Skip to content or view mobile version

Home | Mobile | Editorial | Mission | Privacy | About | Contact | Help | Security | Support

A network of individuals, independent and alternative media activists and organisations, offering grassroots, non-corporate, non-commercial coverage of important social and political issues.

How do you know that Indymedia does not keep logs?

IMC-UK | 19.02.2009 00:00 | Indymedia Server Seizure | Analysis | Indymedia | Technology

Indymedia UK (IMC-UK) is a network of activists who provide an open publishing platform. We are part of the wider Indymedia Network that started in Seattle during the protests against the WTO in November 1999, and the UK site was one of the first to join the network in early 2000. In common with all Indymedia Centres (IMCs) around the world, as designated in the (draft) Principles of Unity, IMC-UK does not log IP addresses - as detailed on the security page. Moreover, following on from previous requests by governmental authorities for logs, IMC-UK and many other Indymedia sites (e.g. the global website, www.indymedia.org) do not retain any logs related to the website. These facts are documented on our open mailing lists and on the open IMC documentation site, docs.indymedia.org. (here for example).

In the rest of this article, we provide some advice on how to improve the measures you take when publishing on the website if you want to do so anonymously. We also outline some legal procedures that could potentially be used to attack Indymedia and the right to free expression, as well as describing some of the technical points in more detail.


What if you don't trust us?

Maybe the police have infiltrated us. Maybe there is some software security issue we're unaware of that means the police can track our users. Maybe the police/GCHQ/NSA/FBI/CIA are monitoring all the connections to our server. Maybe we're just a bunch of amoral snitches... Although we have previously had hassle from the FBI, the police, and even Russian oligarchs, that doesn't mean you have to trust us. And, ultimately, we don't actually mind if you don't trust us. We simply state what we do - believe us if you like, or don't. Your call.

Here are some things that you could do to improve your security when using the IMC-UK website:

  • Only post stuff to Indymedia that won't get you in trouble.
  • Use Tor - an application that allows you anonymise your IP address. Bear in mind that it is not 100% safe - see these Tor caveats.
  • Don't post it on Indymedia, post it on wikipedia or blogspot or... well those two aren't that good, but wikileaks is pretty secure and better security than Indymedia in a number of ways.
  • Set up your own open publishing platform: the more the merrier.
  • Don't post anywhere on the internet.

Legal points relating to Indymedia UK

Indymedia provides a platform for anyone to publish their news: text, photos, video, whatever. Thus, as citizen journalists, we are entitled to some protection from seizure of our materials under the UK law regarding "excluded materials." This is not an absolute protection - and would depend on the circumstances and seriousness of any alleged crime.

The UK Indymedia publish server is located in the USA. Thus, to be able to gain access to this machine, the UK would have to get a Mutual Legal Assistance Treaty (MLAT) agreement with the USA (similar to the one that was received by the USA from the Italian authorities prior to the Ahimsa server seizure in 2004). This is not an easy undertaking and would require a strong justification for the request.

Additionally, Indymedia has many contacts and has been supported in the past by organisations like Liberty, the Electronic Frontier Foundation (EFF), the Association for Progressive Communications (APC), the National Union of Journalists (NUJ), Members of Parliament and many others.

Technical points about UK IMC

Hardware encryption

There are two physical servers that are owned by Indymedia UK. The first is the publish server (see below for more information about how the website software is designed), which is named Traven (after B. Traven, the author) and is located in Seattle, USA. The second was called Strummer (after Joe Strummer of The Clash) and is located in the UK. Both servers use Debian GNU/Linux and make use of disk encryption, which means that the data needs to be decrypted before it can be used. Disk encryption is carried out for the protection of all users: those viewing the website as well as the system administrators and Indymedia moderators. This is because, although we take measures (as outlined below) to ensure anonymity, we cannot be certain we have not overlooked something and so we wish to protect this information should it fall into the wrong hands.

The passphrases required for the disk encryption software are long (in the region of 30-40 characters, minimum) and not memorable - instead, they are only stored in an encrypted format by trusted administrators. If any of the servers are turned off for any reason (e.g. if there is a power cut), the passphrases need to be manually re-entered before the machine can become functional again. This is why there is sometimes a slight delay in reinstating services should a server become unreachable. Additionally, people who have physical access to the servers do not normally hold the passphrases - and, in some instances, the passphrases are kept in a different country to where the machine is located.

Software anonymisation

The UK Indymedia website uses a software called 'Mir'. This is designed around a central publish server from which static HTML content is then copied to mirrors. UK-IMC has employed up to 10 mirrors at any one time, although usually we use less than this number. The mirrors may be located anywhere around the world, and when you click on www.indymedia.org.uk you will be redirected to one of these mirrors at random. Mirrors, like the publish server, are set up to not log IP addresses - even though they only receive page views and do not contain any information about who posted an article.

Both the publish server and all the UK Indymedia mirror servers have Apache (the webserver software) set to not write any log files. But, since Apache requires an ErrorLog file before it will start, this is redirected to /dev/null/, thus:

ErrorLog /dev/null


This is important because otherwise errors (such as 404's - when a non-existent page is requested) are written to a file. Additionally, the way of controlling precisely what info is logged is via the LogLevel directive - and this cannot be set to not contain IP addresses.

There are no other lines related to recording information (logging) anywhere in the Apache configurations employed by Indymedia UK. The directory on the UK publish server that would normally contain log files relating to Apache shows only the following:

traven:~# ls -l /var/log/apache2/
total 28
-rw-r--r-- 1 root root 24704 2009-02-10 01:39 jk-runtime-status
-rw-r--r-- 1 root root     1 2009-02-10 01:39 jk-runtime-status.lock
traven:~# 


The two files shown here are related to the Mir software, which uses Java, and do not contain any information related to users. Indeed, this software was specifically designed for Indymedia, taking into account the provisions of the (draft) Principles Of Unity and the results of many discussions on the international imc-tech mailing list.

Conclusion

Indymedia takes your privacy seriously and works hard to ensure that the strictest security measures are in place. However, while we hope that everybody trusts our commitment to protect our users - and thus our technical and security procedures - we also understand that the measures we take may not be easily understandable by non-techs. In this article we have therefore tried to explain some of the measures we take and why we take them. We end with a reiteration of our commitment to the global Indymedia Principles of Unity - and particularly want to highlight Principle 4:

4. All IMC's, based upon the trust of their contributors and readers, shall utilize open web based publishing, allowing individuals, groups and organizations to express their views, anonymously if desired.

IMC-UK
- Homepage: http://www.indymedia.org.uk

Additions

Some security resources for those concerned

19.02.2009 15:26

Tor - An anonymous internet communication system.
 http://tor.eff.org

Torpark - A secure browser built on Firefox Deer Park, using the Tor network.
 http://www.torrify.com

Ultrasurf - Secure Internet surfi ng.
 http://www.ultrareach.com

Freegate - Encrypted Internet access.
 http://www.download.com/3000-20-10415391.html

Peacefi re - A censorship circumvention tool.
 http://www.peacefi re.org/

Hacktivismo - An international group of hackers, human rights workers, lawyers and artists that evolved out of The Cult of the Dead Cow (cDc).
 http://www.hacktivismo.com

Tactical Technology Collective - A non-profi t foundation promoting the use of free and open source software for non-governmental organizations, and producers of the Security NGO-in-A-Box.
 http://security.ngoinabox.org/
 http://www.tacticaltech.org/

Reporters Without Borders, Handbook for Cyber-Dissidents and Bloggers
 http://www.rsf.org/rubrique.php3?id_rubrique=542

Digital Security and Privacy for Human Rights Defenders by Dmitri Vitaliev
Published by Front Line - The International Foundation for the Protection of Human Rights Defenders
 http://www.frontlinedefenders.org
 http://www.frontlinedefenders.org/manuals/en/esecman.html

but, really, get real


Comments

Display the following 44 comments

  1. The double edged sword of anonymity — n@
  2. An official IMC UK statement? — waiting
  3. it's irrelevant whether Indymedia is "infiltrated" or not — g33k
  4. Anonymous and paranoid? — Wotsit
  5. Some strategies indymedia could impliment to improve security — g33k2.0
  6. Geeky suggestions are go — null
  7. Log off Log on. which is it — clueless
  8. re: Some strategies indymedia could impliment to improve security — g33k
  9. We are told — the membership?
  10. more geek thoughts — 2.0 ?
  11. Aliases and security — Danny
  12. re: more geek thoughts — g33k
  13. Aliases and security - very funny in this instance — Danny
  14. hashed IP logging for enhanced security — coder
  15. Remove IP logging from MIR — interested bystander
  16. how does hashing IP addresses make it any more secure? — g33k
  17. re: hashed logs on toast — XFCE
  18. SHAC posts to be filtered? — anon
  19. @anon — Chris
  20. IMCistas should be ashamed — Chris
  21. Very much not the Indy I knew — Former Indy contributor
  22. One set of rules for them and another for us — Lucy
  23. My suggested solution — Ian
  24. For IMCister — ordinary imc user
  25. Who on earth penned "What if you don't trust us?" — LOL
  26. PS:? — LOL
  27. Indymedia should use accounts for filtering, not IP addresses — anon
  28. @anon - agree — Danny
  29. Indymedia, direction and web 2.0 — brief comment become rant
  30. re: Indymedia, direction and web 2.0 — anon
  31. Damned if you do, damned if you don't. — n
  32. Security of servers, users and admins is the responsibilty of everyone — someone
  33. Some good points there... — Tragedy
  34. a Boy named Sue — Danny
  35. Defamation 101 — Perry Mason
  36. No such law — Danny
  37. Black Blog — Danny
  38. Well — Perry Mason
  39. De fame academy — Danny
  40. YAWN! — Perry Mason
  41. A policeman can't arrest if you if he hasn't got his hat on you know! — Perry Mason
  42. @perry - As I said (3c) — Danny
  43. Do keep up! — Perry Mason
  44. Competition law — Danny
Upcoming Coverage
View and post events
Upcoming Events UK
24th October, London: 2015 London Anarchist Bookfair
2nd - 8th November: Wrexham, Wales, UK & Everywhere: Week of Action Against the North Wales Prison & the Prison Industrial Complex. Cymraeg: Wythnos o Weithredu yn Erbyn Carchar Gogledd Cymru

Ongoing UK
Every Tuesday 6pm-8pm, Yorkshire: Demo/vigil at NSA/NRO Menwith Hill US Spy Base More info: CAAB.

Every Tuesday, UK & worldwide: Counter Terror Tuesdays. Call the US Embassy nearest to you to protest Obama's Terror Tuesdays. More info here

Every day, London: Vigil for Julian Assange outside Ecuadorian Embassy

Parliament Sq Protest: see topic page
Ongoing Global
Rossport, Ireland: see topic page
Israel-Palestine: Israel Indymedia | Palestine Indymedia
Oaxaca: Chiapas Indymedia
Regions
All Regions
Birmingham
Cambridge
Liverpool
London
Oxford
Sheffield
South Coast
Wales
World
Other Local IMCs
Bristol/South West
Nottingham
Scotland
Social Media
You can follow @ukindymedia on indy.im and Twitter. We are working on a Twitter policy. We do not use Facebook, and advise you not to either.
Support Us
We need help paying the bills for hosting this site, please consider supporting us financially.
Other Media Projects
Schnews
Dissident Island Radio
Corporate Watch
Media Lens
VisionOnTV
Earth First! Action Update
Earth First! Action Reports
Topics
All Topics
Afghanistan
Analysis
Animal Liberation
Anti-Nuclear
Anti-militarism
Anti-racism
Bio-technology
Climate Chaos
Culture
Ecology
Education
Energy Crisis
Fracking
Free Spaces
Gender
Globalisation
Health
History
Indymedia
Iraq
Migration
Ocean Defence
Other Press
Palestine
Policing
Public sector cuts
Repression
Social Struggles
Technology
Terror War
Workers' Movements
Zapatista
Major Reports
NATO 2014
G8 2013
Workfare
2011 Census Resistance
Occupy Everywhere
August Riots
Dale Farm
J30 Strike
Flotilla to Gaza
Mayday 2010
Tar Sands
G20 London Summit
University Occupations for Gaza
Guantanamo
Indymedia Server Seizure
COP15 Climate Summit 2009
Carmel Agrexco
G8 Japan 2008
SHAC
Stop Sequani
Stop RWB
Climate Camp 2008
Oaxaca Uprising
Rossport Solidarity
Smash EDO
SOCPA
Past Major Reports
Encrypted Page
You are viewing this page using an encrypted connection. If you bookmark this page or send its address in an email you might want to use the un-encrypted address of this page.
If you recieved a warning about an untrusted root certificate please install the CAcert root certificate, for more information see the security page.

Global IMC Network


www.indymedia.org

Projects
print
radio
satellite tv
video

Africa

Europe
antwerpen
armenia
athens
austria
barcelona
belarus
belgium
belgrade
brussels
bulgaria
calabria
croatia
cyprus
emilia-romagna
estrecho / madiaq
galiza
germany
grenoble
hungary
ireland
istanbul
italy
la plana
liege
liguria
lille
linksunten
lombardia
madrid
malta
marseille
nantes
napoli
netherlands
northern england
nottingham imc
paris/île-de-france
patras
piemonte
poland
portugal
roma
romania
russia
sardegna
scotland
sverige
switzerland
torun
toscana
ukraine
united kingdom
valencia

Latin America
argentina
bolivia
chiapas
chile
chile sur
cmi brasil
cmi sucre
colombia
ecuador
mexico
peru
puerto rico
qollasuyu
rosario
santiago
tijuana
uruguay
valparaiso
venezuela

Oceania
aotearoa
brisbane
burma
darwin
jakarta
manila
melbourne
perth
qc
sydney

South Asia
india


United States
arizona
arkansas
asheville
atlanta
Austin
binghamton
boston
buffalo
chicago
cleveland
colorado
columbus
dc
hawaii
houston
hudson mohawk
kansas city
la
madison
maine
miami
michigan
milwaukee
minneapolis/st. paul
new hampshire
new jersey
new mexico
new orleans
north carolina
north texas
nyc
oklahoma
philadelphia
pittsburgh
portland
richmond
rochester
rogue valley
saint louis
san diego
san francisco
san francisco bay area
santa barbara
santa cruz, ca
sarasota
seattle
tampa bay
united states
urbana-champaign
vermont
western mass
worcester

West Asia
Armenia
Beirut
Israel
Palestine

Topics
biotech

Process
fbi/legal updates
mailing lists
process & imc docs
tech