Privacy & Security Statement
Privacy and anonymity
UK Indymedia values the principles behind open publishing and encourages anonymous publishing and browsing on the newswire. We strive to protect users' privacy and anonymity and strongly suggest you also take action to protect yourself. You may provide personal information when you post to the newswire but this is entirely optional. All cookies are optional. Please note that we are not responsible for the privacy policies and practices of any linked web site.
It is now public knowledge that the internet backbone is m̶o̶n̶i̶t̶o̶r̶e̶d̶ owned by the security services. If you want to browse and post anonymously, we advise you to look at using Tor or Tails. Tor is a decentralised network that anonymises web browsing, Tails is a live Linux distribution that routes all your internet traffic through Tor. We also recommend installing EFF's HTTPS Everywhere browser plug-in. For more advice we recommend the Freedom of the Press Foundation guide, Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance.
You have the option to use your real name or a pseudonym when posting to the site. If you include your email or web address when you post, please be aware that these will be published. We discourage users from posting other people's personal details and we may remove personal details from posts. If you have concerns about personal information that has been published on the site, please use the indymedia contact list to let us know. This list is not publicly archived.
Although we are an open publishing site, we do have editorial guidelines. Posts and comments that breach these guidelines are liable to be hidden. Queries about moderation decisions should be sent to the moderation list. UK Indymedia never writes logs of IP addresses to disk and does not routinely log users' IP addresses. However, we do reserve the right to use anti-abuse measures to identify persistent abusers of the site (including state agents) and remove disinformation. On the rare occasions that anti-abuse measures are employed, IP logs are only held in RAM (temporary memory) and if the police seized the server they wouldn't find logs of posters' IP addresses. When anti-abuse measures are employed, a report will be made to the moderation list afterwards.
State abuse of the UK Indymedia site
For examples of how the state has abused our site in the past, see these features: Advocating Domestic Extremism - Cops on Indymedia - An Exposé and Gateway 303: Police Disinformation on UK Indymedia.
A cookie is a small file that is stored on your computer, and is sent to the Indymedia UK website each time you visit it. Cookies can record a variety of information and are used by some sites for collecting information about their visitors' browsing activity by setting a persistent cookie with a unique identifier in it. This is not what UK Indymedia uses them for. We use optional cookies for two purposes:
When you use the publishing form to post an article to the newswire or to submit a comment to an existing article a session cookie (ie a cookie that will only last as long as your browser is open) will be saved to your computer because this is the way the software works. This cookie will be deleted when you exit your browser. Since the publishing form is only available via a encrypted interface, this cookie will also be encrypted. If you reject this cookie, the publishing form will still work.
The newswire on the front page of the site has two versions: the open newswire and the promoted newswire. You can set an optional persistent cookie (a cookie that is stored by your web browser and lasts until a set date in the future) to change your front page newswire preference from the promoted newswire to the open newswire. If you accept the cookie, your computer will "remember" to show you the open newswire each time you visit the site. To use this feature, you must have cookies enabled in your browser. You can delete the cookie at any time. If you do so, your computer will "forget" your preference for the open newswire. If you click the link to revert to the default newswire, this will have the same effect: the cookie will be deleted.
More about Tor
Tor solves three important privacy problems: it prevents websites and other services from learning your location; it prevents eavesdroppers from learning what information you're fetching and where you're fetching it from; and it routes your connection through multiple Tor servers so no single server can learn what you're up to. Tor also enables hidden services, letting you run a website without revealing its location to users.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services or the like when these are blocked by their local Internet providers. The Electronic Frontier Foundation (EFF) is backing Tor's development as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis. A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East. This diversity of users helps to provide Tor's security.
Tor is free/open source software and unencumbered by patents. That means anyone can use it, anyone can improve it, and anyone can examine its workings to determine its soundness. It runs on all common platforms: Windows, OS X, Linux, BSD, Solaris, Android and more. Further, Tor has extensive protocol documentation, including a network-level specification that tells how to build a compatible Tor client and server; Dresden University in Germany has built a compatible client, and the European Union's PRIME project has chosen Tor to provide privacy at the network layer.
Of course, Tor isn't a silver bullet for anonymity. First, Tor only provides transport anonymity: it will hide your location, but what you say (or what your applications leak) can still give you away. Scrubbing proxies like Privoxy can help here by dealing with cookies, etc. Second, it doesn't hide the fact that you're *using* Tor: an eavesdropper won't know where you're going or what you're doing there, but she or he will know that you've taken steps to disguise this information, which might get you into trouble -- for example, Chinese dissidents hiding from their government might worry that the very act of anonymizing their communications will target them for investigation. Third, Tor is still under active development and still has bugs. And, since the Tor network is still relatively small, it's possible that a powerful attacker could trace users. Even in its current state, though, we believe Tor is much safer than direct connections.
Please help spread the word about Tor, and give the Tor developers feedback about how they can do more to get this tool into the hands of people who need it, and what changes will make it more useful. Also, consider donating your time and/or bandwidth to help make the Tor network more diverse and thus more secure. Wide distribution and use will give us all something to point to in the upcoming legal arguments as to whether anonymity tools should be allowed on the Internet.
- Choose good passwords and passphrases because if you don't, your encryption will be easy to crack.
IMC UK, 16.02.2014 20:48