Skip to content or view screen version

Hacktivist.net UK IndyMedia interview re: hackers protecting open publishing sys

HackThisSite.org | 15.08.2005 02:47 | Indymedia | Repression | Technology

An interview of UK IndyMedia system administrators at DEFCON hacking convention about how hackers can work together to defend open publishing systems. The interview is being released as part of the new site Hacktivist.net.

Activists from HackThisSite.org at down with one of the UK IndyMedia system administrators at the recent DEFCON hacker convention. We interviewed him regarding the server seizures, how hackers can work to protect open publishing systems such as IndyMedia, and how hackers are becoming more radicalized and involved with social justice struggles.

This interview is being streamed as part of the new website  http://www.Hacktivist.net.

We seek to defend digital rights and freedom of speech on the internet by providing a platform where hackers and activists can network to share information about social justice struggles and organize to form projects. We work to foster open and decentralized publishing systems such as peer to peer file sharing systems, independent media, etc. We also encourage hackers to keep updated of current events as well as get involved in the political process to defend digital rights and expose corruption in political and economic systems. Join us to start creative yet legal implementations of technology that artistically put pressure on the powers that be for progressive change that helps build our vision of a free internet and a free society.

Listen to the interview via MP3:  http://www.hacktivist.net/radio/ukindymedia.mp3
Hacktivism.net Project Organization:  http://hacktivist.net/hacktivist/anarchy/index.php?action=view&page=Hacktivism+Project+Organization
DEFCON reportback:  http://hacktivist.net/hacktivist/anarchy/index.php?action=view&page=DEFCON+Report
Hack This Zine:  http://www.hackthiszine.com

Other links:
 http://www.hacktivist.net
 http://www.hackthissite.org
 http://www.hackbloc.org


Transcript of the UK IndyMedia interview:

Jeremy: This is Jeremy from HackThisSite.org and I'm sitting in the room with several people who are loosely affiliated with our website as well as someone who is on the UK IndyMedia project. We have a few things we'd like to talk about like how to protect open publishing systems such as IndyMedia, how to configure our servers in such a way that makes us less liable, and how hackers can play a more integral role in defending open publishing systems. Other people are going to introduce themselves right now:

UK: Hello this is ..... from the UK and I'm from UK IndyMedia

Alx: This is Alxciada from HTS

Gary: This is Gary Naham, an activist in Chicago hoping to becoming a hacktivist dedicated to seeing government systems that survive and respect the digital evolution of technology and not interfere

Jeremy: We have a few things we'd like to talk about specifically about how hackers can play a more integral role and help work with various media collectives, but we'd also like afterwards talk in general about IndyMedia, free speech, open publishing systems, p2p file sharing systems, and how hackers can work together with people to help pressure and change the law. For starters, why don't you tell us a little bit about yourself, what sort of work you do, what groups you work with in the past, how you help out?

UK: A little about myself, well, by day an IT techie, by night an IT director I run public internet, public internet is one of the hosting points indymedia uk, the wiki server, and I kinda got involved when the server seizure happened about 9-12 months ago, kinda became quite important to me that we brought em up as quickly as possible because the time we're down, we lose the chance to tell our side of the story so I put up one of our servers put a mirror off the publishing site and we went from there.

Jeremy: Great. So right now you're currently working as IT director to help out with configuring and setting up these servers when they go down?

UK: Yeah that's right, let me quickly go over all the things I'm involved with. Primarily I run a server mirroring the UK site. Additionally I set up rackspace for some of the other indymedia projects that are currently going on. Current in the process of trying to security data with what's going on in the world.

Jeremy: I understand that it is very vague about what the feds had been looking for on these servers and there's some degree of confusion. Can you tell us any details about what sort of data or evidence they were looking for and how they executed the search?

UK: From my understanding it wasn't actually the feds who were after the server. My understanding is that it was a result of pressure by the Swiss and Italian government relating to previous protests in Genoa and Niece, I believe those were the two areas of interests. I believe photos were published which ... authorities didn't like, and yeah, they were looking for server logs, they were looking for IPs, now fortunately, our server doesn't log IPs!

[Great! What a shame! Too bad!]

Jeremy: I heard the pictures that were posted were undercover police and they were looking for the people who originally published them?

UK: That's the Swiss connection I believe, however I think the Italian government had a more general problem with IndyMedia - I met with the house I wonder if that's what that connection came from.

Jeremy: How could the Italian authorities pressure the British government to execute this raid?

UK: As I understand it, there's a mutual legal assistance treaty with Italy and the US. Now Rackspace which previously hosted the UK server is a US company which therefore falls under US jurisdiction to a degree. Question not entirely legal because the servers were hosted in the UK and rackspace has a legal entity in the UK, therefore, we believe it should have gone through due process in the UK who should have taken the servers - they didn't, that's what the line is at the moment.

Jeremy: The hosting company itself gave the server up upon request by western authorities?

UK: I believe so, now this is one of the interesting things, and this ties back with where we are today. Apparently, the servers weren't actually requested, the logs were requested, and Rackspace went one step further. Rackspace effectively bent over and took it. They handed over the entire server system.

Jeremy: Wow.

Alxciada: So they were originally coming for the logs.

UK: Apparently so, that's what we're hearing, hopefully in the next few days we should hear a little more about it. The EFF put enough pressure on the US side to get the papers.

Alxciada: Was it United States federal agents that raided the server?

UK: I believe so. I believe it was Rackspace employees that went in took the servers. The court orders that were filed were filed in Texas. The EFF basically went through that and demanded the papers, and that's currently being sorted out, but hopefully we'll get a clear picture of what they were after.

Gary: Are there any areas of European or British security law that provides coverage or at least an option of defending against this?

UK: Oh, yes! Data protection acts alone should cover this kind of issue because they effectively seized a server that hosted shitloads of different stuff. They were after one very specific piece of information and in the process gathering lots of other shit so I imagine there are data protection acts that have bearing on the case.

Gary: Are there legal remedies available to prosecute and affect authorities if this is an extrajudicial action which is what it sounds like.

UK: I'm not sure if anything is happening in the UK because unfortunately the UK Europedoesn't have anything an EFF at this stage. It's one of the things that's being worked on talked about but it's never achieved fruition. Therefore we're depending on a far wider group of individuals to help us out. Looking at people associated with journalism, trade, privacy, etc. but there's no central group for information privacy having to do with electronic

Gary: So European Data Security laws are even less protective than US security?

UK: I think they are because it was the way the manuveur was pulled. We effectively never wet through anywhere nearthe UK system. If it went through the UK system it would be a long drawn out case there would have been pros and cons we would have had our day in court. But because they went through a backdoor in the US system - a loophole - it went past our security.

Gary: That the British were happy to allow?

UK: I don't think the Brits had a whole lot to do with it. From our understanding Rackspace employees went into the server room yanked the servers.

Jeremy: They were originally were looking for a flat log file and the company just said "I'm not gonna mess with this!" and gave up the entire server?

UK: As I understand it, yes

Jeremy: And there were a lot of other various websites and collectives on the server?

UK: Oh yes, there was everything from linux distros, to various indymedias, personal sites - yeah, it hit a lot.

Gary: I would assume this is a violation Rackspace's contract with IndyMedia entities that have signed it?

UK: Unfortunately the contract was with a single individual. Yes, there probably was a contract violation there, but as I said, because it never touched UK authorities, to drag it through the UK system there would be no point of - the case would fall apart. Because it was in the US the case there was a actual case in the US going on, there is a lot easier to focus on.

Jeremy: Knowing what you know now about the corporate host and how they were so quick to give up everything and set back these various collectives, how would you configure or structure these servers to make the system as a whole less liable?

UK: Well it's very interesting and actually very simple. We drew a great big circle around the biggest weakness: we had one server, we now have twelve.

[laughter]

UK: The content management system we use is very good, it's designed for mirroring. We've basically taken advatage of the way the CMS system was designed and used it to our advantage. The dynamics are the site are actually done from the publish server and then the servers actually show the data.

Jeremy: So when you actually post something to UK IndyMedia it is actually mirrored to other servers all over the world?

UK: And a variety of different operating systems. Our personal server w3.org is a Solaris box. Others run debian, freebsd, fedora core - we have a nice contingent of OSs so if a vulnerability breaks out - unless it's somethig inside the publishing system itself - we should have a reasonable amount of resiliance.

Jeremy: This seems like a perfect example of how a decentralized model of content distribution can protect ourselves from not only legal subpoenas because it creates a aura of bureaucracy the courts have to go through but protect ourselves from would-be hackers ...

UK: Yes, definitely.

Gary: In an era of extrajudition proceedings where the authorities think they can do anything they want and just present us with facts despite legal protections that clearly exist in this case and were violated, I think you have to use technology to negate the fact that authorities think they are above the law.

UK: Prescisely, it's not the first case and it's not the last. There's things happening at the moment, servers taken all the time, it's a growing problem, indymedia needs to be aware of that and try to survive it.

Jeremy: How are people within hacking and programming communities stepped up to support the project?

UK: In the last 3-4 months we started to put together as security team to go through each of the servers, each of the code bases, and work for them look for the weaknesses. I think historically IndyMedia has been pretty lax about that, more interested with people being able to publish freely and not quite so much about the security of their systems in which the puiblising occurs, That's changing, very quickly.

Jeremy: That brings me back to a couple months ago - there had been two major vulnerabilities - one happened during the RNC with the cross site scripting error in dadaIMC - a group calling itself RightWingExtremist.net made use of this during the RNC by changing many indymedia sites to redirect to a site that said 'indymedia is anti-american' or something crazy! [killing communists!]

UK: The system we're using in the UK is very resiliant, it's java written, the guy's done a good job we haven't seen too many problems

Jeremy: Which one are you using?

UK: We're using Mir, it's been pretty responsive.

Jeremy: I believe DadaIMC had had the most problems ..

UK: Yeah, Dada has had a clear history of problems, I agree

Jeremy: A few months ago I had spoken to Spud regarding a vulnerability I discovered DadaIMC regarding uploading and excecuting PHP files. We privately notified them of this vulnerability and said, "listen we need to keep this quiet until each independent IMC staff is privatley notified and update it. Of course it's a big job and it's not something that'll happen overnight!

UK: One thing I will say while I've got the opportunity is that there is a private list for IMC techies. It's a fairly rigorous process to get in there, but if anyone finds an issue, dump it straight to the people who can deal with it  imc-security@lists.indymedia.org is the place to dump in. The technies in there have a web of trust where you can't get in unless two other people vouch for you.

Jeremy: How do you think right-wing hackers and script kiddies have made use of the open disclosure policy of dadaimc?

UK: I can't really talk much about that unfortunately it's not something I have been involved with. Certainly people we're working with are going through dadaimc line by line.

Jeremy: How can hackers play a more integral role in the development and protection of this software?

UK: I think the trick is really just to get involved. To get to the point of where you're a member of the trusted team takes a little bit of work, but there's nothing to stop people..

Jeremy: Yeah, cause they can still just download the source and just start auditing.

UK: Yeah, but one thing we don't want happening this has happened once already . We had a guy portscanned all 13 of the UK mirrors. Now in a sense he found things we knew about, but on the other hand we don't want to encourage people to start scanning our boxes because it generates extra processes - we'd be far happier for people to work with us and communicate with us about what they're doing this knd of thing- if anything so we don't block them.

Jeremy: I had personally installed it on localhost. How can hackers and civil rights activists collaborate and work together in order to help pressure the law and help take the battle to the courts?

UK: I think the biggest thing is to get hackers to understand the issues. Hackers at the end of the day don't break things. It doesn't take much to see the political ramifactions of their actions. The only time you really think talk it as a community is when - the cisco case, something happens, something get pulled, someone shits in their pants, but nobody takes the interest over a long term basis. That's frustrating and it needs to change. What the Hack another con in Europe right now, their talk list is a lot more encompassing, they spend some time with other issues than security per say, like the DMCA, counter-terrorism, they think behind the box, and as a hacker community, we all need to do that.

Jeremy: I would certainly agree of your critique, especially of DEFCON, this seems more like a white hat drunken party, there's not as much teaching here, only 10% of the people here are maybe hackers anyway, everyone else came here for the culture, the sideshow. How do you think things have changed over the past few years in light of some of the new policies and anti-terrorism legislation? How do you think the hacking community has changed, become more radicalized?

UK: I think the UK and Europe is certainly starting to pick up this. However, unlike America where you have a huge great community, Europe doesn't have that, that's one of the things that is being worked on right now, like the European constitution, declaration of human rights, that kind of thing. We need to involved. The people in the ground need to get it done and push it. We've had a lot of success recently and we need to learn from it.. If European hackers can bond together, we can stop bad legislation, but we need to pull together. All too frequently this hasn't happened.

Jeremy: I'm looking at past conventions like Hackers on Planet Earth that happened last summer. It was held in New York City a month before the Republican National Convention, so naturally it was a lot more politically charged. I thought it was a lot more independent, more genuine, talking about hacker rights and digital rights and how we can protect systems such as IndyMedia - I believe they actually had an IndyMedia speech and several other political speeches...

UK: What the Hack was the same way. Italian government agents went in and sniffed the wire effectively and the ISP told IndyMedia it was a power outage. But yeah, it's bound to happen.

Alxciada: How long ago were your servers actually taken?

UK: Trying to think, I believe it was last June

Jeremy: What do you think about the raid that happened about a month ago in Bristol?

UK: That's even worse and that's one of those things that are a real issue. Indymedia needs to move toward encryption circuits and publishing stuff so you can't tie back to who precisely posted what. The Italian case - my awareness that is they didn't realize how content is distributed.

Jeremy: What were the circumstances behind the Bristol server being seized? Were they also looking for server logs?

UK: Yeah, that was a case where a radical collective did some direct action destroyed some property and police became involved. My understanding is that someone from IndyMedia tipped off the police.

Jeremy: So they broke concensus with the larger group, went directly to the police, and that caused the server as a whole to be seized?

UK: Yeah, and that was hosted in someone's house as well, so they came into their place.

Alxciada: Did they have any mirrors?

UK: They had another backup but it wasn't actively updated. It is very difficult to get a hold of someone with the Bristol project. The server was in Texas and it is difficult to actually switch over the backups.

Jeremy: The seizure in Bristol happened about a week before the G8 demonstrations?

UK: Yeah, Bristol is fairly seperate collective of the UK, and they hadn't learned the lessons UK IndyMedia have, which is a shame.

Jeremy: What do you have to say to people who are just beginning to get involved, just starting to understand these issues. What would be the most effective way to educating themselves as well as plugging in with various collectives and people who are involved to take a more active role?

UK: The biggest thing is to just sit down and start reading IndyMedia, working out how IndyMedia functions, how the global groups decide things effectively. Then come find us - we are there!

Jeremy: Great! I thought this was very productive Anything else you'd like to say?

Gary: I'd like to say one thing. Thank YOU for putting yourself and your property at risk for the free exchange of digital information because your a hero and you're putting everything on the line - there's nothing to say that they won't be busting down your door next. So I admire you for it and more power to you. It takes a hundred heros like you to keep this movement alive.

UK: There are many of us - in places people wouldn't expect to find us either!

HackThisSite.org
- e-mail: htsdevs@gmail.com

Comments

Display the following comment

  1. update — r