SF Bay Area Indymedia indymedia
About Contact Subscribe Calendar Publish Print Donate

California | Santa Cruz Indymedia | U.S. | Indymedia | Police State and Prisons

General Internet Security and Posts About Illegal Activities
by SF Bay Area IMC collective
Tuesday May 12th, 2009 1:10 PM

General Internet Security

While anonymous posting may seem anonymous, it is very easy for the federal government to monitor web traffic even when it is said to be secure by your web browser. Posting from free public computers is one way to remain anonymous, but many of those facilities can be easily monitored and the facilities themselves face serious risks if threats or other illegal posts are traced back to them. On August 27th, 2008, the Long Haul Infoshop in Berkeley had all of its computers and those of several other organizations confiscated by University of California police due to an allegedly threatening email authorities claimed originated in the building. In February 2009, the FBI revealed that internet records of visitors to the U.C. Santa Cruz website led to seizure of video surveillance recordings and business records from a Kinko's which authorities claim supports their case against the AETA4.

Posting of Threats and Other Illegal Activities

Indybay strives to provide an open forum for the exchange of ideas, including radical and unpopular ideas. However, Indybay is not a forum for posting threats or other messages that are specifically illegal. For instance, a new California law recently went into effect that prohibits the publishing of animal researchers' personal addresses. And despite the fact that Indybay does not keep IP logs or similar user records, the posting of illegal messages can subject Indybay to potential harassment or other intrusions by law enforcement and may threaten the safety and security of the community of people who use the site. Posts that place Indybay in legal jeopardy will be assumed to be the work of provocateurs or reckless individuals and may be removed if/when they can be identified as such.

Additionally, Indybay contributors should consider wider legal ramifications before posting photos or accounts of people engaged in illegal activities. It may be possible for the authorities to identify individuals depicted in photos, videos, and reports posted to the website, either through the posts themselves or by cross-referencing with other sources. It is also possible that authorities may seek to confiscate original recordings from those who post to Indybay and to use this material in prosecutions.

These warnings are not intended to discourage postings which document the results of illegal actions after the fact or of police engaged in illegal actions, such as brutality and murder.

Be Smart

Indybay implores contributors to consider the potentially serious consequences of their actions and to refrain from posting notices which jeopardize Indybay, the communities that Indybay serves, or themselves.

For additional readings on internet security, please see: http://www.torproject.org/overview.html.en and http://www.indymedia.org.uk/en/static/security.html.


Comments  (Hide Comments)

by Specify?
Tuesday May 12th, 2009 4:18 PM
Indybay eds,

Is this in response to something specific that was posted recently or in the past? I am one of those doing support work for the AETA4. Is this post in response to FBI/Police harrassment that could possibly be relevant to the AETA4 case (since you mention the case in passing). If so, let us know here and we will provide you with our email address, or those of attorneys if appropriate.

Stay safe.

Thanks,
AETA4 Support Team
by .-
Tuesday May 12th, 2009 4:52 PM
Here is additional reading about the absolute security level of tor... for any activity (the average user of Tor might not be seeking to post about vandalism online, but rather to access pornography, or might be a military member or student trying to hide their IP address). They assess that many tor nodes could easily be 'honeypots' run by security agencies or private individuals who are interested in knowing who wishes to use Tor and what sites they want to visit. At the same time, Tor is decentralized and many people have set up nodes. Likewise, the staffing time for monitoring everyone's activity (like in east germany) would be enormous the government probably doesn't have time to read your email.

http://www.civiblog.org/blog/_archives/2007/11/15/3355919.html
http://arstechnica.com/tech-policy/news/2007/09/tor-node-operator-after-run-in-with-police-i-cant-do-this-any-more.ars

Also, yes - it's important not to abuse indybay. While they have anonymous wire postings, there are other places where this could be done.
by editor
Tuesday May 12th, 2009 5:04 PM
Things come up from time to time that have been posted to the site that might endanger site users or even Indybay itself, potentially placing unintended folks in legal jeopardy of different sorts. Josh Wolf first posted his video of the 2005 anti-G8 demo to the site and not long after that he received a subpoena for the full video, so the post here is intended more as a general warning for people to think things through in that what they view online, record in the streets, and post at Indybay might have ramifications beyond what they first considered.

But, no, this is not a reaction to anything that the AETA4 Support Team has posted.
by Frisk
Tuesday May 12th, 2009 9:08 PM
I'm guessing this has more to do with the recent pics posted of the Union Square raid.
by hmmm
Tuesday May 12th, 2009 11:42 PM
i suspect this is a culmination of smaller issues that are more annoyance than anything, but also a service of saying to be smart.
by Agent Smith
Wednesday May 13th, 2009 2:22 AM
Everywhere you go, if your phone is on (it DOES NOT MATTER if your phone does not have GPS!), you are leaving a digital record of your position every 10-30 seconds with the telcos who keep these records for multiple years and are more than happy to share that data quietly with any jackass with a badge.

You can even be tracked right now by your phone number, on the web from a laptop inside a cop's car. Dont believe me? Here's the company that offers the service http://www.trueposition.com/web/guest/homepage

And dont think turning off your phone is good enough, many phones simply go into a sleep mode when the power is "off" but stay on the network. Pop the cover and remove the battery. Or keep an empty Altoids tin that will fit your phone, to block the signal.

And dont just turn it off when you've got something to hide. Hello, telegraphing? Turn your phone off often when you travel, and leave it off to provide some inexplicable cover time.

The "realists" were wrong; you ARE being watched. Incidentally, you can thank Bill Clinton for the federal legislation "to save lives" that brought you this nationwide tracking system.
by 2007 monitoring
Wednesday May 20th, 2009 11:51 PM
RT writes, "Myspace, blogs, and online networks are like a dream for police investigators. Where they used to have to go out and interview people, check records, walk the street, now they merely have to go online. Investigation from the convenience of their offices.

I took part in a demonstration and was arrested. Afterward, the police contacted my employer to suggest that they check up on me. I got a copy of the police report yesterday and was surprised to find that the police had gone beyond just the basic facts of my arrest.

They had tracked down the website for my band, followed a link to our myspace page, and from there tracked down my personal myspace page. In my profile I had some pretty cheeky anti-authoritarian hyperbole and that was quoted in the report. "Subject says in his myspace profile that he is 'looking for someone to turn over and burn police cars with,'" a dumb comment that had been part of my online profile for many years. There was a print out of my entire myspace profile, band website, etc. All of this info had been passed on to my employer."
by Direct Action Insurgent
Friday Jun 5th, 2009 12:41 PM
I will present here the maximum security scenario for postings where you go to prison if the pigs find out who put it up. It goes without saying that this sort of post goes to a site willing to receive and republish it like the ALF or ELF press office.

This can be scaled down for lower security applications, e.g. using Tor and PGP form home to frustrate email surveillance of activist groups, or normal-security wardriving to administer a website that might bring AETA charges.

*************************

OK, you need to post that ALF press release, those videos of masked warriors having a smashfest or that long list of UCLA vivisector's home addresses, car tags, routes to work, etc. You must assume that everything thatr can be recorded by enemies will be.

Don't use a home computer, as your ISP might log IP's or sniff packets. Don't rely on Tor without encryption or a honeypot could read the contents. Don't rely on encryption without Tor or an ISP could connect source, destination, and time.

Ultimate security for something at the ALF/ELF level might work like this:

1: set up a Linux laptop, using a live disk or live disk image on USB for the session. Be sure to disable any use of swap space from the hard drive unless that is encrypted. If the computer is captured but has been turned off, everything is gone-it was on RAM only.

2: buy a wireless card or USB device to use ONCE ONLY, as wireless devices might be traceable. Remember $40 for a wireless card is much cheaper than $500 for a lawyer. Destroy it when finished. Get a high gain antenna so you can get out of sight-keep this as it cannot be traced.

3: Go wardriving: Find an unsecured wireless connection where you can ge out of security camera range of the connection but close enough to connect with that good antenna. This connection should belong to someone who you don't mind getting a visit from law enforcement, maybe your target's competition?

4: Find a bush, etc that blocks visual line of sight to the target but lets wireless signals pass, and take cover behind it. Crowds are good cover too, and if you are not known to anyone the cover this provides gets much better. A parking lot full of cars, not watched by obvious cameras, with a fake/obscured tag on the car, is another possible scenario.

5. Boot from the live disk or live disk image on USB and connect. Once connected, DO NOT check email or do anything else with your name on it or that can be connected with who you are. If the website you are posting to has PGP, use it! This will prevent your wardriven connection (which could be a honeypot) from sniffing the traffic and calling the pigs. Use Tor, too if this is really hot-that will delay anyone monitoring, say, the ELF Press Office ISP for all incoming messages. Tor and PGP can delay cops long enough for people around you to forget you face-probably for weeks.

6: Finish up, immediately disconnect, wait a few minutes(so your getting up doesn't correlelate with the signal cutoff), then leave the area. Trash the wireless card at least 1/2 mile from the connection and wipe your prints off it prior to disposal.

DON'T BE INTIMIDATED-BE PREPARED!