At 2:58 PM -0800 4/2/03, John Young wrote: >Ben, > >Would you care to comment for publication on web logging >described in these two files: > > http://cryptome.org/no-logs.htm > > http://cryptome.org/usage-logs.htm > >Cryptome invites comments from others who know the capabilities >of servers to log or not, and other means for protecting user privacy >by users themselves rather than by reliance upon privacy policies >of site operators and government regulation. > >This relates to the data retention debate and current initiatives >of law enforcement to subpoena, surveil, steal and manipulate >log data. > >Thanks, > >John
The http://cryptome.org/usage-logs.htm URL says: >Low resolution data in most cases is intended to be sufficient for >marketing analyses. It may take the form of IP addresses that have been >subjected to a one way hash, to refer URLs that exclude information other >than the high level domain, or temporary cookies. Note that since IPv4 addresses are 32 bits, anyone willing to dedicate a computer for a few hours can reverse a one way hash by exhaustive search. Truncating IPs seems a much more privacy friendly approach. This problem would be less acute with IPv6 addresses. Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | Due process for all | Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
