EvilZone
Hacking and Security => Anonymity and Privacy => : proxx August 03, 2013, 01:11:44 AM
-
Does Evilzone.org log IP adresses and store them?
How about the IRC?
Are there backups that hold this data?
Whats the policy?
Do you give away data upon gov request?
Please, this just crossed my mind and I feel retarded for not asking before.
-
>inb4 Evilzone is a clandestine NSA honeypot led by General Keith Alexander
-
Would love to know that? I don't want my ass get busted because of this forum.
-
A good question indeed.
As the network and setup is now. We do log everything. And I mean absolutely everything, in and out. But this is to maintain our security, not to give away to third parties. I understand completely that this can be intrusive for someone and we are planning to change this in the very near future.
We have yet to be asked to give out any information to anyone and we will not unless we are ordered to do so by a court that has jurisdiction in the country the given information is located in.
As more and more of you now know, the Alpha project is moving along and we expect it to be complete somewhere between 1 and 3 months from now. When this happens, we will have a completely new set of configurations and policies. The new alpha web page will also include a detailed privacy policy. And I can guarantee the security vs privacy will be much better.
We do not keep backups of the logs, this is not something we consider vital data for the continuation of Evilzone. Only databases + files are backed up now and then. When it comes to backup storage, it is stored on the server itself and my computer which is fully encrypted. So unless someone breaks into the server, the data is secure.
When it comes to the IRC, there is less logging but still logging. Private messages and non-monitored channels are not logged.
-
Thanks for this clear awnser.
We have yet to be asked to give out any information to anyone and we will not unless we are ordered to do so by a court that has jurisdiction in the country the given information is located in.
But thats interesting , say in case someone indeed gets an order and I know the country in which it is in has very questionable privacy rules compared to for example sweden.
So in theory due to the fact that you maintain such data its unlikely but possible to get traced (not saying otherwise you couldnt).
I very much appreciate that this will change in the near future.
Probably got some more questions but I need to think first.
-
We have yet to be asked to give out any information to anyone and we will not unless we are ordered to do so by a court that has jurisdiction in the country the given information is located in.
Just a bit of clarification, if possible: are we talking about the country where basically the server itself (which contains the logs) is located? If yes, would it be possible to know where the hosting is being done?
Thank you.
-
Just a bit of clarification, if possible: are we talking about the country where basically the server itself (which contains the logs) is located? If yes, would it be possible to know where the hosting is being done?
Thank you.
You dont have to ask that, such info is publicly availible.
I will not post any for obvious reasons.
-
Just a bit of clarification, if possible: are we talking about the country where basically the server itself (which contains the logs) is located? If yes, would it be possible to know where the hosting is being done?
Thank you.
We have several servers spread over many countries. The main web server however is currently located in Germany.
-
You dont have to ask that, such info is publicly availible.
I will not post any for obvious reasons.
I sent you a PM.
We have several servers spread over many countries. The main web server however is currently located in Germany.
Thank you ande.
-
Every website needs to do at least some logging for security reasons, it's pretty much inevitable. Not necessarily bad. If your info is given up, it's the governments fault, and not the website's, in most cases. Although you can always fight the data requests.
-
We do log everything. And I mean absolutely everything, in and out. But this is to maintain our security, ..
The logs being stored are also a part of the reason for why good security is important. If the (old) logs can be stored offline on an encrypted, powered off disk that should be done to the greatest extent possible (within reason when it comes to the time it takes to manage such a policy of course).
-
The logs being stored are also a part of the reason for why good security is important. If the (old) logs can be stored offline on an encrypted, powered off disk that should be done to the greatest extent possible (within reason when it comes to the time it takes to manage such a policy of course).
We do not care about the logs in realtime. We can find the logs being stupid and just remove them. Though when something happens we can purge the logs. And if ofcourse we want to ban someone from accesing our servers we need to log the ip and ban it.
-
I don't get what the fuzz is about. EZ is an open forum, anyone can register and check out what you wrote.
Nothing illegal is going on in here just information sharing and I believe the invite only forums would be of greater interest for any government authority.
-
I don't get what the fuzz is about. EZ is an open forum, anyone can register and check out what you wrote.
Nothing illegal is going on in here just information sharing and I believe the invite only forums would be of greater interest for any government authority.
Thats not relevant.
I do care about privacy among many others, the fact that you have nothing to hide doesnt mean that all your info should be out on the streets.
I have nothing to hide either but I wouldnt appreciate a camera in my house.
The thing that matters here is that if for whatever reason the gov wants data , it is availible to them in the form of extensive logs.
-
Thats not relevant.
I do care about privacy among many others, the fact that you have nothing to hide doesnt mean that all your info should be out on the streets.
I have nothing to hide either but I wouldnt appreciate a camera in my house.
The thing that matters here is that if for whatever reason the gov wants data , it is availible to them in the form of extensive logs.
I agree with you that privacy is important, but as for privacy on an open forum it's not really possible. You can use Tor, but that's about it.
I'm not on IRC due to Tor exit nodes being blocked.
-
I agree with you that privacy is important, but as for privacy on an open forum it's not really possible. You can use Tor, but that's about it.
I'm not on IRC due to Tor exit nodes being blocked.
lucid wrote a very good guide on anonimity, which can also apply to accessing a public forum. You might want to check it out here (http://evilzone.org/anonymity/the-art-of-anonymity-9178/).
-
I agree with you that privacy is important, but as for privacy on an open forum it's not really possible. You can use Tor, but that's about it.
You would be suprised my friend.
And no, thats not about it, dont even know where to start explaining that to you.
Modred did a proper suggestion.
There are some really good defcon talks about the subject of privacy and tracking/tapping etc.
-
We do not care about the logs in realtime. We can find the logs being stupid and just remove them. Though when something happens we can purge the logs. And if ofcourse we want to ban someone from accesing our servers we need to log the ip and ban it.
I'm not questioning your motives or the need to log, just saying that security is important partly because of all the logs being stored, since you mentioned that the logs are stored to maintain security ;)
I also do not agree with the argument that privacy is irrelevant just because you "have nothing to hide" or that "nothing illegal is going on". If common sense is not enough to understand why, modern history should be.
-
We have to set some things straight. Privacy, anonymity and security although close connected is not the same.
Privacy:
As previously stated privacy does not exist on an open forum. Data is sent back and forth, what you write is stored in clear text in the database and is tied up with your handle and all the other actions you are doing. Even though this privacy is only in connection with your handle in here, it's still lacking completely when the forum is open to everybody.
Anonymity:
You are on an open forum. Again you represent yourself with a the same handle when you write. Even if your real life privacy is not published in here, you still have certain clues as to who and what you are just based on your way of writing, how you interpret things and so forth.
Funny question: do you some time admit not knowing something, that you actually do know (not the other way around, everybody does that.. It's the internet!)? Do you some times make gramma mistakes you would not normally do? Fight for opinions that is not actually yours or you don't really believe in?
All your actions can be used to compromise your anonymity and privacy, not just logs, ips and browser data.
-
A good question indeed.
As the network and setup is now. We do log everything. And I mean absolutely everything, in and out. But this is to maintain our security, not to give away to third parties. I understand completely that this can be intrusive for someone and we are planning to change this in the very near future.
We have yet to be asked to give out any information to anyone and we will not unless we are ordered to do so by a court that has jurisdiction in the country the given information is located in.
As more and more of you now know, the Alpha project is moving along and we expect it to be complete somewhere between 1 and 3 months from now. When this happens, we will have a completely new set of configurations and policies. The new alpha web page will also include a detailed privacy policy. And I can guarantee the security vs privacy will be much better.
We do not keep backups of the logs, this is not something we consider vital data for the continuation of Evilzone. Only databases + files are backed up now and then. When it comes to backup storage, it is stored on the server itself and my computer which is fully encrypted. So unless someone breaks into the server, the data is secure.
When it comes to the IRC, there is less logging but still logging. Private messages and non-monitored channels are not logged.
Considering I was the one who configured Falcon and the rest of the servers... that's not *strictly* true. We actually don't have to give any information out because we do not actually keep records which could be verified by a court to be valid. Our log files contain no date information, and most not even timestamps, and the log files, once they grow enough, are tarballed without timestamps so you only know general areas. Plus, we don't log really everything. You actually overstated it, we log apache access and a few other things, but we don't log contents of *anything* (except server shell stuff) nor do we log anything beyond metadata of IPs and access URLs. BUT those access URLs don't contain any personally identifiable information such as POST which all the user stuff is. At best you can only figure out IP X access "bluechill's profile." So EZ data cannot *by itself* be used for determining who is who and what not, however, IF they already have a user's IP theoretically they could, potentially, figure out where they looked on EZ. Furthermore, we can deny having the logs because we purge logs rather frequently because we don't like keeping more than about a gig of untar balled and another gig of tar.bz2 files but I (and the admins) aren't very good about that either so it varies. Basically, we try very hard to protect user's privacy and identifiable information to the extent that we can while maintaining site and other users security. If the server gets raided, we cannot do anything about that because the drive is not encrypted (to my knowledge) nor is there any easy way to do that at our current hosting provider.
-
Considering I was the one who configured Falcon and the rest of the servers... that's not *strictly* true. We actually don't have to give any information out because we do not actually keep records which could be verified by a court to be valid. Our log files contain no date information, and most not even timestamps, and the log files, once they grow enough, are tarballed without timestamps so you only know general areas. Plus, we don't log really everything. You actually overstated it, we log apache access and a few other things, but we don't log contents of *anything* (except server shell stuff) nor do we log anything beyond metadata of IPs and access URLs. BUT those access URLs don't contain any personally identifiable information such as POST which all the user stuff is. At best you can only figure out IP X access "bluechill's profile." So EZ data cannot *by itself* be used for determining who is who and what not, however, IF they already have a user's IP theoretically they could, potentially, figure out where they looked on EZ. Furthermore, we can deny having the logs because we purge logs rather frequently because we don't like keeping more than about a gig of untar balled and another gig of tar.bz2 files but I (and the admins) aren't very good about that either so it varies. Basically, we try very hard to protect user's privacy and identifiable information to the extent that we can while maintaining site and other users security. If the server gets raided, we cannot do anything about that because the drive is not encrypted (to my knowledge) nor is there any easy way to do that at our current hosting provider.
Thanks Bluechill, thats very clear.
Too bad the provider doesnt support that atm.
I can understand the motives you have and you make it sound just a little bit better than Ande did :P
-
Thanks Bluechill, thats very clear.
Too bad the provider doesnt support that atm.
I can understand the motives you have and you make it sound just a little bit better than Ande did :P
The devil is in the details. To be fair, I've only configured half the servers. But I know how thats how they're setup. Plus, ande likes to be vague about somethings and I like to give details where I can and be a bit more transparent than ande may like ;-P
-
I was not trying to be vague, we did log http content not long ago. Perhaps that was discontinued after the last reinstall.
-
I was not trying to be vague, we did log http content not long ago. Perhaps that was discontinued after the last reinstall.
We log the headers not the content. At least I'm pretty sure we don't log HTTP content O_O
I'm pretty sure we don't have 1TB of traffic stored on disk :P
-
We log the headers not the content. At least I'm pretty sure we don't log HTTP content O_O
I'm pretty sure we don't have 1TB of traffic stored on disk :P
Yes you are right, only headers are logged. Just checked out the raw log file(s).
-
Good to know, everyone logs can't blame you for that.
-
The question I have is has Evilzone been served under the Patriot act? By not answering, of course, we know it has. By answering, we know it has not. Question posted. Answer forthcoming or deduced.
-
Not everything is made in the u.s. ;)
-
The question I have is has Evilzone been served under the Patriot act? By not answering, of course, we know it has. By answering, we know it has not. Question posted. Answer forthcoming or deduced.
We have nothing to do with the USA. The main webserver where the forum runs on is hosted in Germany. Germany is one of the most strict countries of the eu when it comes to privacy, see all the lawsuits they got up to Facebook if you are interested:D
-
Why is it that every english webforum gets related to the US? Most of our admins are based out in eu too.
-
Why is it that every english webforum gets related to the US? Most of our admins are based out in eu too.
Not aware that there is anything on the other side of the oceans ;)
-
Not aware that there is anything on the other side of the oceans ;)
Ignorant, yet love giving everyone 'freedom.'
Anyway, let us not derail the thread. Or, at least, me. :P
-
IMO it is up to the user to take their own privacy into their hands.
If you do not want to be tracked then use TOR or i2p, both are great.
If you do not mind your information out there, then just browse and be free, but in the end it is your responsibility.