> UK Indymedia
> Global Indymedia
> Guidelines
> Chatroom
> About Us
> Security
> Projects
> On Ya Mobile
> Local Weather
We are an all volunteer collective and receive no regular funding. Please consider donating.
This events wire is no longer being updated. Please use the new site to publicise events.
More local events on Veggies/Sumac Diary
Analysis
Animal Liberation
Anti-militarism
Anti-racism
Bio-technology
Climate Chaos
Culture
Ecology
Education
Energy Crisis
Free Spaces
Gender
Globalisation
Health
History
Indymedia
Iraq
Migration
Ocean Defence
Other Press
Palestine
Repression
Social Struggles
Technology
Terror War
Workers' Movements
Zapatista
Birmingham
Cambridge
Liverpool
London
Oxford
Sheffield
South Coast
Wales
World
Other UK IMCs
Bristol/South West
London
Northern Indymedia
Scotland
www.indymedia.org
Projects
print
radio
satellite tv
video
Africa
Europe
antwerpen
armenia
athens
austria
barcelona
belarus
belgium
belgrade
brussels
bulgaria
calabria
croatia
cyprus
emilia-romagna
estrecho / madiaq
galiza
germany
grenoble
hungary
ireland
istanbul
italy
la plana
liege
liguria
lille
linksunten
lombardia
madrid
malta
marseille
nantes
napoli
netherlands
northern england
nottingham imc
paris/île-de-france
patras
piemonte
poland
portugal
roma
romania
russia
sardegna
scotland
sverige
switzerland
torun
toscana
ukraine
united kingdom
valencia
Latin America
argentina
bolivia
chiapas
chile
chile sur
cmi brasil
cmi sucre
colombia
ecuador
mexico
peru
puerto rico
qollasuyu
rosario
santiago
tijuana
uruguay
valparaiso
venezuela
Oceania
aotearoa
brisbane
burma
darwin
jakarta
manila
melbourne
perth
qc
sydney
South Asia
india
United States
arizona
arkansas
asheville
atlanta
Austin
binghamton
boston
buffalo
chicago
cleveland
colorado
columbus
dc
hawaii
houston
hudson mohawk
kansas city
la
madison
maine
miami
michigan
milwaukee
minneapolis/st. paul
new hampshire
new jersey
new mexico
new orleans
north carolina
north texas
nyc
oklahoma
philadelphia
pittsburgh
portland
richmond
rochester
rogue valley
saint louis
san diego
san francisco
san francisco bay area
santa barbara
santa cruz, ca
sarasota
seattle
tampa bay
united states
urbana-champaign
vermont
western mass
worcester
West Asia
Armenia
Beirut
Israel
Palestine
Topics
biotech
Process
fbi/legal updates
mailing lists
process & imc docs
tech
Indymedia UK values the principles behind open-publishing and is working towards completely anonymous publishing of media upon the website. One of the things that you can do to help this is browse the web site using an encrypted connection: this helps disguise who is posting to the site at any given time.
We have tried to minimise what information can be found out about posters. Currently, Indymedia UK does not log ip addresses. However, it is possible for someone to monitor individuals who are using the site and check which time they visited Indymedia UK. If this corresponds to the time a certain article was posted, then whoever is doing the surveillance may get useful information. One way of diminishing this is to ensure that lots of people are connecting at the same time - hence, any one of them could be making a postor merely viewing the site.
An encrypted connection between computers is used to hide the details of the information that is being transferred. For example, many organisations use encrypted connections when making or discussing financial transactions: you have probably used one if you've ever booked a ticket or used the bank online.
During the exchange, a third-party is used to verify that the website is who they say they are. There are many big corporate companies who sell identification-certificates - and procedures for acquiring them may be variable; such organisations are known as Certificate Authorities (CAs). Thus, it can be difficult to know whether to trust them or not (although often, one does not have a choice).
Indymedia UK, instead of using a commercial Certificate Authority, has decided to use the non-profit organisation CACert (cacert.org). All our certificates are certified by the 'root' certificate of the CACert Certificate Authority.
Certificates are used to verify the identity of people or computers. In particular, certificates are needed to establish secure connections. Without certificates, you would be able to ensure that no one else was listening, but you might be talking to the wrong computer altogether!
Certificates are the digital equivalent of a government issued identification card. Certificates, however, are usually issued by private corporations called certificate authorities (CA). Indymedia UK has, instead, chosen to use CA Cert (cacert.org), a free and non-profit certificate authority.
Unfortunately, you need to do a little work to get your software to recognize CA Cert as a certificate authority. Every CA has a 'root certificate' which identifies a particular organization as a certificate authority. Corporate CAs have their root certificates distributed with most of the major computer programs and operating systems, and are preconfigured in most web browsers. For CAcert, however, you need to manually install the cacert.org root certificate.
Alternately, you may wish to visit the CAcert root cert page.
Here are a few installation tutorials:
Without the root certificate, you will receive a security warning each time you attempt to establish a secure connection to indymedia.org.uk. You can usually choose to ignore this warning and accept the server's certificate on a temporary or permanent basis.
"That doesn't sound so bad," you might say. In the past, this is exactly what many users have done in order to use secure connections. But there are major problems with this:
We are, but the internet is designed to require certificate authorities and there is not much we can do about it. There are other models for encrypted communication, such as the decentralized notion of a "web of trust" found in PGP. Unfortunately, no one has written any web browsers or mail clients to use PGP for establishing secure connections, so we are forced to rely on certificate authorities. Some day, we hope to collaborate with other tech collectives to create a certificate (anti) authority.
Some programs cannot use certificate authorities to confirm the validity of a certificate. In that case, you may need to manually confirm the fingerprint of the certificate. Here are some fingerprints for various certificates:
www4.indymedia.org.uk 4F:46:8E:78:07:6E:A3:33:5C:DA:47:2C:9C:EA:91:90:7C:9CIndymedia has in the past attracted the attention of authorities, that have occasionally tried to request logs of whom is accessing the web site and have in one occasion seized without any explanation our server. We believe in the right to anonymous political speech and therefore we do not keep logs that could provide any such information. Still, we advise indymedia readers that are concerned about the privacy of their reading and posting habits to hide them by using anonymizing services, like Tor or using SSL encrypted connections.
Tor is a decentralized network of computers on the Internet that increases privacy in Web browsing, instant messaging, and other applications. We estimate there are some 30,000 Tor users currently, routing their traffic through about 200 volunteer Tor servers on five continents. Tor solves three important privacy problems: it prevents websites and other services from learning your location; it prevents eavesdroppers from learning what information you're fetching and where you're fetching it from; and it routes your connection through multiple Tor servers so no single server can learn what you're up to. Tor also enables hidden services, letting you run a website without revealing its location to users.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. The Electronic Frontier Foundation (EFF) is backing Tor's development as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis. A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East. This diversity of users helps to provide Tor's security.
Tor is free/open source software and unencumbered by patents. That means anyone can use it, anyone can improve it, and anyone can examine its workings to determine its soundness. It runs on all common platforms: Windows, OS X, Linux, BSD, Solaris, and more. Further, Tor has extensive protocol documentation, including a network-level specification that tells how to build a compatible Tor client and server; Dresden University in Germany has built a compatible client, and the European Union's PRIME project has chosen Tor to provide privacy at the network layer.
Of course, Tor isn't a silver bullet for anonymity. First, Tor only provides transport anonymity: it will hide your location, but what you say (or what your applications leak) can still give you away. Scrubbing proxies like Privoxy can help here by dealing with cookies, etc. Second, it doesn't hide the fact that you're *using* Tor: an eavesdropper won't know where you're going or what you're doing there, but she or he will know that you've taken steps to disguise this information, which might get you into trouble -- for example, Chinese dissidents hiding from their government might worry that the very act of anonymizing their communications will target them for investigation. Third, Tor is still under active development and still has bugs. And, since the Tor network is still relatively small, it's possible that a powerful attacker could trace users. Even in its current state, though, we believe Tor is much safer than direct connections.
Please help spread the word about Tor, and give the Tor developers feedback about how they can do more to get this tool into the hands of people who need it, and what changes will make it more useful. Also, consider donating your time and/or bandwidth to help make the Tor network more diverse and thus more secure. Wide distribution and use will give us all something to point to in the upcoming legal arguments as to whether anonymity tools should be allowed on the Internet.