Skip to content or view screen version

Alternative Servers Attacked: "Not a Private Question: A Question of Privacy"

imc uk | 27.06.2005 19:32 | Indymedia | Technology

Italy-based non-profit community webserver autistici have found out that the authorities have copied the keys necessary for the decryption of their webmail a year ago [statement 1 | 2]. Since then, the authorities potentially had access to all the data on the disks. Autistici's provider did not inform them about this. Apparently, this is connected to the same investigation as the one that caused an international law enforcement operation in London last October: A few days before the European Social Forum, Indymedia servers in London were seized, prompting a wave of solidarity statements [report].



Italy-based server autistici has informed its users that it has been compromised by the authorities for more than a year. During an investigation, the authorities shut down the server and copied the keys necessary for the decryption of the webmail. Since then, they potentially had access to all the data on the disks. This happened with the collaboration of Aruba, their provider. The autistici.org/inventati.org server hosts 4,700 mailboxes, 600 mailing lists (used by 30,000 people totally), and over 500 websites. A wide range of activists, associations, lawyers, legal services, self-organized workers and activist groups, student groups and collectives, as well as international networks are using it for their websites and emails.

Autistici are pointing out that their case is not a private matter, but a matter of privacy. They consider themselves to be treated as a "guinea-pig on whom to experiment new kinds of controls and eavesdropping", and see their situation connected to "all the people involved into file sharing enquiries". They state that the present case of eavesdropping is related to the same investigation as the one that caused an international law enforcement operation in London last October. A few days before the European Social Forum, Indymedia servers in London were seized - prompting a wave of protests and solidarity statements [report].

Austici are presently reviewing their technical set-up and consider taking political steps. They advise everyone "to use strong encryption instruments (i.e. pgp/gpg) for the protection of both mail and data on personal computers" to protect privacy and freedom of speech.

imc uk

Comments

Hide the following 8 comments

gristle

27.06.2005 21:40

In the light of all this, maybe it is time to start thinking about how to make a mirror of Indymedia available through the peer to peer distributed freenet network (  http://freenetproject.org/ ). This would (virtually) guarantee IP anonymity and there would be no way for any legal bodies to take down the Indymedia content again as it would be completely decentralised (requiring the location and confiscation of many personal computers dotted around the Internet to remove content).

I understand that it takes a lot of patience and technical competence to do this but as a backup to the websites and for those more paranoid about privacy it would be nice and would also contribute to the strength of the network (more people using it, better network).

anon

LEGAL FUND

28.06.2005 10:18

All donations towards new server / legal costs will very much appreciated.

Other methods of donating may follow shortly. For the moment it's the old-fangled cheque / postal order way of doing things.

Cheques can be made out to:
Bristol Indymedia. Box 3. 82 Colston Street, Bristol BS1 5BB

Thanks.

Friends Of BIM

Tor

28.06.2005 13:18

Agree with the above comment about freenet. Either that or hosting a mirror as a hidden service on the Tor network (tor.eff.org), which is much more usable in terms of speed and setup for non-techie users.

anon

more mainstream coverage

28.06.2005 16:28

More Mainstream Coverage + More Links In Comments:
 https://publish.indymedia.org.uk/en/2005/06/315097.html

munkeeunit

Alternarive Bristol Information Outlets

28.06.2005 16:41

In the days before the BIMC server was seized an 'unofficial emergency response network' was publicised on BIM in anticipation of the seizure. The re-routed  http://bristol.indymedia.org page to an extent, thankfully, makes this less necessary, but it doesn't have such a Bristol / South West focus.

So...

The Bristol Social Forum & Bristol Stop-The-War message boards have now been opened up so that anyone can currently post to them from any email account (although posts will continue to be moderated and there may be a delay of a few days on the Bristol Social Forum so that emails can be sent out in more user friendly batches direct to people's inboxes.)

As it has a subscription base of 350+, it is a valuable outlet.

Bristol Social Forum. (Bristol / South West focussed posts please)
Anyone can post to:  bristolsocialforum@yahoogroups.com
Visit:  http://groups.yahoo.com/group/bristolsocialforum/
You can also subscribe if you like, instructions at bottom of page, or PM me.

Bristol Stop The War. (National level posts are also welcome here)
Anyone can post to:  bristol-stop-the-war-coalition@yahoogroups.com
 http://groups.yahoo.com/group/brist...-war-coalition/
99% of subscribers only receive the monthly newsletter direct to their inbox, but it is widely publicised as a public message board too, so it has it's uses.

I hope this helps.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A number of other contacts were given, but they seem less necessary now, as our networks aren't completely destroyed, and the additional contacts were postal addresses and alternative emails.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

munkeeunit

Whoops!

28.06.2005 16:46

Sorry, bad links provided in the above. Bristol-Stop-The-War is:
 http://groups.yahoo.com/group/bristol-stop-the-war-coalition/

munkeeunit

EXTRA OUTLET NOTE

28.06.2005 17:21

A better interim fix than using the above opened up yahoo groups (as well as sharing space on UK IMC) may follow shortly. SO WATCH THESE SPACES!

munkeeunit

"copied the keys"

30.06.2005 09:47

"During an investigation, the authorities shut down the server and copied the keys necessary for the decryption of the webmail. Since then, they potentially had access to all the data on the disks."

I personally use NetBSD's cgd (cryptographic disk driver), and DON'T keep the configuration file's /etc/cgd/cgd.conf, etc on disk.
The configuration files's are keept on separate removable date, or other location in encrypted form.
This means that I have to manually configure ("mount") the disk's everytime i reboot.
BUT it would also mean, that if a server were sized, they would never be able to recover or find anything on the disk.
If the autistici server had been configured to store the keys for decryption of the webmail on an cgd configured disk, the authorities could never have copied the keys.

Cgd have been mentioned before in Indymedia.
 http://docs.indymedia.org/view/Local/UkCrypto

Other links
 http://netbsd.gw.com/cgi-bin/man-cgi?cgd++NetBSD-2.0.2
 http://www.netbsd.org/guide/en/chap-cgd.html

Perhaps it's time to really implement a stronger policy and procedures to protect people.

kopime