15 October 1999
This site's host, Verio, automatically provides a snooping feature which we didn't ask for, wasn't consulted on and find obnoxiously privacy-invasive: our access log automatically shows what URL was visited just prior to accessing a file here. In the case of those coming from search engines, it gives the topics and/or keywords the visitor entered for searching. Here're samples (addresses xxx-ed. The second is the NSA daily bot - note its prudent use of a proxy gateway):
xxxxx - - [03/May/1999:01:17:55 -0400] "GET /bombmake.htm HTTP/1.1" 200 33094 "http://infoseek.go.com/Titles?qt=how+to+make+a+bomb&win=_search&oq=bomb+making&sv=M6&lk=noframes&col=WW&cll=0&st=10" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)" xxxxx - - [03/May/1999:08:00:39 -0400] "GET /crypto.htm HTTP/1.0" 200 27266 "" "Mozilla/4.04 [en] (WinNT; U) via proxy gateway CERN-HTTPD/3.0 libwww/2.17"
Since we don't know who has access to our logs, and have to assume they are many (see below), keep in mind the beneficial use of an anonymizer and hope that the anonymizer is not compromised -- a long shot according to recent news reports. Here's an example of a visitor who configured an anonymizer improperly or the anonymizer <http://188.8.131.52> is faulty: the originating address, a .gov, was listed, xxx-ed here:
xxxxx - - [15/Oct/1999:15:28:34 -0400] "GET /nsa091499.txt HTTP/1.0" 200 1420 "http://184.108.40.206/http://jya.com/crypto.htm" "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
There are about 3,000 files on jya.com and cryptome.org (born June, 1999) -- texts and related graphics -- put here since June, 1996 (another 1,500 have been axed). If access statistics interest see ours. A directory of all files is available via FTP: ftp://ftp.jya.com and ftp://ftp.cryptome.org. The lists may take a while to load. The bulk of jya.com are misdated June, 1999, when Verio, our new ISP, transferred the lot.
We don't willfully disclose, but that's no assurance with the way the Internet is designed for the convenience of its operators which leaves it open to wizard intruders, greedy marketers and evil authorities. We don't know who's snooping our site and logs with intrusive tools. We see that Verio checks this site regularly; while its courteous sysadmins claim they do not snoop who knows what corruption maddens under-rockers.
Searching is not available. Use a general search engine, such as AltaVista with "jya.com" or "cryptome.org" as one of the terms.
Comments welcome: email@example.com