Skip to content or view screen version

How do you know that Indymedia does not keep logs?

IMC-UK | 19.02.2009 00:00 | Indymedia Server Seizure | Analysis | Indymedia | Technology

Indymedia UK (IMC-UK) is a network of activists who provide an open publishing platform. We are part of the wider Indymedia Network that started in Seattle during the protests against the WTO in November 1999, and the UK site was one of the first to join the network in early 2000. In common with all Indymedia Centres (IMCs) around the world, as designated in the (draft) Principles of Unity, IMC-UK does not log IP addresses - as detailed on the security page. Moreover, following on from previous requests by governmental authorities for logs, IMC-UK and many other Indymedia sites (e.g. the global website, www.indymedia.org) do not retain any logs related to the website. These facts are documented on our open mailing lists and on the open IMC documentation site, docs.indymedia.org. (here for example).

In the rest of this article, we provide some advice on how to improve the measures you take when publishing on the website if you want to do so anonymously. We also outline some legal procedures that could potentially be used to attack Indymedia and the right to free expression, as well as describing some of the technical points in more detail.


What if you don't trust us?

Maybe the police have infiltrated us. Maybe there is some software security issue we're unaware of that means the police can track our users. Maybe the police/GCHQ/NSA/FBI/CIA are monitoring all the connections to our server. Maybe we're just a bunch of amoral snitches... Although we have previously had hassle from the FBI, the police, and even Russian oligarchs, that doesn't mean you have to trust us. And, ultimately, we don't actually mind if you don't trust us. We simply state what we do - believe us if you like, or don't. Your call.

Here are some things that you could do to improve your security when using the IMC-UK website:

  • Only post stuff to Indymedia that won't get you in trouble.
  • Use Tor - an application that allows you anonymise your IP address. Bear in mind that it is not 100% safe - see these Tor caveats.
  • Don't post it on Indymedia, post it on wikipedia or blogspot or... well those two aren't that good, but wikileaks is pretty secure and better security than Indymedia in a number of ways.
  • Set up your own open publishing platform: the more the merrier.
  • Don't post anywhere on the internet.

Legal points relating to Indymedia UK

Indymedia provides a platform for anyone to publish their news: text, photos, video, whatever. Thus, as citizen journalists, we are entitled to some protection from seizure of our materials under the UK law regarding "excluded materials." This is not an absolute protection - and would depend on the circumstances and seriousness of any alleged crime.

The UK Indymedia publish server is located in the USA. Thus, to be able to gain access to this machine, the UK would have to get a Mutual Legal Assistance Treaty (MLAT) agreement with the USA (similar to the one that was received by the USA from the Italian authorities prior to the Ahimsa server seizure in 2004). This is not an easy undertaking and would require a strong justification for the request.

Additionally, Indymedia has many contacts and has been supported in the past by organisations like Liberty, the Electronic Frontier Foundation (EFF), the Association for Progressive Communications (APC), the National Union of Journalists (NUJ), Members of Parliament and many others.

Technical points about UK IMC

Hardware encryption

There are two physical servers that are owned by Indymedia UK. The first is the publish server (see below for more information about how the website software is designed), which is named Traven (after B. Traven, the author) and is located in Seattle, USA. The second was called Strummer (after Joe Strummer of The Clash) and is located in the UK. Both servers use Debian GNU/Linux and make use of disk encryption, which means that the data needs to be decrypted before it can be used. Disk encryption is carried out for the protection of all users: those viewing the website as well as the system administrators and Indymedia moderators. This is because, although we take measures (as outlined below) to ensure anonymity, we cannot be certain we have not overlooked something and so we wish to protect this information should it fall into the wrong hands.

The passphrases required for the disk encryption software are long (in the region of 30-40 characters, minimum) and not memorable - instead, they are only stored in an encrypted format by trusted administrators. If any of the servers are turned off for any reason (e.g. if there is a power cut), the passphrases need to be manually re-entered before the machine can become functional again. This is why there is sometimes a slight delay in reinstating services should a server become unreachable. Additionally, people who have physical access to the servers do not normally hold the passphrases - and, in some instances, the passphrases are kept in a different country to where the machine is located.

Software anonymisation

The UK Indymedia website uses a software called 'Mir'. This is designed around a central publish server from which static HTML content is then copied to mirrors. UK-IMC has employed up to 10 mirrors at any one time, although usually we use less than this number. The mirrors may be located anywhere around the world, and when you click on www.indymedia.org.uk you will be redirected to one of these mirrors at random. Mirrors, like the publish server, are set up to not log IP addresses - even though they only receive page views and do not contain any information about who posted an article.

Both the publish server and all the UK Indymedia mirror servers have Apache (the webserver software) set to not write any log files. But, since Apache requires an ErrorLog file before it will start, this is redirected to /dev/null/, thus:

ErrorLog /dev/null


This is important because otherwise errors (such as 404's - when a non-existent page is requested) are written to a file. Additionally, the way of controlling precisely what info is logged is via the LogLevel directive - and this cannot be set to not contain IP addresses.

There are no other lines related to recording information (logging) anywhere in the Apache configurations employed by Indymedia UK. The directory on the UK publish server that would normally contain log files relating to Apache shows only the following:

traven:~# ls -l /var/log/apache2/
total 28
-rw-r--r-- 1 root root 24704 2009-02-10 01:39 jk-runtime-status
-rw-r--r-- 1 root root     1 2009-02-10 01:39 jk-runtime-status.lock
traven:~# 


The two files shown here are related to the Mir software, which uses Java, and do not contain any information related to users. Indeed, this software was specifically designed for Indymedia, taking into account the provisions of the (draft) Principles Of Unity and the results of many discussions on the international imc-tech mailing list.

Conclusion

Indymedia takes your privacy seriously and works hard to ensure that the strictest security measures are in place. However, while we hope that everybody trusts our commitment to protect our users - and thus our technical and security procedures - we also understand that the measures we take may not be easily understandable by non-techs. In this article we have therefore tried to explain some of the measures we take and why we take them. We end with a reiteration of our commitment to the global Indymedia Principles of Unity - and particularly want to highlight Principle 4:

4. All IMC's, based upon the trust of their contributors and readers, shall utilize open web based publishing, allowing individuals, groups and organizations to express their views, anonymously if desired.

IMC-UK
- Homepage: http://www.indymedia.org.uk

Additions

Some security resources for those concerned

19.02.2009 15:26

Tor - An anonymous internet communication system.
 http://tor.eff.org

Torpark - A secure browser built on Firefox Deer Park, using the Tor network.
 http://www.torrify.com

Ultrasurf - Secure Internet surfi ng.
 http://www.ultrareach.com

Freegate - Encrypted Internet access.
 http://www.download.com/3000-20-10415391.html

Peacefi re - A censorship circumvention tool.
 http://www.peacefi re.org/

Hacktivismo - An international group of hackers, human rights workers, lawyers and artists that evolved out of The Cult of the Dead Cow (cDc).
 http://www.hacktivismo.com

Tactical Technology Collective - A non-profi t foundation promoting the use of free and open source software for non-governmental organizations, and producers of the Security NGO-in-A-Box.
 http://security.ngoinabox.org/
 http://www.tacticaltech.org/

Reporters Without Borders, Handbook for Cyber-Dissidents and Bloggers
 http://www.rsf.org/rubrique.php3?id_rubrique=542

Digital Security and Privacy for Human Rights Defenders by Dmitri Vitaliev
Published by Front Line - The International Foundation for the Protection of Human Rights Defenders
 http://www.frontlinedefenders.org
 http://www.frontlinedefenders.org/manuals/en/esecman.html

but, really, get real


Comments

Display the following 44 comments

  1. The double edged sword of anonymity — n@
  2. An official IMC UK statement? — waiting
  3. it's irrelevant whether Indymedia is "infiltrated" or not — g33k
  4. Anonymous and paranoid? — Wotsit
  5. Some strategies indymedia could impliment to improve security — g33k2.0
  6. Geeky suggestions are go — null
  7. Log off Log on. which is it — clueless
  8. re: Some strategies indymedia could impliment to improve security — g33k
  9. We are told — the membership?
  10. more geek thoughts — 2.0 ?
  11. Aliases and security — Danny
  12. re: more geek thoughts — g33k
  13. Aliases and security - very funny in this instance — Danny
  14. hashed IP logging for enhanced security — coder
  15. Remove IP logging from MIR — interested bystander
  16. how does hashing IP addresses make it any more secure? — g33k
  17. re: hashed logs on toast — XFCE
  18. SHAC posts to be filtered? — anon
  19. @anon — Chris
  20. IMCistas should be ashamed — Chris
  21. Very much not the Indy I knew — Former Indy contributor
  22. One set of rules for them and another for us — Lucy
  23. My suggested solution — Ian
  24. For IMCister — ordinary imc user
  25. Who on earth penned "What if you don't trust us?" — LOL
  26. PS:? — LOL
  27. Indymedia should use accounts for filtering, not IP addresses — anon
  28. @anon - agree — Danny
  29. Indymedia, direction and web 2.0 — brief comment become rant
  30. re: Indymedia, direction and web 2.0 — anon
  31. Damned if you do, damned if you don't. — n
  32. Security of servers, users and admins is the responsibilty of everyone — someone
  33. Some good points there... — Tragedy
  34. a Boy named Sue — Danny
  35. Defamation 101 — Perry Mason
  36. No such law — Danny
  37. Black Blog — Danny
  38. Well — Perry Mason
  39. De fame academy — Danny
  40. YAWN! — Perry Mason
  41. A policeman can't arrest if you if he hasn't got his hat on you know! — Perry Mason
  42. @perry - As I said (3c) — Danny
  43. Do keep up! — Perry Mason
  44. Competition law — Danny