[12952] in cryptography@c2.net mail archive
Re: Logging of Web Usage
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed Apr 2 20:04:45 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
In-Reply-To: <E190oQp-0007pI-00@smtp10.atl.mindspring.net>
Date: Wed, 2 Apr 2003 13:24:58 -0800
To: John Young <jya@pipeline.com>, Ben Laurie <ben@algroup.co.uk>
From: Bill Frantz <frantz@pwpconsult.com>
Cc: cypherpunks@lne.com, cryptography@wasabisystems.com
At 2:58 PM -0800 4/2/03, John Young wrote:
>Ben,
>
>Would you care to comment for publication on web logging
>described in these two files:
>
> http://cryptome.org/no-logs.htm
>
> http://cryptome.org/usage-logs.htm
>
>Cryptome invites comments from others who know the capabilities
>of servers to log or not, and other means for protecting user privacy
>by users themselves rather than by reliance upon privacy policies
>of site operators and government regulation.
>
>This relates to the data retention debate and current initiatives
>of law enforcement to subpoena, surveil, steal and manipulate
>log data.
>
>Thanks,
>
>John
The http://cryptome.org/usage-logs.htm URL says:
>Low resolution data in most cases is intended to be sufficient for
>marketing analyses. It may take the form of IP addresses that have been
>subjected to a one way hash, to refer URLs that exclude information other
>than the high level domain, or temporary cookies.
Note that since IPv4 addresses are 32 bits, anyone willing to dedicate a
computer for a few hours can reverse a one way hash by exhaustive search.
Truncating IPs seems a much more privacy friendly approach.
This problem would be less acute with IPv6 addresses.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
frantz@pwpconsult.com | American way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
