[tor-project] Fwd: Launching Ethics Guidelines

Virgil Griffith i at virgil.gr
Mon May 16 08:32:21 UTC 2016 

  > - timestamp accurate to the second

Isis: that is an excellent point.  It didn't occur to me to shave the
seconds/minutes from the timestamp.  That is a fantastic point and a clear
oversight on my end.   Minimized logs are no longer available, but when
they were I should have definitely been shaving those timestamps.  I
sincerely thank you for catching that.

-V

On Monday, 16 May 2016, isis <isis at torproject.org> wrote:

> Virgil Griffith transcribed 10K bytes:
> > I accidentally put tor-project@ on the To: field.  Sorry about that.
>
> A *likely* story.  I put tor-project@ back in the To: field.
>
> > Although I personally don't consider this content to be dangerous, at
> > least one person will consider it so, and I'd rather not antagonize
> > that person.
>
> Heh.
>
> > I renamed the URL to:
>
> [snipped the URL]
>
> > Share as you see fit.
>
> I'll refrain from stooping to your level, thanks.
>
> > -V
>
> The above URL to dropbox which Virgil gave me contains extremely detailed
> logs of user behaviour, including:
>
>   - timestamp accurate to the second
>   - IP addresses (where only the final octet is scrubbed, reducing the set
> of
>     possible IPs in question to ~253)
>   - onion service requested
>   - full URI requested
>   - onion service response code
>
> > On Thu, May 12, 2016 at 5:43 PM, Virgil Griffith <i at virgil.gr
> <javascript:;>> wrote:
> > > Apparently tor-assistants@ no longer exists?  Well, here's the logs.
> > > Share with whomever you think is appropriate.
> > >
> > > ============================================================
> > > The earlier dates were on a different hard drive.  Here's the oldest
> > > date I have on hand: Jan 25, 2016.
> > >
> > > https://dl.dropboxusercontent.com/u/3308162/2016-01-25.log.gz
>
>
> This file was replaced with a new one, which says the following:
>
>
> > Oops!  Didn't mean to post this URL to a public mailing list.  My goof.
> >
> > I renamed the file and sent the new URL to isis and Matt Finkel.  If you
> > want the data, talk to either of them.  I trust each of them to
> distribute
> > the data however they see fit.
> >
> > In releasing this day's worth of data, my goal is concretize the
> discussion
> > of how much de-anonymizing power this data provides.
> >
> > I claim two things:
> >    (a) Forbidding any Tor community member from using Google Ads on a
> >        Tor-related website is overbroad.
> >    (b) The de-anonymizing power of onion.link's minimized logs is
> >        substantially less than Google Ads (or equivalent).
> >
> > If (a) is not true, reasonable next candidates for banishment include,
> and
> > are not limited to:
> >
> >    * Grams       http://grams7enufi7jmdl.onion      [onionsite]
> >    * DailyDot    http://www.dailydot.com/tags/tor   [clearnet]
> >    * DeepDotWeb http://deepdot35Wvmeyd5.onion [double whammy! DeepDotWeb
> >      tracks users on its onionsite *AND* clearnet
> >      https://www.deepdotweb.com/]
> >
> > And last I checked these were popular upstanding onionsites.
> >
> > Obviously some people will dislike (a).  And thus some people will
> dislike
> > (b).  And that's okay.  The community (obviously) doesn't wish to
> > unanimously approve of every Tor onion-site.  The question is whether
> using
> > an ad-network is a bannable offense.
> >
> > Given (a) is not a bannable offense, and additionally badness(b) <
> > badness(a).  Ergo (b) not a bannable offense.
>
> To my knowledge, The Daily Dot has never attempted to sell Tor user data to
> INTERPOL.
>
> > > SHA1: f5eaab44c04e483ffe24c58ec558fdfaefb610b2
> > >
> > > I forthrightly attest that:
> > >
> > > (1) these logs are socially very interesting, but not actively
> dangerous.
> > >
> > > (2) these logs are substantially less dangerous than running Google
> > > ads, which was the alternative.
> > >
> > > Rebuttals are welcome on tor-project@ .
> > >
> > > If you want to see the minimized logs for a specific day I can do that
> too.
>
> Hmm… I think I've heard the word "minimised" in reference to bulk metadata
> collection before…
>
> --
>  ♥Ⓐ isis agora lovecruft
> _________________________________________________________
> OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
> Current Keys: https://fyb.patternsinthevoid.net/isis.txt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20160516/2893fa91/attachment.html>

More information about the tor-project mailing list