[Lowdown] FBI Server Seizure - FAQ for May First/People Link Members

Mallory Knodel mallory at mayfirst.org
Thu Apr 26 10:07:18 EDT 2012


Dear MFPL members,

Below is a FAQ guide, meant as a follow-up from last week's press release and organizational statement regarding the FBI server seizure. The most up-to-date text is available here:
https://support.mayfirst.org/wiki/response-from-mfpl-members-server-seizure

Still need more information?  Send us your questions and concerns:info at mayfirst.org

*****

We've prepared this page to answer questions that our fellow MFPL members may have about this incident, how it affects MFPL members, what to expect and how to protect oneself if similar incidents occur in the future.

*What happened?*

On Wednesday, April 11, MFPL was first visited by the FBI. We immediately communicated with our members about this incident[0].

One week later on April 18, at approximately 16:00 Eastern Time, the situation was escalated beyond our expectations. U.S. Federal authorities removed a server from a colocation facility shared by Riseup Networks and May First/People Link in New York City. Read more from our official press release here[1].

Finally, MFPL issued its own statement[2], communicating our commitment to return service to the seized server, continuing to protect our members' data, and fighting for the right to anonymous communication online.

*Which MFPL members have been affected by the seizure?*

The server containing the anonymous remailer service is managed by the European Counter Network (ECN) and hosted by Riseup, who is a MFPL partner. The seized server contained no MFPL member data. We have reviewed the other MFPL and Riseup servers located in the same facility as the ECN server and have found no evidence that any other servers were compromised in this incident.

Although no MFPL members have been directly affected by the seizure, hundreds of other people and organizations were. Disrupted in this seizure were academics, artists, historians, feminist groups, gay rights groups, community centers, documentation and software archives and free speech groups. The server included the mailing list "cyber rights" (the oldest discussion list in Italy to discuss this topic), a Mexican migrant solidarity group, and other groups working to support indigenous groups and workers in Latin America, the Caribbean and Africa. In total, over 300 email accounts, between 50-80 email lists, and several other websites have been taken off the Internet by this action.

*What's a remailer?*

Anonymous remailers work by connecting to other anonymous remailers in a chain, and every one in that chain removes the mail header information making it impossible to find the real sender.  The Tor project maintains a list[3] of typical users of this and other anonymity systems, and the  Mixmaster home page[4].

From:https://help.riseup.net/en/seizure-2012-april

*Can I expect my service to be interrupted by future seizures?*

Unfortunately, there's no way for us to predict whether or not the federal government will obtain additional warrants to access, tamper with, or seize additional servers. According to the news, the bomb threats continue to arrive at University of Pittsburgh after the seizure of the ECN server.

Organizations in the broader network of internet and human rights defenders are circulating our press release and statements of support to ensure that pressure is put on the US government to stop threatening us and preserve internet rights in accordance with the  Internet Rights Charter[5].

One such statement is  here[6].

*What do I do if I think my email, website, or other service has been interrupted?*

We understand that the recent server seizure is enough to put any user of our services on alert! But the steps we recommend for reporting a problem or regaining access to your services remains the same:

  1. Don't panic.
  2. Check the service advisory page[7]. Any expected, routine, or other interruptions will be reported here.
  3. Open a support ticket[8]. We receive immediate notice of any new support requests. In all cases, you can expect a response from us right away.

*How do I backup my MFPL data to protect myself from data loss?*

MFPL already backs up the web pages, email, databases, and other data that you store on our servers, but that doesn't mean you shouldn't also prepare your own backups!

We use a three-prong approach to backup MFPL member data:

  * All servers have redundant disks. If one disk fails, the server continues un-interrupted.
  * We backup all servers nightly to an onsite backup server that keeps 5 days worth of data.
  * We also backup all servers nightly to an off site backup server that overwrite the previous days backup every night.

However, there are good reasons for MFPL members to create their own additional backups:

  * Our backups are designed primarily for disaster recover (the entire machine goes down). We cannot provide file recovery for accidental deletions or other mistakes.
  * No backup is fool proof. It's always a good idea for triple or quadruple redundancy.
  * Only system administrators can restore data from a backup.

See the full FAQ pages on this subject: Does May First/People Link backup my data?[9] and How can I backup my own data?[10]

*What sections of our contract with the server co-location center were exercised in the server seizure?*

The Highwinds contract (formerly Bandcon) contract has only one section that refers to cooperating with the law and that is section 5.2 Compliance with Law and AUP, which specifically references the Acceptable Use Policy (AUP), which can be changed at any time by Highwinds. The AUP has three relevant sections to the actions taken by the FBI, specifically sections  f. Cooperation with Law Enforcement and section j. Email.[11]

*As a MFPL member, if a server I'm on is seized, will I have data loss?*

As a political organization protection of data is a key part of our mission, knowing that many of our members are active in different social movements we know that the potential exists for the authorities of the state to attempt to seize such data. As we have seen in the last year alone the many different states have or have attempted to seize data from different organizations (i.e. wikileaks, Bradley Manning, Megaupload to name a few). Since our membership is central to the organization we have contingency plans in place for data loss (as mentioned above), but we are human and cannot guarantee 100% that all data loss is fully recoverable, but as a political organization we will do the best of our abilities to restore any data loss relating to the servers.

[0]https://lists.mayfirst.org/pipermail/lowdown/2012-April/000106.html
[1]https://mayfirst.org/fbi-seizes-server-attack-anonymous-speech
[2]https://mayfirst.org/fbi-attacks-anonymous-speech
[3]https://www.torproject.org/about/torusers.html.en
[4]http://mixmaster.sourceforge.net/
[5]http://www.apc.org/en/node/5677/
[6]http://www.apc.org/en/news/apc-statement-progressive-internet-rights-organisa
[7]http://mayfirst.org/aggregator/sources/1
[8]https://support.mayfirst.org/newticket
[9]https://support.mayfirst.org/wiki/data_backup
[10]https://support.mayfirst.org/wiki/member-backup
[11]http://tlb.hwcdn.net/z6j5q8y3/cds/pdf/Highwinds.Network.CDN.Acceptable.Use.Policy.pdf

-- 
Mallory Knodel

May First/People Link Leadership
...Growing Networks to Build a Just World...

mayfirst.org
malloryknodel.net/blog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/lowdown/attachments/20120426/7602a858/attachment.htm>


More information about the Lowdown mailing list