> - timestamp accurate to the second
Isis: that is an excellent point. It didn't occur to me to shave the seconds/minutes from the timestamp. That is a fantastic point and a clear oversight on my end. Minimized logs are no longer available, but when they were I should have definitely been shaving those timestamps. I sincerely thank you for catching that.
-V
On Monday, 16 May 2016, isis <
isis@torproject.org> wrote:
Virgil Griffith transcribed 10K bytes:
> I accidentally put tor-project@ on the To: field. Sorry about that.
A *likely* story. I put tor-project@ back in the To: field.
> Although I personally don't consider this content to be dangerous, at
> least one person will consider it so, and I'd rather not antagonize
> that person.
Heh.
> I renamed the URL to:
[snipped the URL]
> Share as you see fit.
I'll refrain from stooping to your level, thanks.
> -V
The above URL to dropbox which Virgil gave me contains extremely detailed
logs of user behaviour, including:
- timestamp accurate to the second
- IP addresses (where only the final octet is scrubbed, reducing the set of
possible IPs in question to ~253)
- onion service requested
- full URI requested
- onion service response code
> On Thu, May 12, 2016 at 5:43 PM, Virgil Griffith <i@virgil.gr> wrote:
> > Apparently tor-assistants@ no longer exists? Well, here's the logs.
> > Share with whomever you think is appropriate.
> >
> > ============================================================
> > The earlier dates were on a different hard drive. Here's the oldest
> > date I have on hand: Jan 25, 2016.
> >
> > https://dl.dropboxusercontent.com/u/3308162/2016-01-25.log.gz
This file was replaced with a new one, which says the following:
> Oops! Didn't mean to post this URL to a public mailing list. My goof.
>
> I renamed the file and sent the new URL to isis and Matt Finkel. If you
> want the data, talk to either of them. I trust each of them to distribute
> the data however they see fit.
>
> In releasing this day's worth of data, my goal is concretize the discussion
> of how much de-anonymizing power this data provides.
>
> I claim two things:
> (a) Forbidding any Tor community member from using Google Ads on a
> Tor-related website is overbroad.
> (b) The de-anonymizing power of onion.link's minimized logs is
> substantially less than Google Ads (or equivalent).
>
> If (a) is not true, reasonable next candidates for banishment include, and
> are not limited to:
>
> * Grams http://grams7enufi7jmdl.onion [onionsite]
> * DailyDot http://www.dailydot.com/tags/tor [clearnet]
> * DeepDotWeb http://deepdot35Wvmeyd5.onion [double whammy! DeepDotWeb
> tracks users on its onionsite *AND* clearnet
> https://www.deepdotweb.com/]
>
> And last I checked these were popular upstanding onionsites.
>
> Obviously some people will dislike (a). And thus some people will dislike
> (b). And that's okay. The community (obviously) doesn't wish to
> unanimously approve of every Tor onion-site. The question is whether using
> an ad-network is a bannable offense.
>
> Given (a) is not a bannable offense, and additionally badness(b) <
> badness(a). Ergo (b) not a bannable offense.
To my knowledge, The Daily Dot has never attempted to sell Tor user data to
INTERPOL.
> > SHA1: f5eaab44c04e483ffe24c58ec558fdfaefb610b2
> >
> > I forthrightly attest that:
> >
> > (1) these logs are socially very interesting, but not actively dangerous.
> >
> > (2) these logs are substantially less dangerous than running Google
> > ads, which was the alternative.
> >
> > Rebuttals are welcome on tor-project@ .
> >
> > If you want to see the minimized logs for a specific day I can do that too.
Hmm… I think I've heard the word "minimised" in reference to bulk metadata
collection before…
--
♥Ⓐ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://fyb.patternsinthevoid.net/isis.txt