US Indymedia Global Indymedia Publish About us
Printed from Boston IMC : http://boston.indymedia.org/
Boston.Indymedia
IVAW Winter Soldier

Winter Soldier
Testimonies
Brad Presente

Other Local News

Spare Change News
Open Media Boston
Somerville Voices
Cradle of Liberty
The Sword and Shield

Local Radio Shows

WMBR 88.1 FM
What's Left
WEDS at 8:00 pm
Local Edition
FRI (alt) at 5:30 pm

WMFO 91.5 FM
Socialist Alternative
SUN 11:00 am

WZBC 90.3 FM
Sounds of Dissent
SAT at 11:00 am
Truth and Justice Radio
SUN at 6:00 am

Create account Log in
Comment on this article | View comments | Email this article | Printer-friendly version
News :: Media
Serious Question About Boston IMC Hosting
29 Dec 2005
I recently did a reverse DNS on several IMCs and Boston is rather unique.
How is it that you are hosted by MIT? One of your name servers in the MIT Artificial Intelligence Laboratory, a Laboratory funded in large part by the federal government. Even worse, one the former directors of that laboratory is now the president of a defense contractor working for the NSA (Lenat) and another is the CEO of a corporation that works for homeland security (Patrick Henry Winston of Ascent Technology).

OrgName: Massachusetts Institute of Technology
OrgID: MIT-2
Address: Room W92-190
Address: 77 Massachusetts Avenue
City: Cambridge
StateProv: MA
PostalCode: 02139-4307
Country: US

NetRange: 128.31.0.0 - 128.31.255.255
CIDR: 128.31.0.0/16
NetName: MIT-RES
NetHandle: NET-128-31-0-0-1
Parent: NET-128-0-0-0-0
NetType: Direct Assignment
NameServer: MINTAKA.LCS.MIT.EDU
NameServer: FEDEX.AI.MIT.EDU
NameServer: LAMPANG.LCS.MIT.EDU
NameServer: BEET-CHEX.AI.MIT.EDU
Comment:
RegDate: 1983-05-27
Updated: 2003-07-30

RTechHandle: ZM80-ARIN
RTechName: MIT Laboratory for Computer Science
RTechPhone: +1-617-253-8304
RTechEmail: crs (at) lcs.mit.edu

OrgTechHandle: JIS-ARIN
OrgTechName: Schiller, Jeffrey
OrgTechPhone: +1-617-253-8400
OrgTechEmail: jis (at) mit.edu

# ARIN WHOIS database, last updated 2005-12-28 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

This work is in the public domain
Add a quick comment
Title
Your name Your email

Comment

Text Format
Anti-spam Enter the following number into the box:
To add more detailed comments, or to upload files, see the full comment form.

Comments

Re: Serious Question About Boston IMC
29 Dec 2005
The first thing I ever heard about BIMC was that they were infiltrated. The authoriatrian tendencys of the volenters, the provacative and anomouys nature of the censorship raised additional concerns about the set up. I have also scene concerns get removed about them using stuf that collects IPs. It will be interesting to see how this gets explained but I predict they will all be out on there asses within the month.
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
What is a reverse DNS and how did you do it?
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
Reverse DNS gives you the IP address of a URL.

Here is a web based form for doing a DNS lookup:

http://www.zoneedit.com/lookup.html

If you type boston.indymedia.org into box 1 on the left and then press the button at 4 on the left, you get:

128.31.0.15

That is the IP address of Boston IMC.

Now, take that IP address and put it in box 1 on the right and press the button at 3 on the right. That will do a reverse IP lookup which will tell you where the IP is hosted.

After doing the above, scroll down in the browser and you will see the info on who hosts the website.
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
The information about our decision to migrate our website to the MIT server are also all included in our online archives. I'm not a techie, but I remember the decision process that we went through and what Jon has described above pretty much sums up our decision, from his side of the situation.

I've worked with Boston IndyMedia going on 4 years now and I can also attest that we aren't a front for any government agency, we certainly aren't paid for our work (much to my husband and our bank account's chagrin), and if we are infiltrated it's by people who walk the walk and talk the talk and all seem to be trying to make media.

A Boston IMCsta of old, now retired, once told me something along the lines of: Activists biggest problem is that they feel that their work is so important to themselves that they automatically assume that the MAN thinks that it's important too. If activists spent more time working on their actions and affecting change and less time worrying about infiltration, double-agents, police spying and other fear tactics of the system, they might just succeed in changing the world.

I think that a recent newswire article that detailed Federal spying on activist groups, including a bunch of American Friends Service Committee folks, really sums that up this sentiment. The AFSC folks that I have met do a really good job of outreach, education and advocacy for anti-war causes. I assume that they spend more of their time worrying about how to end wars and preaching peace than they spend worring about if their new volunteer is a Federal spy.

Another Boston IMCster, John Grebe, also has some good advice on this topic: Assume that you're infiltrated, and then get on with the work at hand.

Personally, I don't worry about if my fellow Boston IMC volunteer is an agent or not. I spend lots of time using the Editor interface to delete the SPAM advertising that appears on old newswire articles. I read through and bring questionable posts to the attention of other Editors. I work on the Video project or write a Newswire article when I have the time or enthusiasm for a particular news topic. I basically make media and try to facilitate others to do the same. I do alot of things on these various projects that do NOT include worrying about my fellow volunteers.

I'd say the same thing goes for the poster of this "article" or the folks that are reading these responses, too. Maybe the person who posted this newswire "article" would like to write a story about private vs. public server hosting and how the differences could potentially effect activist communities. Maybe the person who started this newswire "article" would do some reasearch into the UK IMC server siezures and how Boston IMC could be adversely (or not) affected if a similar situation were to occur with our MIT server host... Maybe if people like the person who started this newswire "article" spent more time making media and using our website the way we intend for it to be used - as a radical and progressive alternative news site - we'd actually start to affect change in the world.

Then again, maybe not. A girl can dream, tho...
My only concern is...
30 Dec 2005
My only concern is whether or not MIT or anyone's pet project at MIT can legally put a packet sniffer on the data-stream to your server. MIT is famous for pranks and such a "prank" by a rightwinger could obtain the IP addresses of Boston IMC posters and readers. The security issue is not one of warrants (we know the government breaks that law anyway), it is unofficial access by troublemakers and harassers that is of concern.
Packet Sniffers
30 Dec 2005
I'm not a lawyer, so I don't know legally. Since we have no particular arrangement I imagine "they" could legally snif traffic on their network.

The CSAIL network is distinct from the main MIT network and doesn't have a formal privacy policy, which I'd never considered before and perhaps we should make one. What ever it is must fall under the main campus wide policy which is:

----
11.1 Protection of Privacy
MIT Policies and Procedures

MIT is committed to protecting the personal privacy of members of the MIT community. Invasions of privacy can take many forms, often inadvertent or well-intentioned. The mutual trust and freedom of thought and expression essential to a university rest on a confidence that privacy will be respected and disclosures of personal information will be made with the informed consent of the individual. While the organizations collecting and having custody of information are immediately responsible for its protection, the ultimate protection comes from a community-wide awareness of the importance of privacy in our society and the many ways it can be eroded.
----

That's pretty vague, though it makes no exception to informed consent

From a social stand point the lab is full of fairly vocal privacy advocates and anysort of packet sniffing or traffic analysis without an explicit opt-in by the sniffee would set off a firestorm.

Some research projects have involved traffic analysis. They have always included endpoint anonymization schemes AND explicit opt-in by the systems and networks on which the traffic was gathered. Neither this machine nor the network it is now on has ever been a part of such things. As part of the job I'm paid for I'd hear about any such request and probably be involved in arranging the setup.

Monitoring through less official channels shall we say would require either sticking a hub in line with the server and pluggin another machine into that (which we'd notice because the connection speed would drop from 1000Mb full duplex to 100Mb simplex) or administrative access to the switches to mirror the traffic on our server port to an other port for monitoring. This second way would be the way to setup a serious survailence system and how a commercial provider could do the same. In this instance we have on small advantage (if you're willing to trust me that is) in that I get email reports whenever a switches configuration is changed on this network. The perhaps more sinister way would be to use ARP poisoning from another machine on the same layer 2 network, I hadn't considered that till you raised the question, but I've implemented monitoring on that subnet (could have used DIA on the cisco switches, but that would break some loadbalancing stuff the relies on ARP spoofing) so we should be at least warned as its happening.

So that's my sortof long way of saying I don't think it's any more likely to get snooped here than at a comercial facility, but I'll say it again if you're are really worried don't trust us, even doing everything right it just makes matching users to ips harder not impossible, check into anonymity soft ware like tor.eff.org, or search "anonymous web browsing" on google for other options. TOR is pretty good though it will slow you down see http://boston.indymedia.org/feature/display/35590/index.php for my fuller thoughts on that topic.

-jon
I think it is far more likely to get your privacy abused at a University than a private concern.
30 Dec 2005
Private hosting companies rely upon their reputation as hosts to only allow the government access it has a legal right to. Yes, some may violate this but they do so at a financial risk to themselves. MIT, on the other hand, does not rely upon hosting payings for survival and probably is not really concerned if someone intercepts "your" project.

S. Eppler is not concerned (according to her own assertions) about whether or not anyone at Boston IMC is an infiltrator.

However, some individuals have victimized in the past by what certainly appears to have been access to the IP addresses at Boston IMC. There are many kinds of dissidents and some may be targetted not so much for what they have to say, but for what they actually know and have had access to in the past. Some of us have had government security clearances in our past and do have knowledge that the US Government is worried about. Furthermore, those in that category are more of a threat to the US Government because they can speak authoritatively on some issues. Thus, harassment becomes a means to destroy their credibility so that others will not listen to what they have to say.

Thus, there are two distinct reasons for surveillance:

(1) Gathering information to be used for prosecution and/or counter intelligence.

(2) Gather information to be used for direct, intentional, and harmful harassment with the purpose of neutralizing someone who actually does have real knowledge the release of which (when believed) could harm the government substantially. One such person was harassed on this IMC for a period of years, and the government succeeded in silencing the information he had.

So, for some of us, this security issue is very important.
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
I really don't have a vested interest in it staying here, but it's convinient in many ways and free.

My simple position is that neither place is secure and hiding behind "legally entitled to" is like hiding behind a wet tissue in a thunder storm these days.

Particularly in case (2), that's black ops and beyond the law already. What senario do you envision that would work at a University and not at a commercial ISP? I have dealt with DoJ requests in the past for various sorts of malicious activity so I do have a sense for how certain things go down around here.

No matter where the site is hosted or by whom it's run there's a miriad of points where the governement can tap in.

If this is very important to you you need to take rather extreme measures to clean the data your computer sends and hide the path to your destination. Lets face it if I wanted to know what you were up to I'd be tapping your connection not the server (well maybe the server too).

We all need to determine what is reasonable paranoia for ourselves.

The paranoia I maintain at the site level is against the standard log retention and handover type request. I haven't gotten one for this server but have for others. basicly the way it works is you get a notice from the DoJ that requires you to preserve any logs or data within a certain time span and usually prevents you from notifying the "habitual users of the system" so they don't modify things, then within 90days you either get a request for the actual data or you can delete it and forget all about.

To this end we try to be quite sure nothing interesting is logged, and we keep backup s of the site in case of a hardware seziure which is much rarer but has happened to other indymedia sites. So I want to be able to hand the system over with a clear concience that there's nothing there they couldn't have seen on the web anyway.

That's how it is today, you can be more paranoid by using some anonymising service before you get here.

If there's a community consensus that this base line isn't enough then we need to come up with alternatives.
For me, the real issue is knowing before using.
30 Dec 2005
I will start to use an anonymizer on the site for now on.

I realize the issue of paying for a server vs. using an available one is important when no profit is involved and, therefore, no real income to support the project.
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
If you have privacy concerns I strongly urge you to do so here and everywhere else.

first because the internet is inherently insecure (as argued above) and second if you only anonymize traffic to one or two destination it becomes easier to track.

Just did my own DNS digging, it took a bit but there are other University hosted Indymedia sites. Santa Cruz is hosted at CMU for example...
Re: Serious Question About Boston IMC Hosting
30 Dec 2005
@, one of our editorial policies was designed specifically because of the situation you have described - the online harrassment that we've dubbed the "KOBE-DEVOY" harrassment. (Check #4 of our "hidden" posts criteria - http://boston.indymedia.org/mod/info/display/policy/index.php)

I'm pretty sure that our service did NOT provide any personal information to any of the parties involved about the individual "KOBE-DEVOY" posters, specifically because we were so frustrated with the situation of harrassment and counter-harrassment that we were seriously considering tracking IP's just to block those harrassing posts.

Perhaps you're speaking from personal experience @ - if you are, I'm pretty sure that the IMCsta/IMCster advice that I quoted earlier can work for you too. It truly is more restful and productive to ignore the fear mongering and get on with the real work at hand. Use your common sense, maybe take some more conservative measures and use an anonymizer, but really, get over the fear that this culture or that individuals try to instill in dissent and use that energy for making positive change in the world. I just don't feel like I can stress that enough!!! Cheers!