Virgil Griffith transcribed 10K bytes:
I accidentally put tor-project@ on the To: field. Sorry about that.
A *likely* story. I put tor-project@ back in the To: field.
Although I personally don't consider this content to be dangerous, at least one person will consider it so, and I'd rather not antagonize that person.
Heh.
I renamed the URL to:
[snipped the URL]
Share as you see fit.
I'll refrain from stooping to your level, thanks.
-V
The above URL to dropbox which Virgil gave me contains extremely detailed logs of user behaviour, including:
- timestamp accurate to the second - IP addresses (where only the final octet is scrubbed, reducing the set of possible IPs in question to ~253) - onion service requested - full URI requested - onion service response code
On Thu, May 12, 2016 at 5:43 PM, Virgil Griffith i@virgil.gr wrote:
Apparently tor-assistants@ no longer exists? Well, here's the logs. Share with whomever you think is appropriate.
============================================================ The earlier dates were on a different hard drive. Here's the oldest date I have on hand: Jan 25, 2016.
https://dl.dropboxusercontent.com/u/3308162/2016-01-25.log.gz
This file was replaced with a new one, which says the following:
Oops! Didn't mean to post this URL to a public mailing list. My goof.
I renamed the file and sent the new URL to isis and Matt Finkel. If you want the data, talk to either of them. I trust each of them to distribute the data however they see fit.
In releasing this day's worth of data, my goal is concretize the discussion of how much de-anonymizing power this data provides.
I claim two things: (a) Forbidding any Tor community member from using Google Ads on a Tor-related website is overbroad. (b) The de-anonymizing power of onion.link's minimized logs is substantially less than Google Ads (or equivalent).
If (a) is not true, reasonable next candidates for banishment include, and are not limited to:
- Grams http://grams7enufi7jmdl.onion [onionsite]
- DailyDot http://www.dailydot.com/tags/tor [clearnet]
- DeepDotWeb http://deepdot35Wvmeyd5.onion [double whammy! DeepDotWeb tracks users on its onionsite *AND* clearnet https://www.deepdotweb.com/]
And last I checked these were popular upstanding onionsites.
Obviously some people will dislike (a). And thus some people will dislike (b). And that's okay. The community (obviously) doesn't wish to unanimously approve of every Tor onion-site. The question is whether using an ad-network is a bannable offense.
Given (a) is not a bannable offense, and additionally badness(b) < badness(a). Ergo (b) not a bannable offense.
To my knowledge, The Daily Dot has never attempted to sell Tor user data to INTERPOL.
SHA1: f5eaab44c04e483ffe24c58ec558fdfaefb610b2
I forthrightly attest that:
(1) these logs are socially very interesting, but not actively dangerous.
(2) these logs are substantially less dangerous than running Google ads, which was the alternative.
Rebuttals are welcome on tor-project@ .
If you want to see the minimized logs for a specific day I can do that too.
Hmm… I think I've heard the word "minimised" in reference to bulk metadata collection before…