Several times over the years I’ve attended conferences where John Young, the proprietor of Cryptome, was registered to attend, but no one ever picked up his name tag.
I was thus very pleased to see that John Young was scheduled to lead a BoF (birds of a feather session) at CFP at 10pm Thursday night. I extricated myself from the bar punctually at 10 (incidentally, Foggy Bottom Ale is a boring beer), found the Monet ballroom…and there was no John Young. I don’t know if I and the rest of the group who turned up to hear him talk about the ways in which log files tell tales all went to the wrong place, or if he didn’t show, but I still haven’t met him.
Update: John writes to say that no one ever told him that the BoF proposal had been accepted. Grrrr….
Update(2) Here’s what he posted at cryptome.org:
Well, nobody told me my CFP BOF proposal on log file betrayal had been accepted, and there was nothing on the CFP website about it. Earlier, a CFP talk proposal on Cryptome’s updated report on field testing of DC-area intelligence facilities security had been rejected, so I figured I was dead to the opinionshapers.
Log files are the dirtiest secret of the Net. Debate about them would have been funny but not that funny, cruel but caring about denial of Net log file spying by com, edu org, blog and individuals — the greatest threat to privacy and completely unregulated, and because unadmitted and disclosed more criminal than the data-gathering by spooks and the ususal suspects so beloved to point fingers at. Got any idea what the finger-pointers do with their log files, who they are shown to, sold to, stolen by? The hoary argument that administrators need them to protect their systems is no different and no more trustworthy than what the spooks and search-engines proclaim about protecting their victims.
It’s been said before: Privacy policy is a deception if log files are kept, and nobody tells the truth about them. Privacy policy is means to hide log file exploitation for ad hits, for funding, for meeting spying contract terms, for feeling superior.
No way to avoid the plague except to diconnect: Anonymizers keep log files, produce them upon demand or for a fee, some admit it, liars swear no way, never. Proxies are penetrable and traceable. Crypto is crackable and trackable. Your 24×7 cybersecurity firm is cooptable by a covert deal. Your sweetheart aint.
Were you ever on the cyberia listserv? I have many fond memories over the years of his posts in his unique writing style. If you ever do catch him at a conference, take a picture!
Yes indeed, I was on cyberia for many years and enjoyed John’s unique writing style.