Thursday, April 21, 2005

Krista names Jon of Boston Indymedia our "person of the month"

Krista names Jon of Boston's Indymedia as "person of the month." Why? Read "New privacy tool tolls the birth of cypherspace" and you'll find out why. From Jon's article:

Some recent cases:
* Sherman Austin[1], young west coast anarcho-activist given 1 year in federal prison and 3 years of extremely restrictive probation for third party content on his web server[2] over which he exercised no editorial control.
* FBI seizes IndyMedia servers in the UK[3] it's still not clear (to me at least) what they were looking for or how the FBI has any jurisdiction in the UK. [Editors note- it was never confirmed that this was carried out by the FBI, only that it was a US agency]
* FBI digs for IP addresses[4] at

[5]What's it to you?

First, what is an IP address[6] and why should you care about yours? IP addresses identify where computers can be found on line, and can easily be used to find the computer's physical location. In the internet as commonly understood both parties in a conversation need to know the other's IP address so they know where to send requests or responses.

Servers typically log the IP addresses of people who connect and what information they have requested. Someone with access to a servers log files can see who has read what pages or uploaded submisions, when they did it, and where they came from.

What does this mean to you? Thats difficult to say at this point, and largely dependent on who you are and what you do. Clearly running servers that disseminate dissident opinion is a bit risky. I haven't seen much information on what's been done with the information taken from these servers, except in the Sherman Austin case, in which the person who was responsible for the allegedly illegal content was known and nothing was done. Perhaps the government's strategy is to strangle the information outlets rather than the authors. That way there are fewer necks to squeeze.

IndyMedia has a policy against recording IP addresses in log files, so your identity is safe right? Not quite, lack of logging doesn't really matter as much a one might hope. Agencies with coercive force, legal or otherwise, can see where you're browsing from by looking at your internet service provider (ISP)[7], the website's ISP or possibly from breaking into the webserver and covertly monitoring traffic. This means that sites that don't log IP's do prevent retroactive searches, but do nothing to avoid covert realtime monitoring.

What about websites who track your web browsing patterns through the ads on pages all over the web? Each of those adds calls home every time it's loaded telling what page the ad was on and the IP address of the computer requesting that page -- your computer. Those with the slightest inclination toward conspiracy can imagine many more sinister possibilities than targeted marketing.

Krista: Jon has suggestions that I found interesting and I'm so glad that someone is seriously addressing the issue of privacy. Most importantly, I'm glad to know that Indymedia doesn't record ISP addresses.

The e-mail address for this site is

And we'll return to Jon's article either tomorrow night or Saturday.