Used to be you'd be accused of being COINTELPRO, now it's JTRIG. "Differing opinion"? Almost never an option. Different=wrong-bad-evil-enemy-hate-suspect-accuse.
On technical issues, I'm definitely a neophyte, but I'd been in contact with JYA for quite sometime, he'd published a few documents I supplied and shared many links on twitter. You'd think that would get him to look at the data before smearing me. As for off-message? That's a spin term. I'm not anti-authoritarian enough, I guess - that's quite possible by some standards. On Sun, Oct 11, 2015 at 5:43 PM, <[email protected]> wrote: > Send cypherpunks mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://cpunks.org/mailman/listinfo/cypherpunks > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of cypherpunks digest..." > > > Today's Topics: > > 1. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (Razer) > 2. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (bbrewer) > 3. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (Shelley) > 4. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (John Young) > 5. Re: Why cryptome sold web logs to their paying customers? > (Alfie John) > 6. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (Michael Best) > 7. Re: Why cryptome sold web logs to their paying customers? > (Dr. J Feinstein) > 8. Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? (Dr. J Feinstein) > 9. Re: Why cryptome sold web logs to their paying customers? > (Travis Biehn) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 11 Oct 2015 13:25:03 -0700 > From: Razer <[email protected]> > To: [email protected] > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: <[email protected]> > Content-Type: text/plain; charset="windows-1252" > > > > On 10/11/2015 01:04 PM, Michael Best wrote: > > That would explain keeping silent, *NOT* making up lies about me and > > saying the data is fake. > > I'm not going to make JYA's argument here, even if what's been assumed > is fact, but the strategy would be a stall at least with the potential > for redirection from the 'dead canary' hypothesis because it's typical > for people to explode into useless flame wars over the 'leakage' instead > of giving serious thought beyond ego/profit motives to why the leak > occurred. > > But, as a notable scientist once said... "Yes, but the whole point of > the warrant canary is lost if you keep it a secret! Why didn't you tell > the world, eh!?!" > > https://www.youtube.com/watch?v=cmCKJi3CKGE > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 836 bytes > Desc: OpenPGP digital signature > URL: < > http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f2ef65a/attachment-0001.sig > > > > ------------------------------ > > Message: 2 > Date: Sun, 11 Oct 2015 16:30:00 -0400 > From: bbrewer <[email protected]> > To: Michael Best <[email protected]> > Cc: cpunks <[email protected]>, cryptome <[email protected]> > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: <[email protected]> > Content-Type: text/plain; charset=utf-8 > > > > On Oct 11, 2015, at 4:22 PM, Michael Best <[email protected]> wrote: > > > > Anyway to rule this out other than hearing it from John? How long before > we begin to seriously consider it or assume it? > > > > And if there was a NSL, why not shut down? Why put users at ongoing > risk?? > > > https://en.wikipedia.org/wiki/Lavabit > > "Levison said that he could be arrested for closing the site instead of > releasing the information, and it was reported that the federal > prosecutor's office had sent Levison's lawyer an e-mail to that effect.” > > I’m just blabbering on suppositions here, but I wouldn’t be surprised by… > anything. > > -benjamin > > > ------------------------------ > > Message: 3 > Date: Sun, 11 Oct 2015 13:49:08 -0700 > From: Shelley <[email protected]> > To: bbrewer <[email protected]>, Michael Best > <[email protected]> > Cc: cpunks <[email protected]>, cryptome <[email protected]> > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: <[email protected]> > Content-Type: text/plain; charset="UTF-8"; format=flowed > > On October 11, 2015 1:35:42 PM bbrewer <[email protected]> wrote: > > > > > > On Oct 11, 2015, at 4:22 PM, Michael Best <[email protected]> > wrote: > > > > > > Anyway to rule this out other than hearing it from John? How long > before > > we begin to seriously consider it or assume it? > > > > > > And if there was a NSL, why not shut down? Why put users at ongoing > risk?? > > > > > > https://en.wikipedia.org/wiki/Lavabit > > > > "Levison said that he could be arrested for closing the site instead of > > releasing the information, and it was reported that the federal > > prosecutor's office had sent Levison's lawyer an e-mail to that effect.” > > > > I’m just blabbering on suppositions here, but I wouldn’t be surprised by… > > anything. > > > > -benjamin > > That's exactly the example I was going to post, thank you. Yes, the feds > can force you to keep your compromised site up; basically, anything you > might do to warn users is verboten. > > Someone flaming uncharacteristically could be one of the only ways... and, > it *is* old data. > > If this is the case, and that's a very tentative IF, there is not much else > he can do (and he did as much as he could without putting himself in legal > hot water.) > > -S > > > > > ------------------------------ > > Message: 4 > Date: Sun, 11 Oct 2015 17:03:37 -0400 > From: John Young <[email protected]> > To: cpunks <[email protected]>, cryptome <[email protected]> > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8"; Format="flowed" > > https://cryptome.org/2012/07/gent-forum-spies.htm > > 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: > > <http://cryptome.org/2014/02/gchq-cyber-effects.pdf> > http://cryptome.org/2014/02/gchq-cyber-effects.pdf > > > 24 February 2014. Related: GCHQ Online Deception: > > <http://cryptome.org/2014/02/gchq-online-deception.pdf> > http://cryptome.org/2014/02/gchq-online-deception.pdf > > > GCHQ DISRUPTION Operational Playbook: > > <http://cryptome.org/2014/02/gchq-disruption.pdf> > http://cryptome.org/2014/02/gchq-disruption.pdf > > > 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: > > <http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf> > http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf > (18MB) > > 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: > > <http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html> > http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://cpunks.org/pipermail/cypherpunks/attachments/20151011/eeffc4aa/attachment-0001.html > > > > ------------------------------ > > Message: 5 > Date: Mon, 12 Oct 2015 08:13:50 +1100 > From: Alfie John <[email protected]> > To: [email protected] > Subject: Re: Why cryptome sold web logs to their paying customers? > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="utf-8" > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > Resend–HTML email scrubbed > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > netsol won't let him delete the logs but Netsol says logs are disabled > > by default[ > > > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ > ] > > and you have to turn them on. > > > > So how the fuckd this really happen? > > > > Mirimir <[email protected]> Are you arguing that users could have > > found those logs? > > > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > > and I can't imagine making them searchable. And indeed, I can't > > imagine how Cryptome archives would have included anything from > > /var/log/, even after system restore from backups. > > > > <--SNIP--> > > > > > Should access logs be kept for that long? Absolutely not. From what > > > I> have read in the email exchange that was posted, the log files > > > were> included in a NetSol total restore. My guess is that > > > John/Cryptome did> not intentionally keep these files, and did not > > > realize these files were> included in the archive. > > But that's the thing. Logs should have been in /var/log/. And how > > would the "NetSol total restore" have changed that? > > Not necessarily... > > Logs in /var/log is where they should be by default, but if the box is > on a shared hosting account, then things are completely different. For > instance, Bluehost charges $3.95/month, which gets you a home directory > on a box shared with hundreds of other users. In your home directory, > you get something like (from memory, which was a long, long time ago): > > ~/ > ~/public_www/ > ~/public_www/html/ > ~/public_www/access_log > ~/public_www/error_log > > So as you can see, the user does have permissions to access logs, but > are kept in the user's _home_ directory. Now you can see why this could > have mistakenly been distributed: > > tar zcf cryptome-backup.tar.gz ~/ > > The backup would have also slurped in all the logs. There was no malice, > just an easy mistake that everyone here could have make given the same > circumstances. > > Alfie > > -- > Alfie John > [email protected] > > > > ------------------------------ > > Message: 6 > Date: Sun, 11 Oct 2015 17:18:33 -0400 > From: Michael Best <[email protected]> > To: cryptome <[email protected]> > Cc: cpunks <[email protected]> > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: > <CANFTA0-jX-L8c-u+kusdY_D6YzDNwtRVXgv= > [email protected]> > Content-Type: text/plain; charset="utf-8" > > I'm not sure what the links are meant to imply. That the log leak was a > disruption effort by the GCHQ that was planted when NetSol restored the > site? > > On Sun, Oct 11, 2015 at 5:03 PM, John Young <[email protected]> wrote: > > > https://cryptome.org/2012/07/gent-forum-spies.htm > > > > 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: > > > > http://cryptome.org/2014/02/gchq-cyber-effects.pdf > > > > 24 February 2014. Related: GCHQ Online Deception: > > > > http://cryptome.org/2014/02/gchq-online-deception.pdf > > > > GCHQ DISRUPTION Operational Playbook: > > > > http://cryptome.org/2014/02/gchq-disruption.pdf > > > > 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: > > > > http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB) > > > > 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: > > > > http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html > > > > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23af6a29/attachment-0001.html > > > > ------------------------------ > > Message: 7 > Date: Sun, 11 Oct 2015 23:24:15 +0200 > From: "Dr. J Feinstein" <[email protected]> > To: [email protected] > Cc: [email protected] > Subject: Re: Why cryptome sold web logs to their paying customers? > Message-ID: > > <trinity-b3ad17af-4e1b-4f86-9947-45853cfd1f4c-1444598654915@3capp-mailcom-lxa08 > > > > Content-Type: text/plain; charset=UTF-8 > > Maybe, but why those foldersmonths only? Itd be good to hear from JYA, > especially b/c Netsol contradicts him. > > > Sent: Sunday, October 11, 2015 at 9:13 PM > > From: "Alfie John" <[email protected]> > > To: [email protected] > > Subject: Re: Why cryptome sold web logs to their paying customers? > > > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > > Resend–HTML email scrubbed > > > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > > netsol won't let him delete the logs but Netsol says logs are disabled > > > by default[ > > > > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ > ] > > > and you have to turn them on. > > > > > > So how the fuckd this really happen? > > > > > > Mirimir <[email protected]> Are you arguing that users could have > > > found those logs? > > > > > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, > > > and I can't imagine making them searchable. And indeed, I can't > > > imagine how Cryptome archives would have included anything from > > > /var/log/, even after system restore from backups. > > > > > > <--SNIP--> > > > > > > > Should access logs be kept for that long? Absolutely not. From what > > > > I> have read in the email exchange that was posted, the log files > > > > were> included in a NetSol total restore. My guess is that > > > > John/Cryptome did> not intentionally keep these files, and did not > > > > realize these files were> included in the archive. > > > But that's the thing. Logs should have been in /var/log/. And how > > > would the "NetSol total restore" have changed that? > > > > Not necessarily... > > > > Logs in /var/log is where they should be by default, but if the box is > > on a shared hosting account, then things are completely different. For > > instance, Bluehost charges $3.95/month, which gets you a home directory > > on a box shared with hundreds of other users. In your home directory, > > you get something like (from memory, which was a long, long time ago): > > > > ~/ > > ~/public_www/ > > ~/public_www/html/ > > ~/public_www/access_log > > ~/public_www/error_log > > > > So as you can see, the user does have permissions to access logs, but > > are kept in the user's _home_ directory. Now you can see why this could > > have mistakenly been distributed: > > > > tar zcf cryptome-backup.tar.gz ~/ > > > > The backup would have also slurped in all the logs. There was no malice, > > just an easy mistake that everyone here could have make given the same > > circumstances. > > > > Alfie > > > > -- > > Alfie John > > [email protected] > > > > > > > > ------------------------------ > > Message: 8 > Date: Sun, 11 Oct 2015 23:33:33 +0200 > From: "Dr. J Feinstein" <[email protected]> > To: "Michael Best" <[email protected]> > Cc: cpunks <[email protected]>, cryptome <[email protected]> > Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying > customers? > Message-ID: > > <trinity-135ce961-ec2d-4bd9-8df8-772b864b2834-1444599213281@3capp-mailcom-lxa08 > > > > Content-Type: text/plain; charset="utf-8" > > An HTML attachment was scrubbed... > URL: < > http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37caa80c/attachment-0001.html > > > > ------------------------------ > > Message: 9 > Date: Sun, 11 Oct 2015 21:43:31 +0000 > From: Travis Biehn <[email protected]> > To: "Dr. J Feinstein" <[email protected]>, [email protected] > Cc: [email protected] > Subject: Re: Why cryptome sold web logs to their paying customers? > Message-ID: > <CAKtE3zexn9=fi1v_-7r0snYT+_+mG=ZZazfbkwoQaOFsYBat= > [email protected]> > Content-Type: text/plain; charset="utf-8" > > It's simple. > Someone made a mistake. Best was initially assumed full of shit by JYA, as > he's a neophyte - and is consistently 'off-message' for this list. > > Others, wishing to read more into it, other than face value of hubris, see > plans within plans. > > At the end of the day, Bests' disclosures amount to nothing of consequence. > At best he overhyped them, being a neophyte. At worst he's JTRIGd the list, > hilariously easily. The technical cognoscenti on the list stay quiet, "code > compiling" as the good doctor says. > > In general, this oversight is valuable because it demonstrates one thing: > Even if you try to delete it. > If there's a signal it will leak. Purposefully or not. > > When the protocol you use doesn't provide metadata anonymity, don't expect > it because you won't get it. If you don't understand this - keep studying. > > Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put > your money where your mouth is - improve it, donate, write your own, fix > the bug & plug the hole. > > Travis > > On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <[email protected]> > wrote: > > > Maybe, but why those foldersmonths only? Itd be good to hear from JYA, > > especially b/c Netsol contradicts him. > > > > > Sent: Sunday, October 11, 2015 at 9:13 PM > > > From: "Alfie John" <[email protected]> > > > To: [email protected] > > > Subject: Re: Why cryptome sold web logs to their paying customers? > > > > > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: > > > > Resend–HTML email scrubbed > > > > > > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says > > > > netsol won't let him delete the logs but Netsol says logs are > disabled > > > > by default[ > > > > > > > https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ > > ] > > > > and you have to turn them on. > > > > > > > > So how the fuckd this really happen? > > > > > > > > Mirimir <[email protected]> Are you arguing that users could have > > > > found those logs? > > > > > > > > I almost can't imagine that. Logs are normally in /var/log/ > somewhere, > > > > and I can't imagine making them searchable. And indeed, I can't > > > > imagine how Cryptome archives would have included anything from > > > > /var/log/, even after system restore from backups. > > > > > > > > <--SNIP--> > > > > > > > > > Should access logs be kept for that long? Absolutely not. From what > > > > > I> have read in the email exchange that was posted, the log files > > > > > were> included in a NetSol total restore. My guess is that > > > > > John/Cryptome did> not intentionally keep these files, and did not > > > > > realize these files were> included in the archive. > > > > But that's the thing. Logs should have been in /var/log/. And how > > > > would the "NetSol total restore" have changed that? > > > > > > Not necessarily... > > > > > > Logs in /var/log is where they should be by default, but if the box is > > > on a shared hosting account, then things are completely different. For > > > instance, Bluehost charges $3.95/month, which gets you a home directory > > > on a box shared with hundreds of other users. In your home directory, > > > you get something like (from memory, which was a long, long time ago): > > > > > > ~/ > > > ~/public_www/ > > > ~/public_www/html/ > > > ~/public_www/access_log > > > ~/public_www/error_log > > > > > > So as you can see, the user does have permissions to access logs, but > > > are kept in the user's _home_ directory. Now you can see why this could > > > have mistakenly been distributed: > > > > > > tar zcf cryptome-backup.tar.gz ~/ > > > > > > The backup would have also slurped in all the logs. There was no > malice, > > > just an easy mistake that everyone here could have make given the same > > > circumstances. > > > > > > Alfie > > > > > > -- > > > Alfie John > > > [email protected] > > > > > > > > > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8ddd42d/attachment.html > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > cypherpunks mailing list > [email protected] > https://cpunks.org/mailman/listinfo/cypherpunks > > > ------------------------------ > > End of cypherpunks Digest, Vol 28, Issue 47 > ******************************************* >
