Slashdot Mirror
Rackspace, Indymedia, and the FBI
chill writes "Remember when Indymedia hard drives were seized as part of an international 'criminal terrorism investigation'? Rackspace pulled the whole hard drive and shut down a dozen websites, and the Slashdot community cried 'Say it ain't so!'
It ain't so.
The documents have been unsealed and CNet is reporting that Rackspace made a mistake. The government wanted only copies of logs, not entire hard drives. It seems the week of downtime wasn't really necessary. Oops!"
that's fanatical support alright!
for a police state!
Ah, if it's only a mistake than it's no problem.
After all, everybody makes mistakes from time to time...
I guess when the government asks someone to jump, no one bothers to ask how high. Some people just assume that jumping out the window is a correct response.
Rackspace, in their desire to stay on the good side of the law went far overboard in their zeal to help the police. This is a common theme in many cases.
The law specifically protects people from incriminating themselves and also from unreasonable search and seizure. It does not protect them from turning themselves into the authorities, nor does it protect them from others doing it for them.
You would like to think that companies would consult with their lawyers that could advise them on their legal rights and responsibilities before they took drastic, unnecessary steps like turning a lot of personal/private documentation over to the police.
Jesus saved me from my past. He can save you as well.
I wonder how believers of that tired incorrect cliché will tie that in with this.
Surely the FBI were liberating imprisoned information from it's overbearing masters?
If they just decided to copy the disks so they would have had limitted downtime. Downtime=How long it takes for dd take to make a bit by bit copy of the drive depends on the size, use multiple machines to do one drive per machine, so it goes as fast as possible.
That would have made them make the jump of the previous posts and still have limitted impact.
My wife's sketchblog Blob[p]: Gastrono-me
Otherwise nobody would have known the FBI was harvesting log files, or am I wrong about that? Hopefully all ISP's when faced with sneaky orders like this will do the same. Regardless, the damage has been done, the FBI has their log files.. it's really too bad about the victims of this witchhunt.
Never attribute to malice that which is adequately explained by stupidity.
(From TFA: "A Rackspace employee mistakenly used the word 'hardware' to describe the contents of a federal order,")
http://www.eff.org/Censorship/Indymedia/
And the EFF's press release
-Jeff
When it's a pattern of behavior, it's not a mistake, but an MO. Judging by the majority of responses, it works, as most are excusing what happened.
Talking about dropping the ball: (from the EFF site)
the logs that the government requested didn't exist, so Rackspace should never have given the government anything at all.
Just what is going on here exactly?
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
...Rackspace could be sued (successfully) for violations of the Data Protection Act as there was no lawful warrant for the data on the server (as it resides in the UK and the subpoena was server to rackspace in Texas).
Personally I hope rackspace get raked over the coals for this one to serve as an example to other ISP's that this kind of flagrant disregard for privacy and the laws of the land cannot go unpunished.
I am NaN
The reason for this is that it brings to light how aggressive the US government can be (or is assumed to be, arguably), in cens^H^H^H^H protecting the people from those 'dissenting terrorists.' [sarcasm]After all, if you're not with us, then you must be a terrorist. [/sarcasm] ... and this seems to include reporting on anything that is not approved by the Ministry of Truth.
The interesting thing to me is that this apparently has not happened with the /. servers, given some of the comments that some people make here (extreme on both sides of the fence).
"Teleporting Rodents with D-Cell Battery Displacement" theory -- IgnoramusMaximus (692000)
"[I] certify that packaged herewith is a true and correct copy of log files in relation to the creation and updating of the web spaces corresponding to the following URLs during the period from THIS PORTION OF THE DOCUMENT HAS BEEN REDACTED"
As the sysadmin of ahimsa (the seized servers), I'm wondering what he's certifying here. Our httpd.confs substituted "noip" for IP addresses in the logfiles. Like this:
Also, finding the location of the logfiles on the servers would have been as simple as a `locate access_log`...
-Jeff
Nice to see that some ISPs don't bend over at the first sight of a possible legal issue about one of their customers.
Oh wait, they did.
[Rackspace] was compelled to produce a copy of the server owned and operated by Rackspace containing the data as outlined above. The compact disc provided herein is the true disc as provided by said entity.
"Produce a copy of the server"? Does that mean the whole system? Rackspace has said they turned over complete hard drives. The data certainly wouldn't have fit all on one CD (we're talking gigs of data on the servers). If the FBI just wanted log files, why did they take complete hard drives (which would have been around 6 drives or so)? The FBI certainly had the opportunity to look at all data on the hard drives. Do you think they did that or restricted themselves to a couple logfile lines? ;)
-Jeff
Don't you send your posts from an anonymizing location via someone else's rootkitted system?
Absolutely. Nice box you have too :-)
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
Er, no. EV1 (aka Rackshack) bought a SCO license, but Google doesn't turn up anything about Rackspace. I think you've just gotten the names (Rackspace vs Rackshack) mixed up.
Unless you can see the part of the subpoena that they won't let you see, it is best to assume that you have been given no information at all.
From Secret Documents About Indymedia Server Disappearance Unsealed: "It cannot be determined from the unsealed documents whether or not the government informally pressured Rackspace to turn over the servers."
Certainly it seems that is what happened, that there was illegal activity on the part of the government. Otherwise you have to believe something like this:
U.S. government (Calmly): We just need some log files from you.
Rackspace: Oh wow!!! We will damage our reputation by giving you far more than you asked!!! Our customer's trust means nothing to us!
It is a better guess that someone at Rackspace was very, very scared because of being intimidated.
Most people in the U.S. don't want to know how corrupt their government has become. In this thread from yesterday, someone claims "Christianity has matured - it's a peaceful religion" when the U.S. government, a government of a Christian country, has killed more than 3,000,000 people since the end of the Second World War.
More: US court files reveal Italian link to Indymedia server grab
-Jeff
P.S. insouciance...
It states in the article that Rackspace tried to turn over just the log files but then had to send the entire hard drive to comply with FBI rules.
Do any of you work for an ISP? I used to. If the FBI asks for logs like that you seriously have 12 hours generally to comply or the ISP is fined heavily. If they ask for something specific, and you're slogging through 6TBs of data, you can't possibly find exactly what the FBI wants in less than 12 hours.
The EFF lawyer says it would be like turning over a whole warehouse of documents instead of just one document... Well, good luck finding that needle in a haystack in 12 hours or face a fine that will bankrupt your company.
Anything about why they wanted those log files? What did I miss?
It was for the Italians.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
No one ex[ects the Spanish Inquisition. Our main weapoms are are surprise, fear and almost fanatical devotion to support.
Faith: n. -- That human impulse that drives them to steal appliances when the power goes out
For you paranoid freaks outthere, sooner or later you need to come to the realizationthat the folks enforcign the law are just like you. They don't like their rights trampled either but they are just as prone to making mistakes.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
Indymedia has political content, typically from an anarchist/feminist/leftist/libertarian/green/anti- war
whatever viewpoint. This tends to piss off many governments (Italy, U.S., France, etc.) and corporations (e.g. Diebold, the manufacturers of the U.S.'s electronic voting machines using the DMCA against Indymedia; in the end Diebold was found guilty...).
The Italian government seems to particularily hate Indymedia. One parliamentarian, who happens to be the granddaughter of Mussolini (yes, that Mussolini), has called for Indymedia to be shut down.
In 2001, the Italian government raided an Indymedia center (legally) set up during the G8 meetings/protests there. They sent scores of people to the hospital, including putting people in comas. It was not nice. They beat the hell out of people, smashed cameras and computers. The Italian govt claimed they found molotov cockails and other weapons--the cops later admitted they planted the evidence. Just like fascists of "old".
Last year, around the time of the server seizure, the Italian government had an ISP shut down a server so they could steal the private key used for https encryption. They could then mount a man-in-the-middle attack reading all "encrypted" content, including webmail. The Italian govt got away with this attack for a year before it was discovered. The server was used by many indymedia and activist folks (the server was run by autistici--"the autistics" in italian).
So when some Indymedia sites disappear off the 'net and it's tracked back to the Italian government with FBI cooperation it's not too big of a surprise. I'm sure they are thrilled that rackspace is getting nailed for the whole thing.
-Jeff, ahimsa* admin (which hosts italy.indymedia.org, the targetted site)
"Rackspace, Indymedia, and the FBI" kind of sounds like a hip-hop group. I can't wait for their next album.
The problem, I think is that although for you the lynchpin of the argument is whether or not the government seized Indymedia's hard drives, that's not really the issue at stake. We're not outraged that the government borrowed Indymedia's hardware for a week, we're outraged that they, in cooperation with an independent server company, blatantly violated the reasonable expectation of privacy of a whole bunch of totally innocent people.
It's not really the hard drives that are the issue - the only thing on those drives that would interest the government in the first place was the logs...everything else is publicly available web content! What if the FBI had hacked into Indymedia to secretly monitor their logs, so that Indymedia never had a second of downtime and got to keep all their hardware. Would that undermine our argument about privacy and freedom of speech?
While it's good to find out what happened, and I'm willing to admit that we were wrong about the drives being taken, it really doesn't change the core problem here.
Service providers deal with a lot of shit from authorities. Even when I worked at a small mom & pop ISP with 5000 customers we'd have to respond to a search warrant on a monthly basis, and they just don't won't accept "the log files were deleted 5 months ago" for an answer. The owner had to show up in court many times and swear that yes, the systems do purge them periodically.
I can only imagine what Rackspace has had to deal with in the past, so when the FBI came by and said "terrorism" they must've shivered at the thought of answering why they can't find something. So they just make it the FBI's problem by handing over the whole disk.
Does this qualify as a chilling effect? The letter of the order said that Rackspace just had to produce specific files, but Rackspace was so afraid of the FBI (from past encounters, perhaps) that they went that far above and beyond?
The viewers of /. are becoming more and more conspiracy oriented each day.
:(
I've rolled my eyes so many times from misguided posts that I now have a headache.
To some people (a vocal minority, I realize), people can't make a mistake, the government is to blame for everything.
"Action without philosophy is a lethal weapon; philosophy without action is worthless."
You can be a customer of Rackspace for 2 years, miss the cancel deadline by less than 24 hours and they will tell you it's impossible to stop a credit card card charge 8 days later.
This is a funny twist, when I had a hard drive fail over there about 8 months ago, it took over 6 hours to get a new one swapped in.
They do give fanatical support to police though, and fanatical billing to customers.
No, they just happened to wind up with them. Do they still have copies? Where are they? What have they looked at?
Except they didn't. They asked for the logs; Indymedia violated the reasonable expectation of privacy by handing over much more than was requested. The targeted request for specific logs was not the issue IMO.
Indymedia violated privacy? Surely you mean rackspace here.
[content]
There were a few other things besides publicly available content on there. Some of my email, for one.
What if the FBI had hacked into Indymedia to secretly monitor their logs, so that Indymedia never had a second of downtime and got to keep all their hardware. Would that undermine our argument about privacy and freedom of speech?
BZZZT! Absurd slippery slope argument: -5 points. :-)
So you disqualify that based on "slippery slope"? But it's what the Italian government has done, and something tells me the US govt is probably more tech saavy. So were already at the bottom of the slippery slope you think will never happen. We know that the Italian government took the private key used by https of an activist server to monitor webmail using a man-in-the-middle attack. See:
Alternative Servers Attacked: "Not a Private Question: A Question of Privacy"
My point was that the foil-hat crowd soiled themselves when they saw the original story and were positive the FBI was a bunch of jackbooted thugs, etc; now that Indymedia has been identified as the reason for the excessive disclosure we shall hear nary a peep from /. [re: the behavior of the ISP]. That's all, really. Cheers!
The FBI isn't a bunch of jackbooted thugs? I guess you're right. In Guantanamo they were complaining that the military was being excessive. They're nice folks. Read their history and you'll see the great things they've done.
Again, you say "now that Indymedia has been identified as the reason for the excessive disclosure"--what the hell are you talking about? Do you mean rackspace again, or do you not know what's going on, or what? Indymedia didn't turn over anything. Indymedia wasn't asked either, FWIW.
-Jeff
Well, the fact that he was anti-authoritarian Jew that fit a certain type celebrated by some Jews was germane. The guy even had a pet parrot named after a Yiddish vulgarism, which he carried around the office. So yeah, he was very aware of his ethnicity, and quite in-your-face about it.
The comparison to Woody Allen, who had made fun of obstreperous Jews in the past was meant to evoke the type (Al Goldstein, Abbie Hoffman, Irv Rubin, etc.). When my boss rebelled against the authority figures, it was entirely habitual and natural to him, it would have taken great effort for him to comply entirely with their wishes. I genuinely wish more Americans were like this.
The fact that Rackspace rolled over like this and sent in the disks when the govt. just wnated logs makes me think they could use more backbone, which I why I brought up this guy. He never would have overcomplied like this, unless it was going to cost him big money.
http://www.thebricktestament.com/the_law/when_to_