I was thus very pleased to see that John Young was scheduled to lead a BoF (birds of a feather session) at CFP at 10pm Thursday night. I extricated myself from the bar punctually at 10 (incidentally, Foggy Bottom Ale is a boring beer), found the Monet ballroom…and there was no John Young. I don’t know if I and the rest of the group who turned up to hear him talk about the ways in which log files tell tales all went to the wrong place, or if he didn’t show, but I still haven’t met him.
Update: John writes to say that no one ever told him that the BoF proposal had been accepted. Grrrr….
Update(2) Here’s what he posted at cryptome.org:
Well, nobody told me my CFP BOF proposal on log file betrayal had been accepted, and there was nothing on the CFP website about it. Earlier, a CFP talk proposal on Cryptome’s updated report on field testing of DC-area intelligence facilities security had been rejected, so I figured I was dead to the opinionshapers.
Log files are the dirtiest secret of the Net. Debate about them would have been funny but not that funny, cruel but caring about denial of Net log file spying by com, edu org, blog and individuals — the greatest threat to privacy and completely unregulated, and because unadmitted and disclosed more criminal than the data-gathering by spooks and the ususal suspects so beloved to point fingers at. Got any idea what the finger-pointers do with their log files, who they are shown to, sold to, stolen by? The hoary argument that administrators need them to protect their systems is no different and no more trustworthy than what the spooks and search-engines proclaim about protecting their victims.
No way to avoid the plague except to diconnect: Anonymizers keep log files, produce them upon demand or for a fee, some admit it, liars swear no way, never. Proxies are penetrable and traceable. Crypto is crackable and trackable. Your 24×7 cybersecurity firm is cooptable by a covert deal. Your sweetheart aint.