[liberationtech] Secure, inexpensive hosting of activist sites

Alfredo Lopez alfredo at mayfirst.org
Mon Apr 22 13:21:49 PDT 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/22/2013 03:08 PM, Jacob Appelbaum wrote:
> micah:
>> Eugen Leitl <eugen at leitl.org> writes:
>> 
>>> On Sun, Apr 21, 2013 at 03:07:35PM +0200, ilf wrote:
>>> 
>>>> I can't believe this bullshit thread recommending *only* 
>>>> commercial services.
>>> 

This is a complicated issue and we at May First/People Link (as is the
case with Micah of Rise-Up) know that first-hand. In fact, since we
partner with Rise-Up on many activities the lessons we learn are
frequently shared.

The main lesson here isn't who is full-proof. Nobody is. It's who will
fight the longest and hardest and in fullest collaboration with you.
In short, who is (dare I say it?) a comrade. :-)

Just as background: as a membership organization (I mean
really...members vote and everything), we all pay dues, no one pays
for services and our entire organization commits itself to preserving
the integrity and activity of all member websites and email accounts.
Period. We're challenged all the time in that arena and we take them
on legally and politically and technologically.

But the issue is "how you fight that fight and win it" and that
depends on your definition of "win". The biggest threat to our
members' sites isn't cyber-attacks and denial of service (which we
successfully fight off all the time) but legal attacks like Copyright
violation complaints which, in the United States, are almost
impossible to fight off, The complainant will, a day or two after you
tell it to get lost, go to your upstream provider and none of those
outfits is principled enough to take a stand for free speech when
threatened with costly legal action. Upstream connection goes,
hundreds of members lose their websites and email. This is serious
business.

So you're looking, in the U.S. anyway, for a service provider that
will move things around, weave and duck technologically, to keep you
on-line as long as possible until having to take you off. You're
searching for people who will spend as long as necessary to keep you
on-line when you're under DOS attack. And you're looking for a
provider which will, when pushed, make a fuss publicly and make an
issue of it when possible. Because you're looking for a provider that
wants to build a movement with you and denial of your right to
expression is an issue upon which we can continue building our movements.

I think those three are the criteria.

The Internet is a field of struggle -- it's not the plumbing in a
movement's house. Yes, you want efficient service. No, you can't pay a
lot of money. But you also want a provider that will treat this issue
as denial of a right and who is ready to organize around it and you
want to support that provider's continuous existence. No provider of
this type will deny a politically important website a home because of
lack of money; they will always work something out with you. There are
providers like that in most parts of the world; I think we all should
be seeking them out and working with them. :-)

Abrazos,

Alfredo


>>> Look, free is distinctly unaffordable. If you need a dedicated
>>> box somebody has got to pay for the hosting and remote hands.
>>> Activists donating own resources are quite nice and cool (heck,
>>> been there, done that) but ultimatively you can't rely on them
>>> to be there if the shit hits it.
>> 
>> Can't rely on them to be there for what exactly?
> 
> To be fair - some activist communities just aren't holding the
> five nines that other companies hold up as marketing material. ;-)
> 
>> 
>> Where is the liberatory technological element to recommending 
>> commercial services when they are more than happy when the "shit
>> hits it" to bend over backwards for law enforcement without
>> bothering even questioning if the request is even legal because
>> that would cut into their profits?  I have to say I agree with
>> ilf, this is pretty depressing for this list.
> 
> I thought about the sheer number of people trying to compromise
> some of my most public systems. The trade-off was one where I
> stopped worrying as much about buggy software and traded it for a
> legal attacks; I did so knowing that if I were to lose, I would
> still *win* in that I would learn something and set an undeniable
> example and if I were to win outright, I'd have defended my or
> access to such systems successfully. Thus I actually selected
> Google, Twitter and other service providers to test a theory about
> how companies might act when pressed. Each company has law budgets
> that greatly exceed the amount of money I could ever hope to raise
> or spend on my own. After all is said and done - their brands rely
> on people believing that they're good and will fight for their
> users.
> 
> I actually told the FBI about this strategy during a Q&A in NYC -
> which if you haven't seen it is ... well, lets say, I wasn't the
> only one who thought it was funny:
> 
> https://www.youtube.com/watch?v=dTuxoLDnmJU
> 
> In short - there are companies that will go to court and even, if
> you're lucky, spend *millions* of dollars on defending you because
> it is their business model by proxy that they're defending. Not all
> companies will do this though. Boy oh boy, the companies that did
> attempt to protect my data versus the companies that didn't or
> didn't/don't have the ability to tell me is _very_ low. I'd guess
> it is around three known actors with likely over one hundred others
> at the bare minimum. That's just for active accounts, I might add.
> I believe there was a lot of data sitting around in logs and other
> places where I had not consented to the collection (AT&T) and
> naturally such collectors don't notify or ask for your consent in
> such a case...
> 
> So, lets say that the company goes to court for you. What will it
> matter practically?
> 
> Well, I think it depends on the technical *and* social architecture
> of the system as it is constructed, run and maintained.
> 
> The question that comes to mind about architecture is one that
> most people on this list generally dismiss out of hand. It happens
> for VPNs vs Tor, email hosting, chatting, web browsers, etc, etc.
> 
> We should consider that if the architecture of a system, even a
> mostly *technically* secure system, is optimized for surveillance
> to the company's benefit - it *will* almost certainly be forced to
> hand your data over when ordered. Simply because it *is able to do
> so* at all, we've learned that the law in the US is interpreted to
> suggest that such companies must and they must do so silently. And
> it seems to be the case that when the US has no legal recourse, it
> may use other methods for jurisdictions beyond their direct legal
> reach. It might happen through legal means, it might happen through
> general blackhattery, it might happen through kidnapping a family
> member - compliance is possible and there exists a case where
> compliance *will* happen. I have a friend who said that in the days
> following the seizure of my telephone by the US Government that his
> entire home network was compromised and that included his X-Box.
> That is a lot of 0day to burn and I think intelligence related
> folks are really in the golden era of their industry.
> 
> And when that happens, it won't matter if they had gone court for
> you in a practical sense - the data is in the hands of whoever
> wanted it. It may or may not be used in court - that is largely
> irrelevant as life is often made miserable by things outside of
> courts. As an example Replace legal threats with say, threats from
> the Zeta Cartel rather than threats from a US Court and we see how
> strongly these systems will stand up.
> 
> Absent an attacker, many systems are secure and so, what is the
> ultimate stopping block when such an attacker is present?
> 
> Not having the information, of course. Or having it in an
> encrypted format such that it is useless without the user
> consenting to decryption in some privacy preserving manner. We
> generally call this Privacy by Design and the idea is a loose one,
> sometimes poorly implemented. Generally it suggests a
> compartmentalized design of systems where the systems are
> compartmentalized with something more than a promise.
> 
> Most of the radical collectives realized this long long ago - there
> is little difference between an FBI agent who wants to *illegally*
> do something and one who wishes to challenge a group with no legal 
> resources and will thus lose. The same exists for attacks from
> other groups legal, illegal or perhaps even unknown. The end result
> of a successful attack is a loss in all cases, almost always. Even
> if they "promise" not to use the data. Cryptography may be used to
> ensure that short of a crypto key, a service won't have the ability
> to betray that promise and so the attacker won't ever be able to
> betray it either.
> 
> So what will be lost? With a proper design - little to nothing from
> the past but perhaps it gives an advantage moving forward.
> 
> As those radical collectives do not profit from surveillance and
> rather exist because of their users entirely, they try to secure
> themselves against the threats that companies otherwise leave as a
> matter of monetization. Some of them do better than others,
> obviously.
> 
> One thing should be clear: The architecture of a system limits the 
> autonomy of those who participate in running it.
> 
> So, shall we design systems that limit that autonomy to be in line
> with the expectation set for users and the promises to users about
> protecting privacy? I think so.
> 
> So what good are corporate services? They're sometimes good to use
> as hedge against more powerful adversaries and especially if you're
> trying to find the edges, such that we all better understand the
> entire set of choices!
> 
> So - where is the liberatory technological element you ask?
> 
> "Corporate Mutual-aid" - a guide for activists? Probably not! An 
> important set of hard learned lessons? Absolutely!
> 
>> 
>> How can anyone in good conscience recommend to activists
>> commercial services whose primary goal is to optimize for the
>> bottom line? You realize that when "the shit hits it" you can
>> rely on them to not waste any of their money fighting for you.
>> Not that it matters, because they are already deupitized data
>> collection points for the police, building into their
>> money-making schemes keeping as much logs as they possibily can
>> to maximize profits from various advertising and surveillance
>> efforts.
> 
> I generally agree. Though, I wonder. It depends entirely on the
> threat model, doesn't it?
> 
> For example - I would never suggest that some groups roll their
> own solutions if their best solution has the same weaknesses of a
> company and without any of the actual technical or legal support
> that is often needed.
> 
> Some activists don't care about Free Software, some don't care
> about surveillance, some don't care about wiretapping - as a
> result, I think they often it makes people less effective because
> *it still impacts* everyone.
> 
> It is hard to deal with a holistic framework that includes weird
> small seeming details like infrastructure.
> 
>> 
>> And really, Cloudflare? Comon. After their willingness to roll
>> over on the subpoena for Barret Brown and prentend that they were
>> the internet's saviors by making up that whole thing about how
>> they saved the internet from the biggest DDOS ever?
>> 
> 
> Yeah - they're an SSL MITM by design - it should give you some
> idea about what vulnerability they introduce into the mix. For a
> while there was an encrypted web chat service that MITM'ed their
> entire "secure" chat service with Cloudflare. Combine that with
> some other hilariously bad ciphertext only bugs and we have a
> passive break on their service in a worst case scenario. Such a
> setup is the opposite of defense in depth. Whoops.
> 
>> This is an amazing statement: "free is distinctly unaffordable"
>> -- what meaning of "free" are you using here?  There are other
>> things that I'd pay *more* money for if it meant the kind of free
>> that I'm thinking of was in play... But this is 'liberationtech',
>> right? Is the only thing you are concerned about is being
>> liberated from your money when doing tech things?
>> 
> 
> Oh man, I couldn't agree with you more.
> 
>> The cognitive dissonance here is deafening.
>> 
> 
> To paraphrase and bastardize jwz:
> 
> Free Services, like Free Software, are only Free if your time is
> worth nothing. Free "time" like free as in not in jail or dead or
> worse!
> 
> All the best, Jacob -- Too many emails? Unsubscribe, change to
> digest, or change password by emailing moderator at
> companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 


- -- 
Alfredo López

Co-Chair, Leadership Committee
May First/People Link
https://mayfirst.org

My Column on:
http://thiscantbehappening.net

My Blog
http://www.alfredolopez.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQIcBAEBAgAGBQJRdZvcAAoJEDWfIjs2VOOXemYP/3LYTOqUZUJM2bW80tiFvg1G
V6O/KatR79y00WkjR1fhv2RGJey19HiMrolAzlIrIGu5fbi3omUFSrtBx6Lso41T
nO8aA88gfkfXwuo5tpMV2VGt8vb5Ez79FiMM4EBzmax32sD+H1kghNlzoejwgvlY
3Xro+MLFQF+heZP98Yi760y2HGWNuOQ5DY/wsbSokFfr8Uy7ftvp5K+GPWHY0TA/
A9K7GpIBDRmzc/jF/89IsrRzNR0F3ZCz4gjAv/RJ2EN91YzQyRXf5SZKfkK6GzvU
ybjS7DtzwLOYXg4bHlpECfZxdRwd9ofltoZeYyLAgdu87+e6+JTWFa+YOAW8En6G
mo1mg4FEz5UZKMQ2knQGOdlMN0XSBiQS6pUjCTaF/Lqw7coVMVG4qczxhzcLFOlm
922BS8/6Pf/8TkKk+ysLt8miGDaHogpm3u/mzDSWmIXNUn8fJ/zlEPj4KJMNaZrF
mBFTygx2/XQQOxuDg33BYho+cWulP/pK8ynOoG7P9wDHJmpdy4fsZvcRmuRF2m3p
aed/2MTSci3LEC9KEUvdzE73MYxY1hr/eCdKfI4B6dlhA3PH8QDpMQ7mUfFbu0pG
Mb/tuxYQuJy3iifp+bhuya3LgQxQLEztHV+7lIEcmWVqtBGGZpPeeq5tVILUUj2w
Z12h8RoAKyTSk5jY6DEh
=9Pum
-----END PGP SIGNATURE-----

More information about the liberationtech mailing list