[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cryptome] Cryptome has been leaking its user logs for over a year
- To: [email protected]
- Subject: [cryptome] Cryptome has been leaking its user logs for over a year
- From: [email protected] (Georgi Guninski)
- Date: Sun, 11 Oct 2015 11:33:12 +0300
- In-reply-to: <11467154.EQhL437Qhy@lapuntu>
- References: <CANFTA0-4ZDCq-QMAj=KeT7i00OUvBWCZ2VM32HHsnzMiUhkMeg@mail.gmail.com> <3834290.gv7rWBnLsF@lapuntu> <[email protected]$> <11467154.EQhL437Qhy@lapuntu>
On Sat, Oct 10, 2015 at 10:45:21PM +0200, rysiek wrote:
> Dnia sobota, 10 października 2015 15:27:45 Georgi Guninski pisze:
> > On Sat, Oct 10, 2015 at 01:13:06PM +0200, rysiek wrote:
> > > Dnia piÄ?tek, 9 października 2015 15:42:51 Travis Biehn pisze:
> > > > 2) I hope IA and other parties don't know I was drooling over TS dox.
> > > > Use an anonymizing platform. If you're relying on the operator to 'not
> > > > keep
> > > > logs' *you're doing it wrong*, not JY.
> > >
> > > This is classic "blaming the victim" move.
> >
> > And who is the victim?
>
> All whose IP addresses and metadata (date, time UA string, etc) got published
> within the logfiles.
>
> > > Should I take care of my own opsec? By all means.
> > > Is it okay to publish/sell logs by the service provider? No, no it
> > > isn't.
> >
> > Selling logs to the customers you logged and who (if they notice) likely
> > will do the best to discredit you?
>
> Selling logs with such data to anywone, really.
>
You know the majority of customers buying USBs almost surely regularly
browsed cryptome?
Selling THEIR logged info to them is definitely insane business plan.
IMHO in this incident cryptome made several mistakes (possibly with a
little help from their "friends"). If I were JYA I would apologize for
the mistakes.
Observe that running such site makes usa your adversary, so the task is
highly non-trivial.