“Anonymous, together with a group known as the Peoples Liberation Front, Tuesday announced the immediate availability a new website for hacktivists to dump their stolen (‘doxed’) data,” Mathew J. Schwartz reports for InformationWeek.
“Dubbed AnonPaste, the website has been created as an alternative to Pastebin and other websites that allow people to anonymously upload large amounts of text, the two groups said in a joint press release,” Schwartz reports. “Shared content can be set to expire after 10 minutes, an hour, a day, a month, a year, or never. In addition, the site promises to remain advertising-free and unmoderated, maintain no connection logs, and store only encrypted data.”
Schwartz reports, “The AnonPaste site says, “[The] server has zero knowledge of data being stored. Your data is safe even in case of server breach or seizure.” But it cautions that in the event that a hacker manages to successfully install “crooked JavaScript” libraries, future pastes could be captured… But the service offers some non-Twitter-like promises. ‘This service will NOT comply with court orders to turn over your private information,’ states the TalkOpen FAQ. ‘We aim to run a secure yet private service, and doing this would defeat the purpose of TalkOpen. In cases regarding child pornography or murder however, we will comply.'”
Read more in the full article here.
oh – ok
Hacktivists proclaiming that they can store stolen data on secure servers? Oh, the irony.
exactly.
These guys will get caught one of these days. I think the FBI already arrested a few people linked to them anyway.
And I like the part about not being able to stop some JavaScript from stealing the data…
applepaste?
I thought it was the Popular Front?
People’s Front!
No – it’s the Poopular Front. They ought to be arrested and charged.
World class douchebags. I hope they all go to “federal pound-me-in-the-ass prison”, and soon.
LOL – People actually believe that is no record stored by Anonymous and that content actually expires?
Anonymous is a group a criminals.
Who in their right mind would trust them with anything?
Add Google to the list as well.
50 lashes in a public square
…and store only encrypted data.
This means theoretically that no one, at all, can read the data except the person posting it.
But darn, the server admins have the encryption key at THEIR end, which means this isn’t actually true. Therefore:
In cases regarding child pornography or murder however, we will comply. <–Fine with me! But this means that the person posting the data is NOT the boss of that data.
CONCLUSION: The only safe data is that which YOU encrypt at the client end before hand. If you want total control of your data, never hand it off elsewhere before YOU encrypt it first. If you then want to share that data, you must provide YOUR key to the other person in order for them to read it.
So what a great way to encrypt data on YOUR end?
– Create SparseImage files using Apple’s Disk Utility. There are lots of tutorials about how to do this scattered around the Internet.
– Use a key sharing system such as the free GPG project. (GNU Privacy Guard). It uses the PGP standard. It has a learning curve, is very geeky, but works great. Just be patient while you climb its learning curve.
Sorry! Having a brain aneurism. All better now. Let’s attempt to conclude this sentence:
The only safe data is that which YOU encrypt at the client end before handING IT OFF TO SOMEWHERE ELSE.