![]() (REDACTED TIME): INFO: (REDACTED INTERNAL IP):56506 - "OPTIONS /token/(REDACTED TOKEN)/add HTTP/1.1" 200 OK (REDACTED TIME): INFO: (REDACTED INTERNAL IP):56498 - "POST /token/(REDACTED TOKEN)/add HTTP/1.1" 200 OK (REDACTED TIME): INFO: (REDACTED INTERNAL IP):56498 - "OPTIONS /token/(REDACTED TOKEN)/add HTTP/1.1" 200 OK (REDACTED TIME): INFO: (REDACTED INTERNAL IP):37934 - "POST /token/(REDACTED TOKEN)/add HTTP/1.1" 200 OK ![]() (REDACTED TIME): INFO: (REDACTED INTERNAL IP):37934 - "OPTIONS /token/(REDACTED TOKEN)/add HTTP/1.1" 200 OK (REDACTED TIME): INFO: (REDACTED INTERNAL IP):46794 - "GET /token/(REDACTED TOKEN)/servers HTTP/1.1" 200 OK The logs you would receive for a valid legal request would not be redacted in this manner. Nonetheless, we've still redacted points that could have privacy implications. This came from a test token and server that we made, not a customer's. We have multiple API proxy nodes that have different IP addresses and the most we can tell is if a user connected to our API using or our Tor Hidden Service endpoint, as our clearnet and Tor API proxies are separate. But more or less, they look like this as of 2022-11. Our database and more readable logging is more in the 2022 Q3 timeframe. If I have a Bitcoin transaction from 2021, what can you tell me? We don't claim to be legal experts, but from what we understand, you need some kind of MLAT and possibly to work with US law enforcement. If I'm outside of the US, how can I get data from SporeStack? This also applies to token messages (a way to get support) and unpaid invoices. Information about deleted servers are removed from the database after 90 days. These logs mostly show timing information about server creation and actions (such as renewal, start, stop, etc). We may have more or less and SporeStack is in flux and under development, so things may change. We are shooting for 90 day log retention. Though we can't guarantee that they do not, it seems cost prohibitive to retain disk images of all deleted servers. If a server has been deleted, we don't have any backup of it. They have backend access that should make for a cleaner way to do this. Your best option is for us to tell you what servers are hosted on a given token (or a token we find by payment), and then send a search warrant to Digital Ocean using the Droplet ID and IP address of the servers, asking for an image. We have no straight forward way to image and upload an image of that server. The servers may be active, deleted, expiring soon, or not for a while. If you give us the cryptocurrency used, transaction ID, and a subpoena, we can associate that payment with a token, and then show what servers are associated with the token. Can you associate payments with tokens/servers? Unless a user emails us telling us that they live at such-and-such an address, with a certain name, and that they're using a given token, we have very little, if any, personal information on them. Though we may be able to tell if they connect to us via "normal" internet or our Tor Hidden Service. Our logs don't have IP addresses of servers. Users are associated by the token and what servers they launch. What information do you have on your users? ![]() They are hosted at Digital Ocean under an account that we manage. However, we don't actually host the server. They pay to add balance to that token, and then with that token they upload an SSH public key which we attach to the server when it's launched. A user will generate a token that links payments to servers. SporeStack is a Virtual Private Server host that accepts cryptocurrency for payment. ![]() While this page is specifically geared towards law enforcement, we make it public so our users can have visibility into what data we have and don't have. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |