- timestamp accurate to the second
Isis: that is an excellent point. It didn't occur to me to shave the seconds/minutes from the timestamp. That is a fantastic point and a clear oversight on my end. Minimized logs are no longer available, but when they were I should have definitely been shaving those timestamps. I sincerely thank you for catching that.
-V
On Monday, 16 May 2016, isis isis@torproject.org wrote:
Virgil Griffith transcribed 10K bytes:
I accidentally put tor-project@ on the To: field. Sorry about that.
A *likely* story. I put tor-project@ back in the To: field.
Although I personally don't consider this content to be dangerous, at least one person will consider it so, and I'd rather not antagonize that person.
Heh.
I renamed the URL to:
[snipped the URL]
Share as you see fit.
I'll refrain from stooping to your level, thanks.
-V
The above URL to dropbox which Virgil gave me contains extremely detailed logs of user behaviour, including:
- timestamp accurate to the second
- IP addresses (where only the final octet is scrubbed, reducing the set
of possible IPs in question to ~253)
- onion service requested
- full URI requested
- onion service response code
On Thu, May 12, 2016 at 5:43 PM, Virgil Griffith <i@virgil.gr
javascript:;> wrote:
Apparently tor-assistants@ no longer exists? Well, here's the logs. Share with whomever you think is appropriate.
============================================================ The earlier dates were on a different hard drive. Here's the oldest date I have on hand: Jan 25, 2016.
https://dl.dropboxusercontent.com/u/3308162/2016-01-25.log.gz
This file was replaced with a new one, which says the following:
Oops! Didn't mean to post this URL to a public mailing list. My goof.
I renamed the file and sent the new URL to isis and Matt Finkel. If you want the data, talk to either of them. I trust each of them to
distribute
the data however they see fit.
In releasing this day's worth of data, my goal is concretize the
discussion
of how much de-anonymizing power this data provides.
I claim two things: (a) Forbidding any Tor community member from using Google Ads on a Tor-related website is overbroad. (b) The de-anonymizing power of onion.link's minimized logs is substantially less than Google Ads (or equivalent).
If (a) is not true, reasonable next candidates for banishment include,
and
are not limited to:
- Grams http://grams7enufi7jmdl.onion [onionsite]
- DailyDot http://www.dailydot.com/tags/tor [clearnet]
- DeepDotWeb http://deepdot35Wvmeyd5.onion [double whammy! DeepDotWeb tracks users on its onionsite *AND* clearnet https://www.deepdotweb.com/]
And last I checked these were popular upstanding onionsites.
Obviously some people will dislike (a). And thus some people will
dislike
(b). And that's okay. The community (obviously) doesn't wish to unanimously approve of every Tor onion-site. The question is whether
using
an ad-network is a bannable offense.
Given (a) is not a bannable offense, and additionally badness(b) < badness(a). Ergo (b) not a bannable offense.
To my knowledge, The Daily Dot has never attempted to sell Tor user data to INTERPOL.
SHA1: f5eaab44c04e483ffe24c58ec558fdfaefb610b2
I forthrightly attest that:
(1) these logs are socially very interesting, but not actively
dangerous.
(2) these logs are substantially less dangerous than running Google ads, which was the alternative.
Rebuttals are welcome on tor-project@ .
If you want to see the minimized logs for a specific day I can do that
too.
Hmm… I think I've heard the word "minimised" in reference to bulk metadata collection before…
-- ♥Ⓐ isis agora lovecruft _________________________________________________________ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt