CTunnel = Spineless: Recording Logs of Palin Email Hack

As part of the Palin hack news story the use of the CTunnel tool was mentioned as the anonymous proxy service used by the “hacker”. The FBI is seeking records from the people behind CTunnel in connection to the investigation.

After a quick look at the CTunnel website, this turns up, in reference to the CTunnel logging and retention of data.

“Because our visitors value their privacy, it is not in our interests to spy on you, lest we lose traffic and advertising revenue. Because government subpenoa could require us to hand over our server access logs, access logs are regularly deleted to protect your privacy. In short, we value your browsing experience as well as your anonymity, and would not do anything to break your trust in us.”

But then look what this sell out that owns Ctunnel Gabriel Ramuglia, tells Threat Level, he says that the FBI had contacted him yesterday to obtain his traffic logs. that he has about 80 gigabytes of logs to process and hadn’t yet looked for the information the FBI was seeking but planned to be in touch with the agents today (September 18). Due to the hacker being tracked down, a college student in TN you could say that Ctunnel did their part in bending

Ramuglia said the screenshots of Palin’s e-mail account, which the hacker posted online, will help him narrow his search, since they revealed most of the Ctunnel URL that was at the top of the hacker’s browser when he took the screen shot.

so if Ctunnel, goes against what he specifically said he wouldn’t do, then what about other cases he did not even mention? what if your girlfriend calls up? boss? local detective? crooked police officer? probation officer? the list can go on… but in the end its a sad day for internet advocates and net neutrality everywhere, Palin should not have been using this Yahoo account on business, and she should have used stronger security measures, particularly if there is sensitive information.

8 thoughts on “CTunnel = Spineless: Recording Logs of Palin Email Hack

  1. This is inaccurate. Lets say you’re running the site – and you auto delete logs after x days. Well, the FBI (and other agencies) first notify you NOT to delete logs, turn off any auto-delete etc. Then they come days (or even more) later to get the logs. If you DO delete the logs since the first notification, you will be breaking the law. So they never said they delete them hourly or even daily. So perhaps the FBI simply told them not to delete the logs before they were supposed to be deleted in the first place. You run a service for the public, then put your ass on the line when the crap hits the fan and see how much you want to jeopardize your own freedom before calling out these people – I think if what I say is true, they were fair in balancing what they promise and what they have to deliver. In retrospect, don’t log at all would be a better policy. Or auto-purge within an hour, etc.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s