Documents relating to the seizure of Indymedia's servers at Rackspace's Heathrow premises have finally been unsealed by a Texas district court. Some information remains under seal, and the documents released by no means provide the full picture, but it is now clear that yes, it was the Italians, and no, there was no obvious legal basis for the seizure of the servers themselves. And as regards the British Government's apparent insouciance regarding the (faulty) operation of US court orders within British jurisdiction but without any British authorisation, well, that remains a puzzle.
[Rackspace] was compelled to produce a copy of the server owned
and operated by Rackspace containing the data as outlined above.
The compact disc provided herein is the true disc as provided
by said entity.
"Produce a copy of the server"? Does that mean the whole system? Rackspace has said they turned over complete hard drives. The data certainly wouldn't have fit all on one CD (we're talking gigs of data on the servers). If the FBI just wanted log files, why did they take complete hard drives (which would have been around 6 drives or so)? The FBI certainly had the opportunity to look at all data on the hard drives. Do you think they did that or restricted themselves to a couple logfile lines?;)
In Certification of the log files some US govt Attorney writes: "[I] certify that packaged herewith is a true and correct copy
of log files in relation to the creation and updating of the web
spaces corresponding to the following URLs during the period from
THIS PORTION OF THE DOCUMENT HAS BEEN REDACTED"
As the sysadmin of ahimsa (the seized servers), I'm wondering what he's certifying here. Our httpd.confs substituted "noip" for IP addresses in the logfiles. Like this:
If you have ssh access to any box outside the firewall, you create tunnel to it and then surf. This is true whether you are in china or wherever else...
Simply:
ssh -D 8080 [remote-host]
Now in your web browser, set:
SOCKS Host: Localhost
Port: 8080
So now all connections go Firefox->localhost:8080->[remote-host]->www
All access (e.g. apache logs) will show things coming from [remote-host]. The connection between your localbox and [remote-host] will be encrypted using ssh.
Yo! Erik Hollensbe & Doc Ruby:
Geez, you guys need to chill out. You're giving slashdot a bad name.;)
I haven't seen a thread degrade like that on indymedia...
Hollensbe wrote: But the group that follows indy media (as evidenced here), is insistent, far beyond the level of activism, to shove it down my throat.
That's like being hit by a slashdot troll and blaming the entire GNU/Linux community.
Rackspace made the following press release: In the present matter regarding Indymedia, Rackspace Managed Hosting, a U.S. based company with offices in London, is acting in compliance with a court order pursuant to a Mutual Legal Assistance Treaty (MLAT), which establishes procedures for countries to assist each other in investigations such as international terrorism, kidnapping and money laundering. Rackspace responded to a Commissioner's subpoena, duly issued under Title 28, United States Code, Section 1782 in an investigation that did not arise in the United States. Rackspace is acting as a good corporate citizen and is cooperating with international law enforcement authorities. The court prohibits Rackspace from commenting further on this matter.
Do you think Rackspace is making this up? The US was clearly involved, unless this is a total fabrication of Rackspace's, which I doubt.
Why would Rackspace want to unilaterally pull the plug, anyway?
DAldredge asked: What major stories has indymedia broken?
1. Go to any demonstration or social forum
2. Listen to what the folks there have to say
3. Read the corporate coverage of it. Check the national news, likely there will be nothing. Read your "local" (e.g. Gannett owned) newspaper and see what they say. Listen to the "local" TV (e.g. one of a few companies) coverage, if any. Listen to the "local" (e.g. Clear Channel) radio coverage, if any.
4. Go to your local Indymedia and see the coverage of the issues and what really happened at the demo.
5. Compare what you saw at the demo/social forum with what's in the corporate press.
This is one example, but is probably where Indymedia shows the most glaring difference between what really is happening and what you're supposed to hear.
On July 20th, 2001 Carlos Guiliani was shot and killed by Italian police forces during the G8 summit demonstrations in Genoa, Italy. I've always been into the news & politics so I was reading it on fucking cnn.com and they were saying "uh, some guy was shot, we dunno what happened". I mentioned it to a friend and he said, "dude, go to indymedia". Indymedia, of course, had like a dozen photos of exactly what happened. Had it not been for indymedia, the story probably would have disappeared.
At that time, I had never heard of the massive demonstrations that happened in Seattle in 1999. I had been reading the corporate press. How would I know? How would I know the issues that they were raising? If I kept reading the corporate news, I'd still be clueless as to what's going on in other parts of the word. The corporate press in other nations have their own $agenda too.
Indymedia certainly has it's share of junk, but I notice you're still reading slashdot.;)
Bull999999 asked: what O/S is Indymedia server running?
Indymedia runs for the most part on Linux, although there is some FreeBSD and OpenBSD scattered here and there. There is not a single windoz box hosting anything.
There are a variety of distros used, the main preference appears to be debian, but AHIMSA was running redhat.
Ok AC, you said: The FBI never seized the hard drives to begin with, but accompanied the British authorities on the raid to seize the drives
How do you know this? You don't. The various Brit cops that have been contacted have either said "no comment" or "we weren't there". We HAVE NO IDEA WHICH GOVERNMENT'S AGENTS WERE THERE. Oh, I'm sorry, I must be shouting this because I'm saying it over & over...
AC says: why was IndyMedia waiting for the return of the drives before restoring sites?
Um, have you been to http://www.indymedia.org lately? http://uk.indymedia.org or a whole ton of other sites that were hosted on AHIMSA but are up & running? They were back online very quickly. How fast would slashdot come back online if the gubmint stole their kit?
There were backups of most things, but not of everything. Each indy was responsible for their own backups & some were better at it or had more resources than others. Some sites had newer software that allowed for easier mirroring, for others it's way more messy.
daveschroeder, who the hell are you? You submitted this article and have been posting comments like mad yet you don't know jack about what's going on. You're just spreading massive disinformation.
You say "Any enforcement was done by the UK Metropolitan Police IN the UK".
How are you the privileged one that knows this? People have contacted the Met and have heard nothing. My lawyers know pratically nothing. Yet you know it was done by the Met?
Who is modding this stuff insightful? Geez, and people complain about crap on indymedia...
MODERATORS PLEASE MOD THIS DUDE DOWN FOR THE TROLL HE IS!
daveschroeder wrote: Why are you not asking questions of the Swiss and the Italian authorities?
What makes you think we're not? People are trying to figure this out.
daveschoeder wrote: You and I both know that the only reason the US was involved is because Rackspace is a US company.
I don't know that this is the only reason, and likely neither do you. In fact, what is your connection to this whole thing anyway?
daveschroeder wrote: Now I realize that's laughable to many on slashdot: believing the FBI when it says it's not an FBI operation.
I'm glad people realize believing the FBI is laughable. They and the rest of the cops have certainly earned it. I don't necessarily think this is a FBI operation though, but I sure as hell don't trust their word.
daveschroeder wrote: But the FBI proudly talks about its own investigations
Uh, you've got to be fucking kidding. Ya, I'm sure they talk proudly about some but they keep plenty in the dark. Hell, we still don't even know all the things that Hoover did over 25 years ago.
daveschroeder wrote: I didn't say the US had nothing to do with anything relating to this
But, daveschroeder wrote in an earlier comment: The bottom line here, for what it's worth, is that the US (or political agents within the US) had absolutely nothing to do with Indymedia's drives being seized, even though that's what 90% of the posters in the original article immediately assumed.
Anyway, I'm not going to continue showing your trollishness. I'm a bit busy.
I'll just add that the US certainly ain't standing up for Free Speech anymore. And their sense of justice is quite whacked since this is all done in the dark now.
Also, I'm not saying European govt's do no wrong. They're jacked too, especially that fascist running Italy.
I'd like to clarify a few misconceptions I see in some slashdot comments (imagine that!):
daveschroeder wrote in comments (he also submitted this story to slashdot): The bottom line here, for what it's worth, is that the US (or political agents within the US) had absolutely nothing to do with Indymedia's drives being seized, even though that's what 90% of the posters in the original article immediately assumed.
It is believed that it is the US State Department that had the drives (servers?) seized. You say the US had absolutely nothing to do with it? How about the Federal Order? Do you have info I don't have? Sounds very much like US agents are involved...
We do not know for certain whether it is related to Italy or Switzerland or somewhere else. It is a good guess, but still a guess. All we know is that it was a Federal Order from the U. S. of A.
ptitvert wrote in comments: Indymedia was publishing some pictures of swiss cops under cover with 1 name, addresses from both cops.
Really? Did you ever see the post? I never saw a single name or address of a cop. There was just a newswire submission (very similar to a slashdot comment, except that it's multimedia enabled). See my blog and trouble tickets with rackspace for more info about this issue.
Also, folks write things like: It could be a story they ran about the Swiss undercover police
Indymedia has feature articles and a newswire. Indymedia "ran a story about undercover cops" in the same way that CmdrTaco ran a story about your comments. Get it? FREE POSTING TO ANYONE WITH A FREAKING MODEM (npi).
Anyway, no one really knows what is going on, and that's the spooky part. I mean, the Feds just yanked the servers and never even contacted us once. And they still haven't. (Um, not that I'm inviting them over for coffee or anything...)
Look! They're just grabbing servers, no comments. This sucks folks, even if you loathe indymedia.
I know there is a lot of noise/spam/junk on indymedia, but there is on slashdot too... Since ANYONE can post, the posts are of greatly varying quality. But Indymedia has some of the best (if not the best) coverage from the street, especially at demonstrations. It does break news which is found no where else. It is extremely valuable for this alone.
Let's say there is a Swiss pharmaceutical company in Ohio that does something the Mexican cops don't like. Do the Swiss cops raid? The Mexicans? It seems we really have Team America: World Police.
The rockin' EFF has volunteered to represent me/indymedia pro bono. Very nice.:)
This will keep the format of the logs the same as the default, but instead of having an IP in the logs it will read "noip". The logs can still be processed by programs such as webalizer.
Squid ===== In squid.conf add:
client_netmask 0.0.0.0
pure-ftpd ========= When compiling, run./configure using --without-iplogging
Slashdot Mirror
Huh? Two servers hosting many political sites disappeared off the 'net and all the data happened to be in the FBI's hands. What a coincidence.
See: Commissioner's Subpoena page 27.
-Jeff
Microsoft Names Rackspace as Hosting Service Provider of the Year.
-Jeff
-Jeff
More: US court files reveal Italian link to Indymedia server grab
-Jeff
P.S. insouciance...
FWIW, the drives were using a DAC960 RAID controller. -Jeff (ahimsa* admin)
[Rackspace] was compelled to produce a copy of the server owned and operated by Rackspace containing the data as outlined above. The compact disc provided herein is the true disc as provided by said entity.
"Produce a copy of the server"? Does that mean the whole system? Rackspace has said they turned over complete hard drives. The data certainly wouldn't have fit all on one CD (we're talking gigs of data on the servers). If the FBI just wanted log files, why did they take complete hard drives (which would have been around 6 drives or so)? The FBI certainly had the opportunity to look at all data on the hard drives. Do you think they did that or restricted themselves to a couple logfile lines? ;)
-Jeff
"[I] certify that packaged herewith is a true and correct copy of log files in relation to the creation and updating of the web spaces corresponding to the following URLs during the period from THIS PORTION OF THE DOCUMENT HAS BEEN REDACTED"
As the sysadmin of ahimsa (the seized servers), I'm wondering what he's certifying here. Our httpd.confs substituted "noip" for IP addresses in the logfiles. Like this:
Also, finding the location of the logfiles on the servers would have been as simple as a `locate access_log`...
-Jeff
http://www.eff.org/Censorship/Indymedia/
And the EFF's press release
-Jeff
SOCKS Host: Localhost
Port: 8080
So now all connections go Firefox->localhost:8080->[remote-host]->www
All access (e.g. apache logs) will show things coming from [remote-host]. The connection between your localbox and [remote-host] will be encrypted using ssh.
-Jeff
Geez, you guys need to chill out. You're giving slashdot a bad name.
I haven't seen a thread degrade like that on indymedia...
Hollensbe wrote:
But the group that follows indy media (as evidenced here), is insistent, far beyond the level of activism, to shove it down my throat.
That's like being hit by a slashdot troll and blaming the entire GNU/Linux community.
-Jeff
So are websites now beholden to Free Speech standards set by Fascist Italian Judges?
-Jeff
P.S. Also when I say "Fascist" I don't mean like "GWB is a Fascist". I mean like real old-school Italian Fascism, which still exists.
In the present matter regarding Indymedia, Rackspace Managed Hosting, a U.S. based company with offices in London, is acting in compliance with a court order pursuant to a Mutual Legal Assistance Treaty (MLAT), which establishes procedures for countries to assist each other in investigations such as international terrorism, kidnapping and money laundering. Rackspace responded to a Commissioner's subpoena, duly issued under Title 28, United States Code, Section 1782 in an investigation that did not arise in the United States. Rackspace is acting as a good corporate citizen and is cooperating with international law enforcement authorities. The court prohibits Rackspace from commenting further on this matter.
Do you think Rackspace is making this up? The US was clearly involved, unless this is a total fabrication of Rackspace's, which I doubt.
Why would Rackspace want to unilaterally pull the plug, anyway?
-Jeff
and where did you see that photo? That's the point I'm making.
What major stories has indymedia broken?
1. Go to any demonstration or social forum
2. Listen to what the folks there have to say
3. Read the corporate coverage of it. Check the national news, likely there will be nothing. Read your "local" (e.g. Gannett owned) newspaper and see what they say. Listen to the "local" TV (e.g. one of a few companies) coverage, if any. Listen to the "local" (e.g. Clear Channel) radio coverage, if any.
4. Go to your local Indymedia and see the coverage of the issues and what really happened at the demo.
5. Compare what you saw at the demo/social forum with what's in the corporate press.
This is one example, but is probably where Indymedia shows the most glaring difference between what really is happening and what you're supposed to hear.
On July 20th, 2001 Carlos Guiliani was shot and killed by Italian police forces during the G8 summit demonstrations in Genoa, Italy. I've always been into the news & politics so I was reading it on fucking cnn.com and they were saying "uh, some guy was shot, we dunno what happened". I mentioned it to a friend and he said, "dude, go to indymedia". Indymedia, of course, had like a dozen photos of exactly what happened. Had it not been for indymedia, the story probably would have disappeared.
At that time, I had never heard of the massive demonstrations that happened in Seattle in 1999. I had been reading the corporate press. How would I know? How would I know the issues that they were raising? If I kept reading the corporate news, I'd still be clueless as to what's going on in other parts of the word. The corporate press in other nations have their own $agenda too.
Indymedia certainly has it's share of junk, but I notice you're still reading slashdot. ;)
-Jeff
what O/S is Indymedia server running?
Indymedia runs for the most part on Linux, although there is some FreeBSD and OpenBSD scattered here and there. There is not a single windoz box hosting anything.
There are a variety of distros used, the main preference appears to be debian, but AHIMSA was running redhat.
-Jeff
The FBI never seized the hard drives to begin with, but accompanied the British authorities on the raid to seize the drives
How do you know this? You don't. The various Brit cops that have been contacted have either said "no comment" or "we weren't there". We HAVE NO IDEA WHICH GOVERNMENT'S AGENTS WERE THERE. Oh, I'm sorry, I must be shouting this because I'm saying it over & over...
AC says:
why was IndyMedia waiting for the return of the drives before restoring sites?
Um, have you been to http://www.indymedia.org lately? http://uk.indymedia.org or a whole ton of other sites that were hosted on AHIMSA but are up & running? They were back online very quickly. How fast would slashdot come back online if the gubmint stole their kit?
There were backups of most things, but not of everything. Each indy was responsible for their own backups & some were better at it or had more resources than others. Some sites had newer software that allowed for easier mirroring, for others it's way more messy.
Sorry if I'm sounding a bit edgy here... :)
-Jeff
You say "Any enforcement was done by the UK Metropolitan Police IN the UK".
How are you the privileged one that knows this? People have contacted the Met and have heard nothing. My lawyers know pratically nothing. Yet you know it was done by the Met?
Who is modding this stuff insightful? Geez, and people complain about crap on indymedia...
MODERATORS PLEASE MOD THIS DUDE DOWN FOR THE TROLL HE IS!
-Jeff
daveschroeder wrote:
Why are you not asking questions of the Swiss and the Italian authorities?
What makes you think we're not? People are trying to figure this out.
daveschoeder wrote:
You and I both know that the only reason the US was involved is because Rackspace is a US company.
I don't know that this is the only reason, and likely neither do you. In fact, what is your connection to this whole thing anyway?
daveschroeder wrote:
Now I realize that's laughable to many on slashdot: believing the FBI when it says it's not an FBI operation.
I'm glad people realize believing the FBI is laughable. They and the rest of the cops have certainly earned it. I don't necessarily think this is a FBI operation though, but I sure as hell don't trust their word.
daveschroeder wrote:
But the FBI proudly talks about its own investigations
Uh, you've got to be fucking kidding. Ya, I'm sure they talk proudly about some but they keep plenty in the dark. Hell, we still don't even know all the things that Hoover did over 25 years ago.
daveschroeder wrote:
I didn't say the US had nothing to do with anything relating to this
But, daveschroeder wrote in an earlier comment:
The bottom line here, for what it's worth, is that the US (or political agents within the US) had absolutely nothing to do with Indymedia's drives being seized, even though that's what 90% of the posters in the original article immediately assumed.
Anyway, I'm not going to continue showing your trollishness. I'm a bit busy.
I'll just add that the US certainly ain't standing up for Free Speech anymore. And their sense of justice is quite whacked since this is all done in the dark now.
Also, I'm not saying European govt's do no wrong. They're jacked too, especially that fascist running Italy.
Enjoy the spectacle,
-Jeff
I'm the tech who had the contract with Rackspace. My blog has info about this, including copies of the rackspace trouble tickets:
http://jebba.blagblagblag.org
I'd like to clarify a few misconceptions I see in some slashdot comments (imagine that!):
daveschroeder wrote in comments (he also submitted this story to slashdot):
The bottom line here, for what it's worth, is that the US (or political agents within the US) had absolutely nothing to do with Indymedia's drives being seized, even though that's what 90% of the posters in the original article immediately assumed.
It is believed that it is the US State Department that had the drives (servers?) seized. You say the US had absolutely nothing to do with it? How about the Federal Order? Do you have info I don't have? Sounds very much like US agents are involved...
We do not know for certain whether it is related to Italy or Switzerland or somewhere else. It is a good guess, but still a guess. All we know is that it was a Federal Order from the U. S. of A.
ptitvert wrote in comments:
Indymedia was publishing some pictures of swiss cops under cover with 1 name, addresses from both cops.
Really? Did you ever see the post? I never saw a single name or address of a cop. There was just a newswire submission (very similar to a slashdot comment, except that it's multimedia enabled). See my blog and trouble tickets with rackspace for more info about this issue.
Also, folks write things like:
It could be a story they ran about the Swiss undercover police
Indymedia has feature articles and a newswire. Indymedia "ran a story about undercover cops" in the same way that CmdrTaco ran a story about your comments. Get it? FREE POSTING TO ANYONE WITH A FREAKING MODEM (npi).
Anyway, no one really knows what is going on, and that's the spooky part. I mean, the Feds just yanked the servers and never even contacted us once. And they still haven't. (Um, not that I'm inviting them over for coffee or anything...)
Look! They're just grabbing servers, no comments. This sucks folks, even if you loathe indymedia.
I know there is a lot of noise/spam/junk on indymedia, but there is on slashdot too... Since ANYONE can post, the posts are of greatly varying quality. But Indymedia has some of the best (if not the best) coverage from the street, especially at demonstrations. It does break news which is found no where else. It is extremely valuable for this alone.
Let's say there is a Swiss pharmaceutical company in Ohio that does something the Mexican cops don't like. Do the Swiss cops raid? The Mexicans? It seems we really have Team America: World Police.
The rockin' EFF has volunteered to represent me/indymedia pro bono. Very nice. :)
Have fun,
-Jeff
http://jebba.blagblagblag.org/
I am the tech who had the actual contract with rackspace.
-Jeff
Admins, here's a few tweaks you can make to your configs to protect the privacy of your users.
/var/log/httpd/access_log noip
./configure using --without-iplogging
Apache
======
In httpd.conf:
LogFormat "noip - - %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %T %V" noip
CustomLog
This will keep the format of the logs the same as the default, but instead of
having an IP in the logs it will read "noip". The logs can still be processed by
programs such as webalizer.
Squid
=====
In squid.conf add:
client_netmask 0.0.0.0
pure-ftpd
=========
When compiling, run