@cpunks.org 3. https://cpunks.org/mailman/listinfo/cypherpunks 4. mailto:cypherpunks-request@cpunks.org 5. mailto:cypherpunks-owner@cpunks.org 6. mailto:Rayzer@riseup.net 7. mailto:cypherpunks@cpunks.org 8. mailto:561AC59F.9070508@riseup.net 9. https://www.youtube.com/watch?v=cmCKJi3CKGE 10. http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f2ef65a/attachment-0001.sig 11. mailto:bbrewer@littledystopia.net 12. mailto:themikebest@gmail.com 13. mailto:cypherpunks@cpunks.org 14. mailto:cryptome@freelists.org 15. mailto:29FDC0FF-712A-4048-AA64-67845A7CDECA@littledystopia.net 16. mailto:themikebest@gmail.com 17. https://en.wikipedia.org/wiki/Lavabit 18. mailto:shelley@misanthropia.org 19. mailto:bbrewer@littledystopia.net 20. mailto:themikebest@gmail.com 21. mailto:cypherpunks@cpunks.org 22. mailto:cryptome@freelists.org 23. mailto:bbrewer@littledystopia.net 24. mailto:themikebest@gmail.com 25. https://en.wikipedia.org/wiki/Lavabit 26. mailto:jya@pipeline.com 27. mailto:cypherpunks@cpunks.org 28. mailto:cryptome@freelists.org 29. mailto:E1ZlNmH-0000VV-40@elasmtp-curtail.atl.sa.earthlink.net 30. https://cryptome.org/2012/07/gent-forum-spies.htm 31. http://cryptome.org/2014/02/gchq-cyber-effects.pdf 32. http://cryptome.org/2014/02/gchq-cyber-effects.pdf 33. http://cryptome.org/2014/02/gchq-online-deception.pdf 34. http://cryptome.org/2014/02/gchq-online-deception.pdf 35. http://cryptome.org/2014/02/gchq-disruption.pdf 36. http://cryptome.org/2014/02/gchq-disruption.pdf 37. http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf 38. http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf 39. http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html 40. http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html 41. http://cpunks.org/pipermail/cypherpunks/attachments/20151011/eeffc4aa/attachment-0001.html 42. mailto:alfiej@fastmail.fm 43. mailto:cypherpunks@cpunks.org 44. mailto:1444598030.829859.407317641.4ED309A5@webmail.messagingengine.com 45. https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ 46. mailto:mirimir@riseup.net 47. mailto:alfiej@fastmail.fm 48. mailto:themikebest@gmail.com 49. mailto:cryptome@freelists.org 50. mailto:cypherpunks@cpunks.org 51. mailto:pFoOamNSgXwVTQ@mail.gmail.com 52. mailto:jya@pipeline.com 53. https://cryptome.org/2012/07/gent-forum-spies.htm 54. http://cryptome.org/2014/02/gchq-cyber-effects.pdf 55. http://cryptome.org/2014/02/gchq-online-deception.pdf 56. http://cryptome.org/2014/02/gchq-disruption.pdf 57. http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf 58. http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html 59. http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23af6a29/attachment-0001.html 60. mailto:drjfeinstein@mail.com 61. mailto:alfiej@fastmail.fm 62. mailto:cypherpunks@cpunks.org 63. mailto:alfiej@fastmail.fm 64. mailto:cypherpunks@cpunks.org 65. https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ 66. mailto:mirimir@riseup.net 67. mailto:alfiej@fastmail.fm 68. mailto:drjfeinstein@mail.com 69. mailto:themikebest@gmail.com 70. mailto:cypherpunks@cpunks.org 71. mailto:cryptome@freelists.org 72. http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37caa80c/attachment-0001.html 73. mailto:tbiehn@gmail.com 74. mailto:drjfeinstein@mail.com 75. mailto:alfiej@fastmail.fm 76. mailto:cypherpunks@cpunks.org 77. mailto:A@mail.gmail.com 78. mailto:drjfeinstein@mail.com 79. mailto:alfiej@fastmail.fm 80. mailto:cypherpunks@cpunks.org 81. https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ 82. mailto:mirimir@riseup.net 83. mailto:alfiej@fastmail.fm 84. http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8ddd42d/attachment.html 85. mailto:cypherpunks@cpunks.org 86. https://cpunks.org/mailman/listinfo/cypherpunks