I choose my words for my own amusement. You got the other neophytes riled up - they're not sure how to respond to chaotic disclosure, they want to know; "what does it all mean". The old guard grumbles, SSDD.
I don't think you're COINTELPRO/JTRIG Mike. It does amuse me, however, how quick everyone is to defend/attack on a non-event, spitting someone out of this community would be pretty easy, should the powers be deem it important enough. -Travis On Sun, Oct 11, 2015 at 6:04 PM, Michael Best <[email protected]> wrote: > Used to be you'd be accused of being COINTELPRO, now it's JTRIG. > "Differing opinion"? Almost never an option. > Different=wrong-bad-evil-enemy-hate-suspect-accuse. > > On technical issues, I'm definitely a neophyte, but I'd been in contact > with JYA for quite sometime, he'd published a few documents I supplied and > shared many links on twitter. You'd think that would get him to look at the > data before smearing me. As for off-message? That's a spin term. I'm not > anti-authoritarian enough, I guess - that's quite possible by some > standards. > > On Sun, Oct 11, 2015 at 5:43 PM, <[email protected]> wrote: > >> Send cypherpunks mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://cpunks.org/mailman/listinfo/cypherpunks >> or, via email, send a message with subject or body 'help' to >> [email protected] >> >> You can reach the person managing the list at >> [email protected] >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of cypherpunks digest..." >> >> >> Today's Topics: >> >> 1. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (Razer) >> 2. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (bbrewer) >> 3. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (Shelley) >> 4. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (John Young) >> 5. Re: Why cryptome sold web logs to their paying customers? >> (Alfie John) >> 6. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (Michael Best) >> 7. Re: Why cryptome sold web logs to their paying customers? >> (Dr. J Feinstein) >> 8. Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? (Dr. J Feinstein) >> 9. Re: Why cryptome sold web logs to their paying customers? >> (Travis Biehn) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Sun, 11 Oct 2015 13:25:03 -0700 >> From: Razer <[email protected]> >> To: [email protected] >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: <[email protected]> >> Content-Type: text/plain; charset="windows-1252" >> >> >> >> >> On 10/11/2015 01:04 PM, Michael Best wrote: >> > That would explain keeping silent, *NOT* making up lies about me and >> > saying the data is fake. >> >> I'm not going to make JYA's argument here, even if what's been assumed >> is fact, but the strategy would be a stall at least with the potential >> for redirection from the 'dead canary' hypothesis because it's typical >> for people to explode into useless flame wars over the 'leakage' instead >> of giving serious thought beyond ego/profit motives to why the leak >> occurred. >> >> But, as a notable scientist once said... "Yes, but the whole point of >> the warrant canary is lost if you keep it a secret! Why didn't you tell >> the world, eh!?!" >> >> https://www.youtube.com/watch?v=cmCKJi3CKGE >> >> -------------- next part -------------- >> A non-text attachment was scrubbed... >> Name: signature.asc >> Type: application/pgp-signature >> Size: 836 bytes >> Desc: OpenPGP digital signature >> URL: < >> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/9f2ef65a/attachment-0001.sig >> > >> >> ------------------------------ >> >> Message: 2 >> Date: Sun, 11 Oct 2015 16:30:00 -0400 >> From: bbrewer <[email protected]> >> To: Michael Best <[email protected]> >> Cc: cpunks <[email protected]>, cryptome <[email protected]> >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: <[email protected]> >> Content-Type: text/plain; charset=utf-8 >> >> >> > On Oct 11, 2015, at 4:22 PM, Michael Best <[email protected]> >> wrote: >> > >> > Anyway to rule this out other than hearing it from John? How long >> before we begin to seriously consider it or assume it? >> > >> > And if there was a NSL, why not shut down? Why put users at ongoing >> risk?? >> >> >> https://en.wikipedia.org/wiki/Lavabit >> >> "Levison said that he could be arrested for closing the site instead of >> releasing the information, and it was reported that the federal >> prosecutor's office had sent Levison's lawyer an e-mail to that effect.” >> >> I’m just blabbering on suppositions here, but I wouldn’t be surprised by… >> anything. >> >> -benjamin >> >> >> ------------------------------ >> >> Message: 3 >> Date: Sun, 11 Oct 2015 13:49:08 -0700 >> From: Shelley <[email protected]> >> To: bbrewer <[email protected]>, Michael Best >> <[email protected]> >> Cc: cpunks <[email protected]>, cryptome <[email protected]> >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: <[email protected]> >> Content-Type: text/plain; charset="UTF-8"; format=flowed >> >> >> On October 11, 2015 1:35:42 PM bbrewer <[email protected]> >> wrote: >> >> > >> > > On Oct 11, 2015, at 4:22 PM, Michael Best <[email protected]> >> wrote: >> > > >> > > Anyway to rule this out other than hearing it from John? How long >> before >> > we begin to seriously consider it or assume it? >> > > >> > > And if there was a NSL, why not shut down? Why put users at ongoing >> risk?? >> > >> > >> > https://en.wikipedia.org/wiki/Lavabit >> > >> > "Levison said that he could be arrested for closing the site instead of >> > releasing the information, and it was reported that the federal >> > prosecutor's office had sent Levison's lawyer an e-mail to that effect.” >> > >> > I’m just blabbering on suppositions here, but I wouldn’t be surprised >> by… >> > anything. >> > >> > -benjamin >> >> That's exactly the example I was going to post, thank you. Yes, the feds >> can force you to keep your compromised site up; basically, anything you >> might do to warn users is verboten. >> >> Someone flaming uncharacteristically could be one of the only ways... and, >> it *is* old data. >> >> If this is the case, and that's a very tentative IF, there is not much >> else >> he can do (and he did as much as he could without putting himself in legal >> hot water.) >> >> -S >> >> >> >> >> ------------------------------ >> >> Message: 4 >> Date: Sun, 11 Oct 2015 17:03:37 -0400 >> From: John Young <[email protected]> >> To: cpunks <[email protected]>, cryptome <[email protected]> >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: <[email protected]> >> Content-Type: text/plain; charset="utf-8"; Format="flowed" >> >> https://cryptome.org/2012/07/gent-forum-spies.htm >> >> 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: >> >> <http://cryptome.org/2014/02/gchq-cyber-effects.pdf> >> http://cryptome.org/2014/02/gchq-cyber-effects.pdf >> >> >> 24 February 2014. Related: GCHQ Online Deception: >> >> <http://cryptome.org/2014/02/gchq-online-deception.pdf> >> http://cryptome.org/2014/02/gchq-online-deception.pdf >> >> >> GCHQ DISRUPTION Operational Playbook: >> >> <http://cryptome.org/2014/02/gchq-disruption.pdf> >> http://cryptome.org/2014/02/gchq-disruption.pdf >> >> >> 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: >> >> <http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf> >> http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf >> (18MB) >> >> 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: >> >> <http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html> >> http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html >> >> >> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/eeffc4aa/attachment-0001.html >> > >> >> ------------------------------ >> >> Message: 5 >> Date: Mon, 12 Oct 2015 08:13:50 +1100 >> From: Alfie John <[email protected]> >> To: [email protected] >> Subject: Re: Why cryptome sold web logs to their paying customers? >> Message-ID: >> <[email protected] >> > >> Content-Type: text/plain; charset="utf-8" >> >> >> On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: >> > Resend–HTML email scrubbed >> > >> > Calling bullshit. Mirimirs right, this makes no sense. And JYA says >> > netsol won't let him delete the logs but Netsol says logs are disabled >> > by default[ >> > >> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ >> ] >> > and you have to turn them on. >> > >> > So how the fuckd this really happen? >> > >> > Mirimir <[email protected]> Are you arguing that users could have >> > found those logs? >> > >> > I almost can't imagine that. Logs are normally in /var/log/ somewhere, >> > and I can't imagine making them searchable. And indeed, I can't >> > imagine how Cryptome archives would have included anything from >> > /var/log/, even after system restore from backups. >> > >> > <--SNIP--> >> > >> > > Should access logs be kept for that long? Absolutely not. From what >> > > I> have read in the email exchange that was posted, the log files >> > > were> included in a NetSol total restore. My guess is that >> > > John/Cryptome did> not intentionally keep these files, and did not >> > > realize these files were> included in the archive. >> > But that's the thing. Logs should have been in /var/log/. And how >> > would the "NetSol total restore" have changed that? >> >> Not necessarily... >> >> Logs in /var/log is where they should be by default, but if the box is >> on a shared hosting account, then things are completely different. For >> instance, Bluehost charges $3.95/month, which gets you a home directory >> on a box shared with hundreds of other users. In your home directory, >> you get something like (from memory, which was a long, long time ago): >> >> ~/ >> ~/public_www/ >> ~/public_www/html/ >> ~/public_www/access_log >> ~/public_www/error_log >> >> So as you can see, the user does have permissions to access logs, but >> are kept in the user's _home_ directory. Now you can see why this could >> have mistakenly been distributed: >> >> tar zcf cryptome-backup.tar.gz ~/ >> >> The backup would have also slurped in all the logs. There was no malice, >> just an easy mistake that everyone here could have make given the same >> circumstances. >> >> Alfie >> >> -- >> Alfie John >> [email protected] >> >> >> >> ------------------------------ >> >> Message: 6 >> Date: Sun, 11 Oct 2015 17:18:33 -0400 >> From: Michael Best <[email protected]> >> To: cryptome <[email protected]> >> Cc: cpunks <[email protected]> >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: >> <CANFTA0-jX-L8c-u+kusdY_D6YzDNwtRVXgv= >> [email protected]> >> Content-Type: text/plain; charset="utf-8" >> >> I'm not sure what the links are meant to imply. That the log leak was a >> disruption effort by the GCHQ that was planted when NetSol restored the >> site? >> >> On Sun, Oct 11, 2015 at 5:03 PM, John Young <[email protected]> wrote: >> >> > https://cryptome.org/2012/07/gent-forum-spies.htm >> > >> > 25 February 2014. Related: GCHQ Full-Spectrum Cyber Effects: >> > >> > http://cryptome.org/2014/02/gchq-cyber-effects.pdf >> > >> > 24 February 2014. Related: GCHQ Online Deception: >> > >> > http://cryptome.org/2014/02/gchq-online-deception.pdf >> > >> > GCHQ DISRUPTION Operational Playbook: >> > >> > http://cryptome.org/2014/02/gchq-disruption.pdf >> > >> > 29 January 2014. Related: GCHQ Squeaky Dolphin Psychological Operations: >> > >> > http://cryptome.org/2014/01/gchq-squeaky-dolphin.pdf (18MB) >> > >> > 4 March 2012. Precursor to this sabotage, OSS Sabotage of Organizations: >> > >> > http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html >> > >> > >> > >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/23af6a29/attachment-0001.html >> > >> >> ------------------------------ >> >> Message: 7 >> Date: Sun, 11 Oct 2015 23:24:15 +0200 >> From: "Dr. J Feinstein" <[email protected]> >> To: [email protected] >> Cc: [email protected] >> Subject: Re: Why cryptome sold web logs to their paying customers? >> Message-ID: >> >> <trinity-b3ad17af-4e1b-4f86-9947-45853cfd1f4c-1444598654915@3capp-mailcom-lxa08 >> > >> >> Content-Type: text/plain; charset=UTF-8 >> >> >> Maybe, but why those foldersmonths only? Itd be good to hear from JYA, >> especially b/c Netsol contradicts him. >> >> > Sent: Sunday, October 11, 2015 at 9:13 PM >> > From: "Alfie John" <[email protected]> >> > To: [email protected] >> > Subject: Re: Why cryptome sold web logs to their paying customers? >> > >> > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: >> > > Resend–HTML email scrubbed >> > > >> > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says >> > > netsol won't let him delete the logs but Netsol says logs are disabled >> > > by default[ >> > > >> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ >> ] >> > > and you have to turn them on. >> > > >> > > So how the fuckd this really happen? >> > > >> > > Mirimir <[email protected]> Are you arguing that users could have >> > > found those logs? >> > > >> > > I almost can't imagine that. Logs are normally in /var/log/ somewhere, >> > > and I can't imagine making them searchable. And indeed, I can't >> > > imagine how Cryptome archives would have included anything from >> > > /var/log/, even after system restore from backups. >> > > >> > > <--SNIP--> >> > > >> > > > Should access logs be kept for that long? Absolutely not. From what >> > > > I> have read in the email exchange that was posted, the log files >> > > > were> included in a NetSol total restore. My guess is that >> > > > John/Cryptome did> not intentionally keep these files, and did not >> > > > realize these files were> included in the archive. >> > > But that's the thing. Logs should have been in /var/log/. And how >> > > would the "NetSol total restore" have changed that? >> > >> > Not necessarily... >> > >> > Logs in /var/log is where they should be by default, but if the box is >> > on a shared hosting account, then things are completely different. For >> > instance, Bluehost charges $3.95/month, which gets you a home directory >> > on a box shared with hundreds of other users. In your home directory, >> > you get something like (from memory, which was a long, long time ago): >> > >> > ~/ >> > ~/public_www/ >> > ~/public_www/html/ >> > ~/public_www/access_log >> > ~/public_www/error_log >> > >> > So as you can see, the user does have permissions to access logs, but >> > are kept in the user's _home_ directory. Now you can see why this could >> > have mistakenly been distributed: >> > >> > tar zcf cryptome-backup.tar.gz ~/ >> > >> > The backup would have also slurped in all the logs. There was no malice, >> > just an easy mistake that everyone here could have make given the same >> > circumstances. >> > >> > Alfie >> > >> > -- >> > Alfie John >> > [email protected] >> > >> > >> >> >> >> ------------------------------ >> >> Message: 8 >> Date: Sun, 11 Oct 2015 23:33:33 +0200 >> From: "Dr. J Feinstein" <[email protected]> >> To: "Michael Best" <[email protected]> >> Cc: cpunks <[email protected]>, cryptome <[email protected]> >> Subject: Re: [cryptome] Re: Why cryptome sold web logs to their paying >> customers? >> Message-ID: >> >> <trinity-135ce961-ec2d-4bd9-8df8-772b864b2834-1444599213281@3capp-mailcom-lxa08 >> > >> >> Content-Type: text/plain; charset="utf-8" >> >> An HTML attachment was scrubbed... >> URL: < >> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/37caa80c/attachment-0001.html >> > >> >> ------------------------------ >> >> Message: 9 >> Date: Sun, 11 Oct 2015 21:43:31 +0000 >> From: Travis Biehn <[email protected]> >> To: "Dr. J Feinstein" <[email protected]>, [email protected] >> Cc: [email protected] >> Subject: Re: Why cryptome sold web logs to their paying customers? >> Message-ID: >> <CAKtE3zexn9=fi1v_-7r0snYT+_+mG=ZZazfbkwoQaOFsYBat= >> [email protected]> >> Content-Type: text/plain; charset="utf-8" >> >> >> It's simple. >> Someone made a mistake. Best was initially assumed full of shit by JYA, as >> he's a neophyte - and is consistently 'off-message' for this list. >> >> Others, wishing to read more into it, other than face value of hubris, see >> plans within plans. >> >> At the end of the day, Bests' disclosures amount to nothing of >> consequence. >> At best he overhyped them, being a neophyte. At worst he's JTRIGd the >> list, >> hilariously easily. The technical cognoscenti on the list stay quiet, >> "code >> compiling" as the good doctor says. >> >> In general, this oversight is valuable because it demonstrates one thing: >> Even if you try to delete it. >> If there's a signal it will leak. Purposefully or not. >> >> When the protocol you use doesn't provide metadata anonymity, don't expect >> it because you won't get it. If you don't understand this - keep studying. >> >> Why guess at 'motivation'? Do we need to FUD yet another leaker site? Put >> your money where your mouth is - improve it, donate, write your own, fix >> the bug & plug the hole. >> >> Travis >> >> On Sun, Oct 11, 2015, 5:28 PM Dr. J Feinstein <[email protected]> >> wrote: >> >> > Maybe, but why those foldersmonths only? Itd be good to hear from JYA, >> > especially b/c Netsol contradicts him. >> > >> > > Sent: Sunday, October 11, 2015 at 9:13 PM >> > > From: "Alfie John" <[email protected]> >> > > To: [email protected] >> > > Subject: Re: Why cryptome sold web logs to their paying customers? >> > > >> > > On Mon, Oct 12, 2015, at 04:08 AM, Dr. J Feinstein wrote: >> > > > Resend–HTML email scrubbed >> > > > >> > > > Calling bullshit. Mirimirs right, this makes no sense. And JYA says >> > > > netsol won't let him delete the logs but Netsol says logs are >> disabled >> > > > by default[ >> > > > >> > >> https://www.networksolutions.com/support/how-to-enable-download-the-web-logs/ >> > ] >> > > > and you have to turn them on. >> > > > >> > > > So how the fuckd this really happen? >> > > > >> > > > Mirimir <[email protected]> Are you arguing that users could have >> > > > found those logs? >> > > > >> > > > I almost can't imagine that. Logs are normally in /var/log/ >> somewhere, >> > > > and I can't imagine making them searchable. And indeed, I can't >> > > > imagine how Cryptome archives would have included anything from >> > > > /var/log/, even after system restore from backups. >> > > > >> > > > <--SNIP--> >> > > > >> > > > > Should access logs be kept for that long? Absolutely not. From >> what >> > > > > I> have read in the email exchange that was posted, the log files >> > > > > were> included in a NetSol total restore. My guess is that >> > > > > John/Cryptome did> not intentionally keep these files, and did not >> > > > > realize these files were> included in the archive. >> > > > But that's the thing. Logs should have been in /var/log/. And how >> > > > would the "NetSol total restore" have changed that? >> > > >> > > Not necessarily... >> > > >> > > Logs in /var/log is where they should be by default, but if the box is >> > > on a shared hosting account, then things are completely different. For >> > > instance, Bluehost charges $3.95/month, which gets you a home >> directory >> > > on a box shared with hundreds of other users. In your home directory, >> > > you get something like (from memory, which was a long, long time ago): >> > > >> > > ~/ >> > > ~/public_www/ >> > > ~/public_www/html/ >> > > ~/public_www/access_log >> > > ~/public_www/error_log >> > > >> > > So as you can see, the user does have permissions to access logs, but >> > > are kept in the user's _home_ directory. Now you can see why this >> could >> > > have mistakenly been distributed: >> > > >> > > tar zcf cryptome-backup.tar.gz ~/ >> > > >> > > The backup would have also slurped in all the logs. There was no >> malice, >> > > just an easy mistake that everyone here could have make given the same >> > > circumstances. >> > > >> > > Alfie >> > > >> > > -- >> > > Alfie John >> > > [email protected] >> > > >> > > >> > >> > >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://cpunks.org/pipermail/cypherpunks/attachments/20151011/f8ddd42d/attachment.html >> > >> >> ------------------------------ >> >> Subject: Digest Footer >> >> _______________________________________________ >> cypherpunks mailing list >> [email protected] >> https://cpunks.org/mailman/listinfo/cypherpunks >> >> >> ------------------------------ >> >> End of cypherpunks Digest, Vol 28, Issue 47 >> ******************************************* >> > > -- Twitter <https://twitter.com/tbiehn> | LinkedIn <http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn> | TravisBiehn.com <http://www.travisbiehn.com> | Google Plus <https://plus.google.com/+TravisBiehn>
