Repression Of Free Speech _ Indymedia Under Attack

In the light of the recent server seizure IMC-UK has been left with serious damage to its infrastructure. It is also resource-intensive to replace a server both financially and time-wise, and that means we are in urgent need of your support to sustain our effort.
Please consider donating to IMC-UK!

Hosting Indymedia Servers is Illegal?

Indymedia targeted

This Monday (9 February 2009), Kent Police arrested a man in Sheffield under the Serious Crime Act 2007 in relation to the recent Indymedia server seizure. His home was raided, all computer equipment and related papers taken. He was released after eight hours. The person had neither technical, administrative nor editorial access to the Indymedia UK website. He was only associated to the project by hosting its server.

The arrest took place under Section 44-46 of the Serious Crime Act, which was passed into law on 1st October 2008 to combat serious international crime like drug trafficking, prostitution, money laundering and armed robbery. Sections 44-46 refer to “encouraging or assisting offences”.

Kent police claim that they are after the IP address of the poster of two anonymous comments to a report about a recent animal liberation court case, which included personal details of the Judge. The IP address of the poster is not stored as Indymedia does not log IP addresses. This was acknowledged by British Transport Police in 2005, after the Bristol IMC server seizure.

For the police to arrest the person who happened to sign the contract for server hosting, is sheer intimidation, in light of Indymedia’s openly stated policy of no IP logging.

With the implementation of the EU Data Retention Directive in March 2009, the UK government attempts to turn every internet service provider in the country into part of the law enforcement apparatus. This legislation will provide a legal basis to track, intimidate, harass, and arrest people who are doing valuable and necessary work for social change, for example as peace activists, campaigners for economic and social justice or against police brutality.

The present intimidation of the open publishing alternative news platform Indymedia will have serious implications for anyone running a server in the UK which allows user contributions – blogs, social networking sites, wikis. This is an attempt to close down sites that respect the privacy of their contributors, pure and simple.

On 22 January 2009 an Indymedia server was seized by the police in Manchester on the behest of Kent police who claimed to be investigating a post about the recent Stop Huntingdon Animal Cruelty trial. The police stated that they wanted the IP addresses relating to specific posters but Indymedia assured them and the sites readers that no such data was ever retained.

The assurances did little to quell unease among some site users and it quickly became apparent that while such assurances were effectively correct there was pertinent information being kept secret. The strap line on the top of this sites web pages asserts that Indymedia is a “network of individuals, independent and alternative media activists and organisations, offering grassroots, non-corporate, non-commercial coverage of important social and political issues.

” The line used on the UK site leaves out part of the messaging included on some other sites in the Indymedia network which assures readers that indymedia is a “democratic media outlet for the creation of radical, accurate, and passionate tellings of truth.” That passion for the truth appears to be missing from the IMC UK ‘united kollectives’ as anymore following the various threads covering this story can attest. Repeatedly over the last few days, comments containing vital information, warnings and advice regarding security for the sites users have been hidden by the sites admins in a totally unaccountable fashion.

When an article is hidden from the UK newswire, the act is meant to be reported to a publicly archived mailing list called imc-uk-moderation. If you visit the archive you can in theory see what has been hidden and why but recently at least one admin admitted he’d not been bothering to do this and it was also revealed that automatic filters set up by admins were responsible for over 800 hidden articles last year alone with no notification to the list. According to documentation on site policy on the docs.indymedia.org site, moderation of comments is also meant to be reported to the list but there is a kind of “unwritten consensus on some types of comment which probably don’t need notification”. Such exclusions include “mindless abuse, e.g. one-liners with “Kill all the ***”, or “Indymedia sucks” and “spam comments unrelated to the actual content of the article”. However when you check the comments that are being hidden without notification (the vast majority by a long shot) many certainly don’t fall into those categories.

The policy document goes on to give the following advice to admins, “It’s important you don’t give in to the temptation of hiding comments that you violently disagree with, but don’t really breach the editorial guidelines. Before hiding a comment, it’s a good idea to ask yourself ‘is this really against the guidelines, or am I just angry at the author for saying something so stupid?’

We don’t have the right to censor comments simply because we disagree with them.” IMC UK claims the following among the principles in its mission statement: a focus on grassroots politics, actions and campaigns; to reject all systems of domination and discrimination; and to work on a non-hierarchical basis. However among the posts the current admins have been hiding were call outs to the users to get involved in re-domocrasising the project by attending what should be open meetings of the collectives. And how open are these meetings, if you can even find information on where and when they met? Another (hidden) post revealed that the London collective was closing ranks and making it’s meeting even more private. What is this dark secret that must be hidden at any costs?

Apparently it is nothing more than the fact that the admin interface provides a feature that allows IP addresses of recent posts to captured for the purpose of creating filters against unwanted posters. Is it so important that this should be hidden even if it means sacrificing transparency and the trust of the site users? So important that it is worth the astonishingly extreme of purging information from indymedias public archives going back almost six years in a futile attempt at a coverup? That such a facility exists is no surprise, it’s pretty much essential to maintaining the integrity of publishing platform, especially one which operates without user registration. What is surprising is that an organisation proporting to care about user security would go to such lengths to keep their users in the dark, especially surprising from an organsation which aspires to openness and horizontality.

We need to trust indymedia, not to be infallible but at least to tell the truth. We can cope with security risks when we are aware of them but to be placated with half truths and be cut down from discussing the issues, that’s just not on. Quoting a hidden comment, “Lets defend indymedia, defend ourselves – against not just the intimidation and threats of the state against our infrastructure but also against those among us who are bring shame down on all of us. We urgently need to hold these people to account as our enemies are having a field day and the long it festers the longer it will take to heal the rifts.” Born on the streets of Seattle in 1999, the indymedia project is approaching it’s tenth anniversary.

It would seem that this year would be a good time to assess its strengths and weaknesses, before either reinvigorating the project or building something stronger and better in its ashes as we move into what premisses to be the most significant period of social struggle this planet has ever seen. Man arrested in Indymedia animal extremism probe:

http://www.indymedia.org.uk/en/2009/02/421703.html?c=all Police bail sysadmin in animal rights extremism probe :

http://www.indymedia.org.uk/en/2009/02/421839.html?c=all

View all posts, visible or hidden : http://www.indymedia.org.uk/en/viewallposts.html

1 Comment

Filed under Repression Of Free Speech _ Indymedia Under Attack

One response to “Repression Of Free Speech _ Indymedia Under Attack

  1. Proof of the IP logging feature is in the public record
    11.02.2009 01:49

    That email that the above poster refers to on the IMC-UK-MODERATION list has now been removed from the public archives which doesn’t exactly inspire confidence. I’m confused about what those responsible so worried about revealing as it’s already in the public record that the indymedia software has this feature and obvious that it is used.

    A google search for INDYMEDIA MIR “IP LOG” returns many hits for publicly archived posts from indymedia collectives around the world which use the same software as the UK and many posts in the indymedia documentation project and the MIR development site.

    The feature was publicly announced in some detail during October 2003 on the IMC-UK-FEATURES list in following a previous thread about blocking the IP of a specific poster.

    More of that discussion can be seen in a log of an IRC meeting which was posted to the IMC-TECH list. A further google search reveals that most of the people who took part of that discussion are still active in indymedia collectives. Below are some extracts:

    yossarian i am for blocking Rockwell

    bunny_ it can easily be bypassed especially if person knows they are being blocked
    ….
    yossarian i am hoping that Rockwell is a shithead who is not technically
    savvy
    ….
    bunny_ I think blocking should be decided by a secret comminite in private that we sety up at sheff
    bunny_ which report general critia
    bunny_ in open but not specifics
    ….
    bunny_ The problem with Blocking is it depends on switching IP log on
    bunny_ which we shoudl no do if we can aviod
    Tom secret committe – not really in the sprit of the Indymedia collective IMHO
    zak i’m rather nervous about starting to take decisions in private — it kind of goes against our princple of accountability and openness
    yossarian bunny_ that is very bakunin of you
    bunny_ but it is nature of the tool of blocking
    bunny_ if one chooses to use it
    bunny_ I say it should be used rarely
    Tom what’s the issue with IP logging?

    yossarian i am not for secrecy in this case either
    ….
    bunny_ then yossarian you must be against blocking
    ….
    yossarian no i am not against blocking, i just think we should be open about why we are doing it and who we are doing it to

    Other people in that meeting include GDM, Maqui and Chrisc who’ve all been engaged in the arguments over transparency on the IMC-UK-MODERATION list over the last week since the expulsion of admin Ben who’s email which mentioned the IP log. That email has now been deleted from the public archive by the list admins.

    It seem that some indymedia admins are hoping to rely on what is know as security through obscurity
    which basically means you know that you have vulnerabilities but hope that by not talking about it then nobody will discover them for themselves. This approach is generally considered highly flawed but there are arguments for it but in this case it’s certainly a case of shutting the barn door after the horses have bolted since the codebase MIR is open source and the features actively publicised by the developers.

    One example can be seen here and gives a little insight into what the admin interface for indymedia might look like. It is a list of string names and values for the localization of the interface, given in english in this case. It clearly shows a host of functions relating to an IP log and IP filtering.

    abuse.htmltitle = anti-abuse measures
    ….
    abuse.disableopenpostings=Turn off open posting
    abuse.openpostingpassword=Require a password for open postings
    abuse.logpostings=Log IPs for open postings
    abuse.logsize=Logging buffer size
    abuse.cookies=Use cookies for blocked users
    abuse.articleaction=Action for blocked article
    abuse.commentaction=Action for blocked comment
    ….
    abuse.showlog=Show the IP log
    abuse.showfilters=Manage filters
    ….
    abuse.log.time=Time
    abuse.log.address=IP number
    abuse.log.object=Object
    abuse.log.browser=Browser
    abuse.log.filtertype=Filter type
    abuse.log.filterexpression=Expression
    ….
    abuse.filtertype.ip = IP Number
    abuse.filtertype.regexp = Regular expression
    ….
    abuse.filters.htmltitle = Anti-abuse filter rules
    abuse.log.htmltitle = Anti-abuse open posting log

    There is little to gain from continuing to hide these features while at the same time as encouraging users and spammers alike to use proxies to ensure their anonymity. The vast majority of determined spammers will already have been using such cloaking technology anyway.

    In the meantime, attempting to hide all this from indymedia users is totally counterproductive at this time, especially while people are seeking reassurance and carification over the potential for police to obtain IP data relating to specific posts. Honestly would be reassuring and as stated in that October 2003 email, “the data collected is held in memory, not on any hard disk space and is gone once the log is switched off again – so if anyone ever wanted to raid the server no information on posters can be obtained.”

    Indymedia are acting like the chinese government censors, hiding all comments on this and even going so far as to purge the history books of references they dont like. The revisionistas have deleted from their own PUBLIC mailing list archives all the emails mentioned by an earlier poster who ironically was pointing out that you cant gain security by sweeping issues under the carpet.

    DELETED http://archives.lists.indymedia.org/…er/004250.html

    but still cached by google as I type ( http://74.125.77.132/search?q=cache:…ient=firefox-a)

    [Imc-uk-features] IP address
    andi andi at syndicate.org.uk
    Thu Oct 23 13:11:05 PDT 2003

    * Previous message: [Imc-uk-features] newswire list, promoting, feats ed policy…
    * Next message: [Imc-uk-features] rockwell?
    * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    hi all,

    it is possible to log ip addresses in the new codebase. this can be
    switched on and off, and is by default switched off.

    the data collected is held in memory, not on any hard disk space and
    is gone once the log is switched off again – so if anyone ever wanted
    to raid the server no information on posters can be obtained.

    but we as imcistas have the option to track trolls. we have not used
    ip blocking yet but were near doing it – i for one have hunted for
    ram’s ip, see
    http://lists.indymedia.org/pipermail…ptember/004459.
    html

    anyhow we never made firm decisions on this.

    a question would be as well for how long a block is supposed to be…

    cheers andi

    DELETED http://archives.lists.indymedia.org/…er/001187.html

    but also still cached as I type ( http://74.125.77.132/search?q=cache:…ient=firefox-a)

    Here’s another one they’ll have to delete if they want to continue to revise history:
    http://archives.lists.indymedia.org/…er/003929.html

    I don’t know how they think they can eradicate this from our memories or from web sites they dont control which also record this info.

    They hide this shortly to but it can all be read here http://www.indymedia.org.uk/en/2009/…703.html?c=all at least until they stoop to deleting rather than hiding the comments they don’t like.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s