- ‘Lil Billie Xanish’ is the deepfake mashup of Billie Eilish and Lil Xan Thursday 5:10 PM
- Gossip account the Shade Room to launch 3 original series on Instagram Thursday 4:46 PM
- Biden says he asked Obama not to endorse him—but people aren’t buying it Thursday 3:17 PM
- Marvel makes more money than Harry Potter and Star Wars combined Thursday 3:13 PM
- ‘Avengers: Endgame’: Obituaries for the fallen heroes Thursday 2:51 PM
- T-Mobile, Verizon admit most Americans won’t see fast 5G Thursday 1:52 PM
- PlayStation Vue is offering a sweet streaming deal for a limited time Thursday 1:42 PM
- Twitter reportedly worried banning white nationalists would also flag some Republicans Thursday 1:31 PM
- Lawyer of cop in viral assault case calls the crime a ‘Facebook misdemeanor’ Thursday 12:33 PM
- Biden’s ‘all men’-focused announcement gets roasted Thursday 11:49 AM
- Skillshare is offering new users one month of premium for free Thursday 10:44 AM
- Report: Facebook is punishing Black people for talking about racism (updated) Thursday 10:15 AM
- Biden brings tepid language to the healthcare debate Thursday 9:52 AM
- TikTok’s ‘chin on palm’ challenge has people scratching their heads Thursday 9:01 AM
- How to stream the 2019 NFL Draft for free Thursday 9:00 AM
Leak site Cryptome accidentally leaks its own visitor IP addresses
It comes shortly after some of the site’s encryption keys were compromised.
Cryptome, the Internet’s oldest document-exposure site, inadvertently leaked months worth of its own IP logs and other server information, potentially exposing details about its privacy-conscious users.
The data, which specifically came from the Cartome sub-directory on Cryptome.org, according to Cryptome co-creator John Young, made their way into the wild when the site logs were included on a pair of USB sticks sent out to a supporter.
Twitter user Michael Best reported the problem a few days ago on his website. “Within those USBs were server logs that include user IPs (spanning several months), .htaccess files, and a pwd file,” he wrote. He discovered the files when he uploaded the contents of the sticks to the Internet Archive, Best told the Daily Dot in a Twitter message.
“Probably best to not expose visitors’ data further but then nothing can be fully deleted or hidden.”
“Scrolling down through the list, I found about a hundred awstats log files listed in a row,” he said, referring to Cryptome analytics data.
Launched in 1996 by Young and Deborah Natsios, Cryptome was born out of the cypherpunks mailing list, a space where some of the most influential players in cryptography emerged. It currently hosts tens of thousands of documents, news articles, and images, many of which pertain to cryptography, surveillance, and freedom of information. Documents made available through the site include lists of MI6 agents, details on nuclear technology, and much more. It is often referred to as the forefather of WikiLeaks.
Last month, Cryptome announced that someone had compromised some of its encryption keys.
Returning to the IP logs, Best contacted Young over email and Twitter about the problem. Eventually Cryptome said that Best had faked the data.
“When he accused me of faking the data is when I dumped it, since he didn’t acknowledge the problem and was making accusations against me,” Best said.
The data published by Best, which was reviewed by the Daily Dot, includes IP logs of visitors to certain pages of Cryptome during a few select months in 2009 and 2010. There are also files indicating what search terms people have used to land on the site.
When initially asked whether he had anything to add, Young told the Daily Dot in an email, “No.”
But shortly after, Young confirmed to Best in an email that the data was accurate.
“You were right about AWStats data. Not the stats for Cryptome itself but for the Cartome sub-directory, for four months, November 2009-February 2010,” Young wrote. “Included in a full site restoration by ISP NetSol after a full shutdown in June 2013.”
“The stats have been deleted from the Cryptome archive,” Young added. “Probably best to not expose visitors’ data further but then nothing can be fully deleted or hidden. Thanks for discovering and reporting in this.”
Best has also reportedly deleted the data from his site.
When asked whether that message was legitimate, Young told the Daily Dot in an email, “Yes.”
“Best is as dogged as Cryptome,” Young added in a later email. “We admire that and encourage him to get even more pugnacious, as if he needed it. Should be many more to offset the rising excess of suavely devious spying, advertising and oligarch ass-lickers hoboing the runaway online money train.”
Photo via Pink Sherbet Photography/Flickr (CC BY 2.0)
Joseph Cox reports on cybercrime and hacking for Vice's Motherboard site. He also maintains Spy Tech Exports on Medium, a repository for documents and data pertaining to surveillance technology. His work has also appeared on HuffPost, the MIT Technology Review, the Daily Beast, and Virus Bulletin.