Isis: that is an excellent point. It didn't occur to me to shave the
seconds/minutes from the timestamp. That is a fantastic point and a clear
oversight on my end. Minimized logs are no longer available, but when
they were I should have definitely been shaving those timestamps. I
sincerely thank you for catching that.
Virgil Griffith transcribed 10K bytes:
I accidentally put tor-project@ on the To: field. Sorry about that.
A *likely* story. I put tor-project@ back in the To: field.
Although I personally don't consider this content to be dangerous, at
least one person will consider it so, and I'd rather not antagonize
that person.
Heh.
I renamed the URL to:
[snipped the URL]
Share as you see fit.
I'll refrain from stooping to your level, thanks.
-V
The above URL to dropbox which Virgil gave me contains extremely detailed
logs of user behaviour, including:
- timestamp accurate to the second
- IP addresses (where only the final octet is scrubbed, reducing the set
of
possible IPs in question to ~253)
- onion service requested
- full URI requested
- onion service response code
On Thu, May 12, 2016 at 5:43 PM, Virgil Griffith <i@virgil.gr
javascript:;> wrote:
Apparently tor-assistants@ no longer exists? Well, here's the logs.
Share with whomever you think is appropriate.
============================================================
The earlier dates were on a different hard drive. Here's the oldest
date I have on hand: Jan 25, 2016.
https://dl.dropboxusercontent.com/u/3308162/2016-01-25.log.gz
This file was replaced with a new one, which says the following:
Oops! Didn't mean to post this URL to a public mailing list. My goof.
I renamed the file and sent the new URL to isis and Matt Finkel. If you
want the data, talk to either of them. I trust each of them to
distribute
the data however they see fit.
In releasing this day's worth of data, my goal is concretize the
discussion
of how much de-anonymizing power this data provides.
I claim two things:
(a) Forbidding any Tor community member from using Google Ads on a
Tor-related website is overbroad.
(b) The de-anonymizing power of onion.link's minimized logs is
substantially less than Google Ads (or equivalent).
If (a) is not true, reasonable next candidates for banishment include,
and
are not limited to:
And last I checked these were popular upstanding onionsites.
Obviously some people will dislike (a). And thus some people will
dislike
(b). And that's okay. The community (obviously) doesn't wish to
unanimously approve of every Tor onion-site. The question is whether
using
an ad-network is a bannable offense.
Given (a) is not a bannable offense, and additionally badness(b) <
badness(a). Ergo (b) not a bannable offense.
To my knowledge, The Daily Dot has never attempted to sell Tor user data to
INTERPOL.
SHA1: f5eaab44c04e483ffe24c58ec558fdfaefb610b2
I forthrightly attest that:
(1) these logs are socially very interesting, but not actively
dangerous.
(2) these logs are substantially less dangerous than running Google
ads, which was the alternative.
Rebuttals are welcome on tor-project@ .
If you want to see the minimized logs for a specific day I can do that
too.
Hmm… I think I've heard the word "minimised" in reference to bulk metadata
collection before…
--
♥Ⓐ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://fyb.patternsinthevoid.net/isis.txt
isis
Virgil Griffith