Re: [liberationtech] Secure, inexpensive hosting of activist sites
On Sun, Apr 21, 2013 at 09:26:05PM -0400, micah wrote: Can't rely on them to be there for what exactly? Just being there and responsive for the entire duration you need them. Where is the liberatory technological element to recommending commercial The liberatory technological element is to use distributed services not linkable to a certain specific server or location. You're welcome. services when they are more than happy when the shit hits it to bend over backwards for law enforcement without bothering even questioning if Have you ever heard of bullet proof hosting? Do you think that snowshoe spammer and carder and malware hosters care a damn thing about the content they host? the request is even legal because that would cut into their profits? I Very simple: they do not care whether it's legal. Their business model is that they don't care, as long as the account gets paid. have to say I agree with ilf, this is pretty depressing for this list. You'll get used to it. I did. How can anyone in good conscience recommend to activists commercial services whose primary goal is to optimize for the bottom line? You How can anyone engage in strawmen of such appalling quality? realize that when the shit hits it you can rely on them to not waste any of their money fighting for you. Not that it matters, because they are already deupitized data collection points for the police, building into their money-making schemes keeping as much logs as they possibily can to maximize profits from various advertising and surveillance efforts. And really, Cloudflare? Comon. After their willingness to roll over on What about Cloudflare? Can't recall mentioning them. the subpoena for Barret Brown and prentend that they were the internet's saviors by making up that whole thing about how they saved the internet from the biggest DDOS ever? This is an amazing statement: free is distinctly unaffordable -- what meaning of free are you using here? There are other things that I'd Free, as in free beer. pay *more* money for if it meant the kind of free that I'm thinking of was in play... But this is 'liberationtech', right? Is the only thing you are concerned about is being liberated from your money when doing tech things? The cognitive dissonance here is deafening. How would you know? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure, inexpensive hosting of activist sites
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Either I missed it, or it wasn't posted: dod.net is a wonderful 501(c)3 which has a great distributed network of servers and is super big on privacy protection and their clients data. It's free to host with them, but they ask for donations. Also BuyVM.net has also been a great host that even up until recently let you run tor exit nodes. Francisco (the owner) has a liberal policy towards linking, and allows torrent trackers (with the official line that they can't track copyrighted material) which is great for dissemination of large files like wikileaks archives. dod.net is shared hosting, with a jailed SSH. buyvm.net is a VPS. Eugen Leitl wrote: On Sun, Apr 21, 2013 at 09:26:05PM -0400, micah wrote: Can't rely on them to be there for what exactly? Just being there and responsive for the entire duration you need them. Where is the liberatory technological element to recommending commercial The liberatory technological element is to use distributed services not linkable to a certain specific server or location. You're welcome. services when they are more than happy when the shit hits it to bend over backwards for law enforcement without bothering even questioning if Have you ever heard of bullet proof hosting? Do you think that snowshoe spammer and carder and malware hosters care a damn thing about the content they host? the request is even legal because that would cut into their profits? I Very simple: they do not care whether it's legal. Their business model is that they don't care, as long as the account gets paid. have to say I agree with ilf, this is pretty depressing for this list. You'll get used to it. I did. How can anyone in good conscience recommend to activists commercial services whose primary goal is to optimize for the bottom line? You How can anyone engage in strawmen of such appalling quality? realize that when the shit hits it you can rely on them to not waste any of their money fighting for you. Not that it matters, because they are already deupitized data collection points for the police, building into their money-making schemes keeping as much logs as they possibily can to maximize profits from various advertising and surveillance efforts. And really, Cloudflare? Comon. After their willingness to roll over on What about Cloudflare? Can't recall mentioning them. the subpoena for Barret Brown and prentend that they were the internet's saviors by making up that whole thing about how they saved the internet from the biggest DDOS ever? This is an amazing statement: free is distinctly unaffordable -- what meaning of free are you using here? There are other things that I'd Free, as in free beer. pay *more* money for if it meant the kind of free that I'm thinking of was in play... But this is 'liberationtech', right? Is the only thing you are concerned about is being liberated from your money when doing tech things? The cognitive dissonance here is deafening. How would you know? -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCgAGBQJRdUWqAAoJEES9cOv0A0l0TlgIAMTcfmxdqmJmNtAjJxNmoXtV hz7QZIRdJQ7uhfjcVXmeFrb8SYGujkNBy9QJGNhuiOfKWrYiDoj4lLNe++5eAB5g av6DT7DegXF1Ep0iyXYY/cSTCVKFCl5n6NEObb+gyqrDavUiPNfD5xXHtuBm6Qw5 nWzOt1Rkj4G8C9jbUQI0ZxixCQO2fRi7p6TYGiRjoOmOnUBauMwByn2m9/NAjxJ+ D+xapIhsI16KNxwZ4a2DYraHdqXoXEPjXe3HSu6BmGQP0PCf4lRJnzJQ/ZZ1Po74 v1M7F0SZXQK/41rmTux4eyoM++VYIA8p+r7QAbIFihCFg8OXWGra/1o9y9wuSEA= =xV4C -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure, inexpensive hosting of activist sites
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/18/2013 04:45 PM, Hisham wrote: Hi all, Activists whose sites come under attack struggle to find cheap solutions to keep their websites safely guarded. Many of them are looking for secure, inexpensive hosting. I've come across many such cases, from Senegal, to Zambia to Egypt to Morocco. Some of them ask for temporary hosting to be able to stay online until they can stand on their feet again. I'd be grateful if someone could help with this one. Are there secure and inexpensive solutions out there? Best, -- Hisham Almiraat For the hosting side, you should also look at VirtualRoad; I've recently been working with their team on a humanitarian site, and they've been nothing but amazing. For DDoS protection, there is also Deflect.ca - it's an open source DDoS mitigation tool (any group can set a Deflect system up for a family of sites using a collection of low-cost virtual servers), and it is also providing this as a free service to qualifying sites (independent media, human rights, and related). The benefit of this is that you can set it up before an attack; it adds a level of security to your site, speeds it up, and you keep 100% control over the site itself. Jon -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRdUh0AAoJEKmYlZ/5Jr+LW0AQAIBLy/E2Q5+Hcm7JntRe7tIc 2pMe5FUYHuYN/IDGGfvlviltUjFbsKAaLzwAsOjoC6M80nS5HbsI5tqDtLhZfSxF MqeOdsYppsEp5l/gr8GU4qwsOVWqYvDND50pgiDDh5oFlxaE8X0rQcueSPuYDc3F TN6X/STG59mG8wJia4S+AA2IieNM87mmuYUNyKr4Lh9LQmrgwKqObhEn5oabOXwF 0/BQYXq6JEkCbBYEc1eUQK/1+5OtJAcEpopZHD3me9Pt4fT4N5ivclY1rNwpG3Qe HgoeIadq3jRRiHdf2zzvnRjsjgvN+/xq/IwJohiLlFzPY7NwWV9n9zcAuWCrjgH1 y6Y1povBKe+ZQNHA/p1FqeVCoxL0TtW8ZCrtP5NKW/GiB/t8hxo0J+cvBxpcLoZv mpg5GqHOh2ScCUd14mysS0XH8wzbMskHjrvubE7OMg1nNBow2BcutJreiDGqoYnQ Tos/uOWgoINBeM7DSLzBCqBP0i3br6Zpjvo6Sf5aTH1IDOcTsHfp44SAENgL8YnN c8+rh+uVPYeUtw1sqWq/Vud5eMqLZhITKAAUzzq1KZOz+KIZJIh/X9YV6RpPcbkr /D9kxCwuYurF0vqOL2PwvZDRyDb+dGwLOCTTUIz11lGEkJAD5oq1Jsc+X7PYNqRE sQduUaTf/HRnCBB8x8WL =MaI7 -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Cybersecurity Forum RESCHEDULED for May 15th, 2013
Michael wanted me to forward this message to the main list too: From: Michael Snell mjjsn...@gmail.com THIS FORUM HAS BEEN RESCHEDULED FOR WEDNESDAY, MAY 15TH, 2013. Our featured speaker has been in DC working on the Cyber-Security Information Protection Act (CISPA) all last week, and will be at a hearing regarding location tracking and privacy this Thursday. While the postponement may be inconvenient for some, he will have much more information for us regarding the voting and potential impact of CISPA upon individual rights in the United States. The time for the event remains unchanged: 6:30 p.m. to 8:30 p.m. A light meal will still be provided. Event location will be confirmed soon. Best regards, Mike Snell -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Secure, inexpensive hosting of activist sites
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/22/2013 03:08 PM, Jacob Appelbaum wrote: micah: Eugen Leitl eu...@leitl.org writes: On Sun, Apr 21, 2013 at 03:07:35PM +0200, ilf wrote: I can't believe this bullshit thread recommending *only* commercial services. This is a complicated issue and we at May First/People Link (as is the case with Micah of Rise-Up) know that first-hand. In fact, since we partner with Rise-Up on many activities the lessons we learn are frequently shared. The main lesson here isn't who is full-proof. Nobody is. It's who will fight the longest and hardest and in fullest collaboration with you. In short, who is (dare I say it?) a comrade. :-) Just as background: as a membership organization (I mean really...members vote and everything), we all pay dues, no one pays for services and our entire organization commits itself to preserving the integrity and activity of all member websites and email accounts. Period. We're challenged all the time in that arena and we take them on legally and politically and technologically. But the issue is how you fight that fight and win it and that depends on your definition of win. The biggest threat to our members' sites isn't cyber-attacks and denial of service (which we successfully fight off all the time) but legal attacks like Copyright violation complaints which, in the United States, are almost impossible to fight off, The complainant will, a day or two after you tell it to get lost, go to your upstream provider and none of those outfits is principled enough to take a stand for free speech when threatened with costly legal action. Upstream connection goes, hundreds of members lose their websites and email. This is serious business. So you're looking, in the U.S. anyway, for a service provider that will move things around, weave and duck technologically, to keep you on-line as long as possible until having to take you off. You're searching for people who will spend as long as necessary to keep you on-line when you're under DOS attack. And you're looking for a provider which will, when pushed, make a fuss publicly and make an issue of it when possible. Because you're looking for a provider that wants to build a movement with you and denial of your right to expression is an issue upon which we can continue building our movements. I think those three are the criteria. The Internet is a field of struggle -- it's not the plumbing in a movement's house. Yes, you want efficient service. No, you can't pay a lot of money. But you also want a provider that will treat this issue as denial of a right and who is ready to organize around it and you want to support that provider's continuous existence. No provider of this type will deny a politically important website a home because of lack of money; they will always work something out with you. There are providers like that in most parts of the world; I think we all should be seeking them out and working with them. :-) Abrazos, Alfredo Look, free is distinctly unaffordable. If you need a dedicated box somebody has got to pay for the hosting and remote hands. Activists donating own resources are quite nice and cool (heck, been there, done that) but ultimatively you can't rely on them to be there if the shit hits it. Can't rely on them to be there for what exactly? To be fair - some activist communities just aren't holding the five nines that other companies hold up as marketing material. ;-) Where is the liberatory technological element to recommending commercial services when they are more than happy when the shit hits it to bend over backwards for law enforcement without bothering even questioning if the request is even legal because that would cut into their profits? I have to say I agree with ilf, this is pretty depressing for this list. I thought about the sheer number of people trying to compromise some of my most public systems. The trade-off was one where I stopped worrying as much about buggy software and traded it for a legal attacks; I did so knowing that if I were to lose, I would still *win* in that I would learn something and set an undeniable example and if I were to win outright, I'd have defended my or access to such systems successfully. Thus I actually selected Google, Twitter and other service providers to test a theory about how companies might act when pressed. Each company has law budgets that greatly exceed the amount of money I could ever hope to raise or spend on my own. After all is said and done - their brands rely on people believing that they're good and will fight for their users. I actually told the FBI about this strategy during a QA in NYC - which if you haven't seen it is ... well, lets say, I wasn't the only one who thought it was funny: https://www.youtube.com/watch?v=dTuxoLDnmJU In short - there are companies that will go to court and even, if you're lucky, spend *millions* of dollars on
[liberationtech] (advice sought) Public safety and configuration of list
To the experts in Liberationtech, Air-L and Mailman lists, (cc General Counsel of Stanford University) Stanford University has configured the Liberationtech mailing list in a manner that is potentially unsafe. University staff are aware of the problem and are evalutating the situation, but have yet to take action. I'm a subscriber to the list, and I ask your advice. SITUATION The Liberationtech mailing list is run by Stanford University in connection with its Program on Liberation Technology. That program investigates the use of IT to defend human rights, improve governance, empower the poor, promote economic development, and pursue a variety of other social goods. [1] Experts on the list advise and inform on matters such as encrypting communications, protecting infrastructure from cyber attack, and protecting onself from personal danger. Often those seeking help are in vulnerable situations. They include aid workers, reporters and activists who live and work in environments where human rights are not well respected, or where the government is too weak to protect people from organized criminals, rival militias, and so forth. The list software is GNU Mailman. The administration interface includes the following configuration items: [2] (a) Should any existing Reply-To: header found in the original message be stripped? If so, this will be done regardless of whether an explict Reply-To: header is added by Mailman or not. X No - Yes (b) Where are replies to list messages directed? Poster is *strongly* recommended for most mailing lists. X Poster - This list - Explicit address (c) _ Shown above is the default, recommended setting of (1 No, 2 Poster). It leaves the sender's Reply-To headers (if any) unaltered during mail transfer. Instead of this, the Liberationtech mailing list is configured as follows: (b) Where are replies to list messages directed? Poster is *strongly* recommended for most mailing lists. - Poster X This list - Explicit address (c) _ With this setting, whenever a subscriber Q sends a message to the list, the software adds a Reply-To header pointing to L, which is the address of the list itself. The message is then passed on to the subscribers. The meaning of the added Reply-To header is, Q asks that you reply to her at L. [3] Note that this is false information; Q does not ask that. EXAMPLE OF DANGER Matt Mackall has suggested that, here of all places, people might get hurt as a consequence of this configuration [4]. I agree. Here's a brief example of how people might get hurt: 1. Subscriber P is in a vulnerable situation. P is distacted by the situation and is not getting a lot of sleep. 2. P asks the mailing list for advice on the situation, because that's the purpose of the list. 3. Subscriber Q replies with helpful information. The mailing list adds a Reply-To header to Q's message that points to address L. Again, the mis-information is, Q asks that you reply to her at L. [3] 4. P replies with private information, including (as Matt puts it) a potentially life-endangering datum. Tired and distracted, P replies by hitting the standard Reply button. In the mail client, this means reply to Q. The reply goes instead to L, which is the public mailing list. Oh my god! What have I done! 5. People get hurt. Isn't this a danger? POSSIBLE EXPLOIT THAT INCREASES THE DANGER Suppose that P is actually a police operative in an authoritarian state, or a criminal operative in a failed state. He only pretends to be a vulnerable activist (say). His real aim is to hurt the activists and other opponents; damage the university's reputation; close down the mailing list; make democracy look foolish [5]; and finally make some money in the bargain [6]. The likelihood of his success is roughly proportional to the amount of harm suffered by the activists and other innocent people. If such an exploit were even *perceived* to be feasible, then the mis-configuration of the mailing list would not only be exposing the public to a haphazard danger, but also providing the means and incentive to orchestrate and amplify that danger. Might not this exploit be perceived as feasible? INTERIM RECOMMENDATION While Stanford University is evaluating these safety concerns and has yet to make a decision, it should return the configuration to its default setting. The default setting is known to be safe. -- Michael Allan Toronto, +1 416-699-9528 http://zelea.com/ NOTES [1] https://mailman.stanford.edu/mailman/listinfo/liberationtech http://liberationtechnology.stanford.edu/ [2] The meaning of configuration variables (a,b,c) is defined
Re: [liberationtech] [Air-L] (advice sought) Public safety and configuration of list
I'm glad to see this being addressed, particularly in light of the use of targetted viruses sent specifically to activist mailing lists (which is, of course, a slightly different issue). In the past this mostly seems to be around Chinese/Tibetan issues, but it's probably useful to start thinking about mailing list security more broadly. On 23 April 2013 06:45, Michael Allan m...@zelea.com wrote: To the experts in Liberationtech, Air-L and Mailman lists, (cc General Counsel of Stanford University) Stanford University has configured the Liberationtech mailing list in a manner that is potentially unsafe. University staff are aware of the problem and are evalutating the situation, but have yet to take action. I'm a subscriber to the list, and I ask your advice. SITUATION The Liberationtech mailing list is run by Stanford University in connection with its Program on Liberation Technology. That program investigates the use of IT to defend human rights, improve governance, empower the poor, promote economic development, and pursue a variety of other social goods. [1] Experts on the list advise and inform on matters such as encrypting communications, protecting infrastructure from cyber attack, and protecting onself from personal danger. Often those seeking help are in vulnerable situations. They include aid workers, reporters and activists who live and work in environments where human rights are not well respected, or where the government is too weak to protect people from organized criminals, rival militias, and so forth. The list software is GNU Mailman. The administration interface includes the following configuration items: [2] (a) Should any existing Reply-To: header found in the original message be stripped? If so, this will be done regardless of whether an explict Reply-To: header is added by Mailman or not. X No - Yes (b) Where are replies to list messages directed? Poster is *strongly* recommended for most mailing lists. X Poster - This list - Explicit address (c) _ Shown above is the default, recommended setting of (1 No, 2 Poster). It leaves the sender's Reply-To headers (if any) unaltered during mail transfer. Instead of this, the Liberationtech mailing list is configured as follows: (b) Where are replies to list messages directed? Poster is *strongly* recommended for most mailing lists. - Poster X This list - Explicit address (c) _ With this setting, whenever a subscriber Q sends a message to the list, the software adds a Reply-To header pointing to L, which is the address of the list itself. The message is then passed on to the subscribers. The meaning of the added Reply-To header is, Q asks that you reply to her at L. [3] Note that this is false information; Q does not ask that. EXAMPLE OF DANGER Matt Mackall has suggested that, here of all places, people might get hurt as a consequence of this configuration [4]. I agree. Here's a brief example of how people might get hurt: 1. Subscriber P is in a vulnerable situation. P is distacted by the situation and is not getting a lot of sleep. 2. P asks the mailing list for advice on the situation, because that's the purpose of the list. 3. Subscriber Q replies with helpful information. The mailing list adds a Reply-To header to Q's message that points to address L. Again, the mis-information is, Q asks that you reply to her at L. [3] 4. P replies with private information, including (as Matt puts it) a potentially life-endangering datum. Tired and distracted, P replies by hitting the standard Reply button. In the mail client, this means reply to Q. The reply goes instead to L, which is the public mailing list. Oh my god! What have I done! 5. People get hurt. Isn't this a danger? POSSIBLE EXPLOIT THAT INCREASES THE DANGER Suppose that P is actually a police operative in an authoritarian state, or a criminal operative in a failed state. He only pretends to be a vulnerable activist (say). His real aim is to hurt the activists and other opponents; damage the university's reputation; close down the mailing list; make democracy look foolish [5]; and finally make some money in the bargain [6]. The likelihood of his success is roughly proportional to the amount of harm suffered by the activists and other innocent people. If such an exploit were even *perceived* to be feasible, then the mis-configuration of the mailing list would not only be exposing the public to a haphazard danger, but also providing the means and incentive to orchestrate and amplify that danger. Might not this exploit be perceived as
