At 03:45 PM 04/28/2001 -0600, Anonymous wrote:
>In view of the recent "gimme-the-logs-or-we-fuck-you" activities
>of armed men
>(http://www.indymedia.org/front.php3?article_id=36912&group=webcast ,
>http://seattle.indymedia.org/display.php3?article_id=3013 )
>what would be the legal consequence of the following:
>
>1. A virus is designed that spreads itself in some standard way and that
>deletes log files of popular http server implementations.
Viruses are consistently bad things - the only advantage of a virus
in this environment is the
"What! Our logs are deleted? <expletive deleted> virus!"
level of plausible deniability. If you want to run a log-deleting application,
run it explicitly; if you want to not keep logs, do that impliciltly
or explicitly. An entertaining variation on the offshore-logs business
would be to send all your logs to log-storage.to, who will happily
release information when they receive a PGP-clearsigned message on Usenet,
or (almost as secure) when their regular probe of your website
encounters the request for the logfile in a pre-arranged page lilke
http://us.com/are_we_being_subpoenaed_yet.html
Unlike the suggestion Sandy and others have of personal appearance
at non-extraditable locations, this isn't preventing coercion -
it's only making sure the coercion is done publicly.
