hacktionlab tech tools for activists rev1

7/31/2019 HacktionLab Tech Tools for Activists Rev1

1/32

TECH TOOLS

ForActivistsPrivacy, anonymity and other stories...


2/32

An introduction to this bookletSanjay and Magnus want to travel to a counter-

mobilisation taking place around a summit in a largeEuropean city. Sanjay helps organise coaches to demosand sends inspiring emails to lots of people about usingany means necessary to defeat capitalism. Magnusdoesn't know about secure communications and fearsthat using email will get him into trouble, so only hearsabout the coach arrangements through personalmeetings with friends. When it is time to go to thesummit, the coach times are changed at the last minute.Magnus does not hear about them, so doesn't travel.Sanjay catches the coach, but is turned back at theborder as he's on a list of 'known domestic extremists'whose emails have been monitored.

Efective political organising has always requiredgood communication. Over the last two decades theinormation revolution has changed the way political

activists communicate to an extent that was previouslyunimaginable. Alongside the new opportunities this hascreated, there also remains the age-old problem o how toget inormation to your political allies while maintainingcondentiality.

One o the oldest security techniques is to use analias (or aliases) or your political persona. The idea isthat very ew people will know that your online nickname

and email address are linked to your real name andaddress. In this way, i your alias is somehowincriminated, it will not be easy to discover the identity othe person behind the alias. You do not want to keepchanging aliases, so you'll need email providers who willnot (or cannot) disclose your personal details i they arepressured by the police.

2


3/32

Communicating securely is everyone's business.Even i your activism is super-ufy, you can help makethe internet saer or everyone by adopting good security

practices. I only the people doing spiky things used thesepractices, they would attract attention just by doing so.Get into the habit o doing things securely beore youreally need to and you will be a thorn in the side o thesurveillance state.

Next consider what you really need to transmit. Anyinormation that could incriminate you or anyone else, orallow someone to undermine your intended action, should

only be shared with people who need to know. So unlikeplanning or an open day at the allotment, you probablywon't be CC-ing your local councillor about borrowingsome bolt-cutters and a bulk order o Maalox.

Having decided who you want to talk to and aboutwhat, you need to consider three things:

Synchronicity: do I want to send a message that

can be picked up later or chat in real time? Authenticity: how will the person receiving the

message know that it's genuinely rom me? Privacy: how can I stop the message rom being

read by anyone other than the person/people Iintend?

3


4/32

This table shows a selection opossible methods or secureelectronic communication and howwell they perorm.

Synchronous

Authent

icated

Priva

te

Mobile or landline phone * **

VoIP phone ***

Instant messaging using Of-The-Record

Skype-to-Skype call or chat

Email

Facebook chat

Crabgrass chat

Signed Email

Encrypted Email Signed, Encrypted Email

* A phone call can be authenticated i you recognise the voiceo the caller.** Phone calls can be intercepted.*** VoIP calls can be routed through secure networks

As you can see, there are a ew diferent approaches. Theaim o this short booklet is to provide a cursoryintroduction to the efective use o technology oractivism. It is not a step-by-step guide. It does not aim toexplore all the possible options or you, but rather setsout simple ideas about good practice and how activistsaround the world can use and are using these techniquesto advantage.

You might be wondering how to check the

4


5/32

authenticity o the sender o emails you receive, orperhaps you want to make sure that an email you sendcan only be read by who you desire. Then the chapter on

securing your email is a good place to start. I you'relooking to publish online, then we have two chapters onnews publishing and uploading media, although rst youmight want to consider making your web browsing moreanonymous as ever more legislation tries to restrict yourreedom to sur; then the chapter on anonymous internetbrowsing is worth reading. One o the rst principles ongetting organised online is whether you can trust and rely

on your chosen collaboration tool, social networking site,etc. Have a read o the organising online chapter to ndout more about the benets and pitalls. Finally, tocomplete your arsenal o tools to wise up your activism,we have advice on clearing your Google cache and how tohide stuf on your computer so it can't be ound.

We end with a some thoughts on the principles othe commons, ree culture and how the ree sotware

movements are helping to produce sotware that is openand or the benet o all.

5


6/32

Browsing the Internet AnonymouslyMaria and her anity group want to take action against a

weapons factory near her home. She uses her homecomputer to do some research, including reading all ofthe websites that describe the factory and downloadingsome satellite images. After careful preparation, they getto the factory and spray some messages on the walls,then leave without getting caught. Next day, Maria hasher door broken down by the police, who viciouslydemand that her house-mates tell them who uses whichcomputer. Six months later, her anity group are bringingfood parcels into prison for her.

When we visit a websiteon the Internet we leavea trail o inormationbehind us, both on ourown computer and onthe server(the remote

computer that hosts thewebsite): who we are,

what we are looking at,when we looked at it and what pages we visited beoreand ater the site we are currently looking at. When youvisit a website, you leave a record o what is called yourIP (Internet Protocol) address behind. This is unique toyou and it is linked to the home address that the

computer is being used at by your ISP (Internet ServiceProvider eg. BT or Virgin). The police or other agents canuse this inormation to nd out who has looked at whatsite and when. Your web browser is also likely to bedisclosing all sorts o inormation about itsel, and, byimplication, about you too, without you knowing it.

Using an internet cae or library may help.However, a lot o them require ID (library card, passport

or drivers licence) or may have CCTV.

6


7/32

Technical Approaches to using theInternet Anonymously

Here are a ew broad categories to think about andpointers to urther inormation.

Can the network you are using be linked to you? I

you use a public wi hotspot, or i you buy a pay-as-you-go 3G adapter with cash, and then creditit with top-up cards bought with cash (check orCCTV in the shop), there is less chance o leaving atrail o evidence that leads to you.

Your browser and operating system store a lot oinormation about you, probably without yourknowledge. For this reason we recommend usingFirefox on a GNU/Linux system, and ollowingthe instructions at http://tiny.booki.cc/?0ER8

You can use a public Proxy, an easy way to make itmore dicult to trace your Internet use.http://tiny.booki.cc/?proxy

You can hide some inormation about your networklocation using aproxy(a computer that etchesweb pages or you on your behal), or better still anetwork o proxies and routers like the TOR (TheOnion Router) project athttps://www.torproject.org/ - or a great (anddetailed) description o using TOR seehttp://tiny.booki.cc/?tor

Another option is to use a Linux live CD, whichallows you to run Linux straight of a CD (or USBstick) on any PC. All your activity is stored in thecomputer's memory, which as soon as it isrebooted leaves no trace behind. Check outhttp://puredyne.goto10.org as a great example.

Using a Virtual Private network may be a possibility

or you. VPN (virtual private network) and

tunneling are techniques that allow you to encrypt

7


8/32

the data connections between yoursel and anothercomputerhttp://tiny.booki.cc/?vpn

There are no methods o security that are 100%reliable and they do not always work with alloperating systems. It is a good thing to ask yourtechie riends about. There is a mailing list onaktivix where people may be able to help too:[email protected] However be awarethat it is open and publicly archived.

Organising OnlineJim is a union organiser and has formed a group onFacebook for his union that has attracted 5,000 members.The week before a large cross sector industrial action, heis shocked to nd that Facebook has terminated hisaccount and group. No explanation is given and he has noway to contact the thousands of people who had joinedthe group. His eorts have been wasted, the union's

action scuppered.

Ways people Organise Online

There are several ways that people use the Internet toorganise online. Some are listed below.

Social Networking Sites Instant Messaging and Twitter

Email and Email lists

Tools like Facebook, Google, Yahoo and many other SocialNetworking and email services have well documentedsecurity implications.

It is so common or the state to spy on people using theseservices that they have easy-to-use guidebooks to maketheir spying more ecient. Have a look at these leakeddocuments:

8


9/32

acebook: http://dtto.net/docs/acebook-manual.pd

yahoo: http://dtto.net/docs/yahoo-guide.pd myspace: http://dtto.net/docs/myspace-guide.pd

Secure Tools for Organising Online

I you are concerned about the implications o organisingonline and do not want to exclude people who are careulabout their privacy, then there are alternative you canuse.

CrabgrassCrabgrass is a Free Sotware web application run by anactivist tech collective called RiseUp who will protect yoursecurity and anonymity as, like you, they are all activistsworking or radical grassroots change. The site that theyprovide at we.riseup.net uses a piece o sotware calledCrabgrass, which is an activist equivalent o a socialnetworking site. It allows you to create groups, work

collaboratively on documents, be as private or as publicas you want to be (and even have a diferent private andpublic prole), control who can and cant be in the groupbased on whether you actually know them or not, andcommunicate securely by sending each other private orgroup messages.For more inormation on Crabgrass seehttp://tiny.booki.cc/?crabgrass

Instant Messaging and Twitter

Corporate Instant Messaging (IM) tools include MSNMessenger, Yahoo Messenger and Skype among others.

These are all insecure. Twitter sells inormation about itsusers to third parties, but there is an open source

alternative to it which lets you cross post to your Twitteraccount rom it as well, http://identi.ca . But it is not very

9


10/32

popular. You would be just as well to sign up to twitter andpost anonymously by using Anonymous Web Browsing(see the chapter "Browsing the Internet Anonymously").

As ar as IM goes, you can do live chat in a moresecure way by using Crabgrass chat. When you arelogged in to Crabgrass you can go to the Chat page(located on the main menu at the top). You can only chatwith people that are members o groups that you have

joined.

Internet Relay Chat (IRC) is a great old school wayo chatting. Users install an IRC client or connect via awebpage and it is possible to chat in an encrypted way. Alot o techies, ree culture and sotware enthusiasts andmedia activists use this technoloy. There is great help onsetting up IRC. http://tiny.booki.cc/?secureirc.

Email and Email lists

See the chapter "Securing your email" or documentationon sending Email securely.

As ar as Email lists go, some people simply maintain alist o contacts which you include in the to: or cc: eldwhen you send an email. Or you can use a dedicatedmailing list. These can handle large lists which you simplycant do reliably manually.

The mailing list server allows people to subscribe to

or unsubscribe rom the list and handles security andprivacy much better, so members o the list dontautomatically know the email addresses o all the othermembers. The list server sotware can also createautomatic archives which can be very useul.

Lists provided by activist tech collectives are onlyas good as their weakest point in other words, i just oneperson on your mailing list has an @googlemail.comaddress, you cant consider the list to be secure.

10


11/32

Consider the ollowing points when creating lists:

open or closed: can anyone subscribe or dosubscriptions need to be approved?

public or private: is the list to be advertised to theworld, or is it run on a need to know basis?

announce or discussion: is the list or receivinginormation only or or discussing something?

moderated or not: are posts to the list to bemoderated?

Collectives that provide mailing lists include Aktivix

(aktivix.org) and Riseup (riseup.net).

11


12/32

Securing your email

Arty got a new job and for a while continued to receive

the emails of his predecessor. Soon enough, an emailarrived that was addressed to the key organisers of ahigh-prole grass roots activist movement. As the

person who sent the mail had placed everyone's emailaddresses in the To eld, Arty now had a list of all the keyorganisers and a copy of the email. Neither the sendernor any of the recipients were aware of this; their trustwas breached.

Email has become one o the major orms ocommunication in the modern world, and because it isused so much by activists, there are a lot o email-relatedthings to think about.

In the simple example above: when writing to anumber o people use the BCC (blind carbon copy) eld tosend the email rather than To or CC elds. This ensuresthat no recipient knows who else has received the mail.

Unless you have the permission o everyone on the yourlist to share their address with the other people, use BCCkeep it secret. I you need the eatures o a mailing list,use one.

There are two key issues with a commercialwebmail provider (such as Google, Hotmail or Hushmail).

They log usage and hand over your

communications to the authorities on demand.

They reserve the right to terminate your accountas they see t, efectively terminating a digitalidentity that you may have invested a lot o timein.

So when using email or your activism, consider choosinga provider you can trust, such as Riseup, Aktivix or

Inventati.

12


13/32

Activist mail hosting

These services are run by ellow activists who understandthe need or privacy, anonymity and trust. You connect tothem using a web page that runs over an encryptedconnection. And unlike corporate providers, they will notgive your emails over to the police without a warrant anda legal ght. I that happens, they will make it public ithey can, so you (and the thousands o other activists onthe same server) will know about it.

The secure email providers mentioned above also

encrypt all messages sent between themselves, meaningthat an email rom an Aktivix user to a Riseup user isencrypted both as you compose it and when it travelsbetween Aktivix and Riseup having been sent. In case it isnot totally clear, those Gmail users on your mailing listare the weak link - consider putting some pressure onyour activist riends, because their sloppycommunications habits put you at risk.

Securing your own email

I you are concerned about privacy but not using asecure webmail service, or are communicating withsomeone who is not, or want an addition o level opersonal security, you will want to encrypt your mail.Encryption is the process o taking a plain text message

and converting into something that looks likegobbledygook, which at the other end can be decryptedand the original message restored.

The Free sotware tool o choice or this is calledGPG, the GNU Privacy Guard. Most people, even wellrounded techies, nd GPG tricky to get their heads round.Give yoursel time to look at this - and it may take some

time - but it is worth it.

GPG encryption uses pairs numbers we reer to as

13


14/32

key pairs. GPG will help you generate your key pair,comprised o a public key and a private one. You need togive your public key to anyone you wish to have

encrypted communication with.Your private key you will keep absolutely secret and

never ever reveal to anyone ever, as it is used to decryptemail sent to you. It is so very secret that it needsprotecting with apassphrase, which is basically a verylong password.

So could GPG have helped prevent the breach otrust mentioned above? GPG helps because by encryptingthe email using the recipients' public keys, the sender canbe assured that only the authorised recipients will be ableto read it (privacy). Also the recipient can be assured othe identity o the sender (authenticity).

More inormation about setting up and using GPGwith the popular Thunderbird email client can be ound atthese excellent articles

http://security.ngoinabox.org/thunderbird_mainhttp://www.reesotwaremagazine.com/articles/secure_email

14
http://security.ngoinabox.org/thunderbird_mainhttp://security.ngoinabox.org/thunderbird_main


15/32

Publishing your News

Gabby was part of an anity group doing animal rights

actions. After each night time adventure she would writea brief communiqu and post it to a blog on blogger.com.Since the site supported RSS syndication, this news waseasily pulled into an animal rights aggregation websiteand picked up by many other groups around the world.Gabby's blog was traced back to her and she served a 5

year prison sentence.

The internet has made it easy or everyone to

publish news. Anyone can set up a blog or start twittering.With the ease o publishing, the internet is awash withino which makes reaching your audience morechallenging. Making sure your content shows up in searchengines like Google has become a science called SearchEngine Optimisation (SEO). Using a blogging system or awell-known news site and tagging your content can helptoo.

Network internet services which let you share yournews oten keep a record o who is visiting and updatingyour news site. This causes security problems and legalproblems as well.

Posting anonymously

Blog sites like wordpress.com and blogger.com and social

networking sites like acebook keep a record o who usestheir site. They do this by collecting the IP addresses.

There are two solutions or posting your newsanonymously. You can use Tor to post anonymously onwebsites that log your IP addresses (see chapter"Organising Online") or you can post to websites that donot log your IP address.

15


16/32

Website and Blogs hosted on certainindependent servers

There a number o servers that let you host your websiteor blog anonymously, like http://noblogs.org. They do notkeep records o who is uploading what. In act, they areactively trying to resist attempts by governments toimpose laws on monitoring, as can be seen on the rontpage o the Aktivix website, http://aktivix.org/, and on thelast page o this booklet.

Indymedia and other secure sitesIndymedia volunteers coordinate the production andsharing o news content oten ignored by mainstreammedia. The global IMC network is based on openness andbroad participation: all sotware is opensource, most listsare publicly archived, everybody can sign up to the wiki,log-on in chatrooms, or publish various newswire as longas it does not breach the guidelines.

Tagging your content

Tagging your content makes it much easier to nd. I youuse tags, your news can then be classied, better indexedby search engines, and via RSS eeds the content it can

be pulled into other websites (aggregation).

RSS and aggregation

Syndication ofers some potential or postinganonymously. RSS eeds are an agreed standard to allowdiferent sites to pull in and republish content rom othersites. You could publish your news anonymously onIndymedia - which uses tagging, and an RSS eed - torepublish it onto your convenient (but insecure)wordpress.com site.

16


17/32

Uploading Media to the Internet

Nico made a short video of the London Naked Bike ride

and uploaded it to YouTube. Because the title containedthe word 'naked' there were plenty of people looking at it.Within a couple of days the video had been removed fromYouTube without explanation, and correspondenceestablished that there was no appeal process.

This does not mean youshould not use YouTubeand other le sharing

sites. But there are otherree (as in reedom)hosting sites such asIndymedia, Politube,EngageMedia amongothers.

YouTube has vastpotential audiences but

that potential doesntnecessarily translate intoactual audience. There area lot o videos on YouTubethat are viewed by hardlyanyone. Oten it takesquite a bit o efort andnetworking to get people

to view your content. So you might be able to build anaudience in diferent ways which do not rely on a networkservice that could suspend your account at any time.

In any case, quality may be better than quantity.When producing any media you should always askyoursel who your audience is and create a strategy thatreects this.

17


18/32

Editing and Encoding video

The Message in a Box project included downloads andguides or tools to help you create, publish and play yourvideo. In addition, there is also a selection o video toolsavailable or advanced users.http://tiny.booki.cc/?videotools

Features of Video Uploading

There are diferent levels o independence and eaturesthat you may want rom a video sharing service.

Can you edit and remove your content completely?

What licence are you releasing your video under?

Can you view video in a streaming player, download ale and embed this player into other websites?

What ormats can users download your video le in?Do you want to support open ormats?

Does the platorm support RSS eeds that can be usedin podcasts?

Is it possible to post and view videos anonymously?

There are quite a ew corporate 'Web 2.0' services thatofer a lot o unctionality and provide a high degree ousability. However, none o the commercial services canbe relied upon to ofer anonymous posting and/orviewing.

Running your own Video sharing site

There are a number o Free/Libre/Open Source Sotware(FLOSS) web Content Management Systems (CMS) thatofer specialised video unctionality - such as Plumihttp://plumi.org/ and various video-specic Drupal and

Wordpress modules. There is a network o groups and

18


19/32

individuals called Transmission, who share knowledge

about video CMSs and would be happy to help on theiremail list. http://transmission.cc

Video sharing services

Indymedia.org.ukallows you to upload video lesanonymously but you do not get a streaming video playeror an RSS eed; however streaming video player and RSSeeds are being worked on in various indymedia sites inthe UK.

Archive.org contains thousands o digital movies rangingrom classic ull-length lms, to daily alternative newsbroadcasts. All these movies are available or download,oten in very high resolution, and are reely licensed. Youcan embed the video into other websites, but you ca notcreate an RSS podcast there. They support open ormatslike Ogg video. You cannot upload content anonymously.

The WITNESS Hub is an online video community orhuman rights where you can upload, watch and sharehuman rights-related videos, images and audio les in avariety o ormats. WITNESS also ofers training, supportand resources, plus RSS eeds and a large and growingarchive. It is available in English, French and Spanish. TheHub also has a toolkit section that eatures videoanimations about how to incorporate video into your

campaign work and best practice when lming anddistributing your video.

Other services: There are links to the above sites andgood overview o choosing a video platorm and preparingvideo or the internet on the Message in a Box toolkit.http://tiny.booki.cc/?videoplatorms.

19


20/32

Hiding Stu on your Computer

Noralee publishes an underground newsletter, "Knitting for

Anarchy!". One day one of the articles causes quite a stir,being implicated in provoking a series of assaults usingcrochet hooks against politicians. The police conscateNoralee's computer, nd out who wrote the piece andarrests the author. Noralee wishes that the police could nothave read her condential documents.

There are three basic solutions to hide les - physical hiding,encryption and misdirection. Physical hiding would mean

using a portable medium such a USB key and keeping it in asecure location, only to be brought out or editing. This haslimited scope - and it is a pain.

Encryption does not require any physical movement omedia. Encrypted data cannot be read directly and must gothrough some kind o unlocking in order to be useul. Thisallows only a select group o people or computer systems tobe given access to the data; only those with the key will be

let in.The third solution, which can be used in conjunction withthe others, relies on what stage-magicians call"misdirection." This means placing the material o interest ina place in a block device (hard disk, etc.), a lesystem, orwithin another le or container, where nobody would thinkto look; or i they did look there, would not be able to provethat it was really anything other than random inormation.

This last case is an example o plausible deniability.For Mac OS you can visit: http://tiny.booki.cc/?v9eT

Do not use the passworded olders system on MicrosotWindows, as it ofers you little real protection. Check thispage or Windows: http://tiny.booki.cc/?NtGz

The latest versions o Ubuntu ofer the user the chance toencrypt the home directory (where you put your les)

during the installation process.

20


21/32

Virtual memory

It is important to be aware o the act that on all modernoperating systems, such as Linux, Windows and OSX,there is a eature called virtual memory, which allowsprograms running on your computer to act is i they havemore physical memory (RAM) by making use o space onthe hard drive. Virtual memory comes into efect whenmore memory is required to run multiple applications (akaprograms) than the physical RAM chips the computer hasinstalled. On Windows the inormation in virtual memoryis stored a special le known as apagele. On Linux, OSX and BSD, it is stored in a special area o the hard drive,called a swap partition.

To prevent people rom reading the inormation that is letthere you must also encrypt thepagele or swap

partition.

A simplest solution to this is to encrypt your whole harddrive. Various Linux versions have this eature built into

their installers and there are plenty o help out there onthe internet on how to do this. I you're stuck with usingWindows, using TrueCrypt or encryption o your wholehard drive is probably the way to go.

Ater encrypting your hard drive and swappartition/pagele you can secure it too. Some FreeSotware systems, such as Ubuntu, allow you to create aspace on your computer were you can store les that canonly be accessed when a password is entered, when aparticular pen drive (USB stick) is present in the system,or any number o specic other criteria are met.

It is important to remember that, like when securing yourhome, no system is ool-proo. As new methods aredeveloped to secure doors, other methods are developedto break into them. The key issue is to be aware o the

risks, the ways available to protect yoursel rom thoserisks, and the trouble you are prepared to go into in order

21


22/32

to do that.

For example, i your computer/laptop has beencompromised with a key-stoke logger, it doesn't matter

how good your cryptography is i a third party knowseverything you type. Choosing an operating system, suchas Linux, BSD or OS X, that makes it harder or trojans toinect your computer, or one even one that has lesstrojans written or it in the rst place is a useul rst steptowards enhanced security.

How to get pages removed from

Google CacheA story on Indymedia reported part of a campaign againstthe deportation of an asylum seeker who was latergranted refugee status. The story's central gure has adistinctive name and did not want his immigration historyto remain public. Indymedia was contacted by his friendsfrom a local No Borders group who had supported his

campaign, saying that he wanted to put his past behindhim. All personal contact details had already beenremoved from the story and it was later hidden. However,one month later, Indymedia was asked why the story stillappeared when the subject googled his own name. Thesubject's friends had already been advised to get thecontent removed from Google cache but did not knowhow.

Google provides at least 3 diferent ways or cachecontent to be manipulated:

1. a process or webmasters, which requires avalidation process that might compromise theprivacy o the administrator

2. a process or data subjects (people about whominormation is stored)

3. a aster process or people who may become

victims o identity thet

22


23/32

These instructions relate to 2.

Before you begin

It only makes sense to ask Google to reresh their cache ia particular URL's content has been changed since thelast time it was crawled. So, make sure that the cachedversion o the page is diferent rom the directly accessedpage.

Google stores all kinds o inormation about people, so oryour own privacy you may want to:

perorm all o the ollowing through the tor network

create a disposable email account ensure your browser has no Google cookies stored

temporarily change your browsers user agentstring (e.g. in Fireox you can use the Tamper Dataor Switch User Agent add-ons)

Create a disposable Google account1. Start at

www.google.com/webmasters/tools/removals2. Using the link at the bottom right o the page,

create an account3. Follow the steps to create an account using your

disposable email address4.

Clear the stay signed in and enable web historytick-boxes5. Veriy your identity using the link sent to your

disposable email address

Fill in the forms

The verication link should take you back to the webpage

removal request page. I it doesnt you can initiate a newrequest: https://www.google.com/webmasters/tools/remov

23


24/32

als?action=create&hl=en

1. Choose the rst option in the list, Inormation orimage that appears in the Google search results.

2. Click next3. The second page allows you to speciy whether the

page has been modied or removed. Choose theormer i personal inormation has been deletedrom a page that still exists; choose the latter i thestory has been hidden (either unpublished ormeta-tagged noindex.)

4. Click next

Modied pages

I personal inormation has been removed rom a story,the next page requires that you enter the search termsthat would lead someone to nd that story. For example, isearching or myunusualname is how people would ndthe cached story thats had myunusualname (and/or

other personal inormation) removed rom it, you need tospeciy the URL o the story thats been modied (in theupper box) and the search term (myunusualname) in thelower box.

Removed pages

I a story has been hidden, the html output should

include a meta-tag to exclude it rom indices so all weneed to do is ask Google to honour that by rereshingtheir cache and index. For pages that are availalbe usingboth "https" and "http", it is best to make the request orboth URLs to be sure both caches are updated.

Finish

Logout and clear all Google cookies, orm data and savedpasswords rom your browser. Google claim that these

24


25/32

requests take 3-5 days to process, so do not expectinstant results.

Free as in FreedomJanet and Sammy are a pair of activists with a casualromantic involvement, who are doing communityorganizing around anti-racist issues. Janet installed a copyof Windows a few

years ago on hercomputer, and nolonger updates the

anti-virus software.Her computer ishacked and put outof action by for-prothackers using aBrazilian botnet thatsends short-dickspam to all the email

addresses on heraddress book. Beforeall this renders her unable to do any online politicalorganising, Sammy receives one of the spam emails andrecognises it as emanating from Janet's machine, andmistakenly believes that Janet is telling the whole worldtheir secret.

25


26/32

What is Free Software?

Computer programmers in the Free Sotware communityhave collectively spent millions upon millions o hours otheir ree time writing virus-ree, highly secure sotwarethat respects your privacy. You may have already seen orused some o this sotware: Fireox, OpenOce, andGNU/Linux operating systems such as Ubuntu are used byhundreds o millions o people worldwide.

Is Open Source sotware the same? The term 'Open

Source' was coined to make Free Sotware moreacceptable to the business community by avoidingreerring to the movement's oundations in the politics oreedom.

The Free Sotware we are talking about here is reeto run, you are positively encouraged to see how it worksand change it to your own needs and you are ree toredistribute it. All these rights are protected in the

sotware's license, most commonly the GPL (GeneralPublic License). I you change or improve ree sotwareand then re-distribute it, you must release your changesunder the same license in order that everyone else canbenet rom them. This beautiul way o licensing meansthat with each enhancement our pool o ree programsgrows in quality and eatures, and belongs to all o us orever in reedom. It also means that or every techie that

can x a bug in the corporate sotware world, there aretens i not hundreds in the ree sotware community.

Virus outbreaks in the context o GNU/Linux are sounheard o, and so quickly xed when they havehappened, that they have become the stuf o legend. Ingeneral GNU/Linux is considered by programmers to bemore secure than Windows.

26


27/32

Ethics and Politics of Free Software

It is important to distinguish between sotware that is reein terms o cash and that which is designed with reedomin mind. Sotware might cost you nothing to downloadand use, but might still impinge upon your liberty.

Free Sotware is written by people who see sotwareas inherently political. They are coding or an ethicalpurpose, namely to ensure that people retain sel-managed control over their own inormationinrastructure. In contrast, large sotware corporations

are concerned primarily with prot and with locking youinto using their products.

Link to the our reedoms: http://tiny.booki.cc/?9he7Link to wikipedia: http://tiny.booki.cc/?cbQt

Free Network Services

Abstinence rom sotware services may be a naive and

losing strategy in both the short and long term. Instead,we can both work on decentralization as well as attemptto build services that respect users' autonomy:

"Going places I dont individually control restaurants, museums, retail stores, public parks enriches my life immeasurably. A denition offreedom where I couldnt leave my own housebecause it was the only space I had absolute control

over would not feel very free to me at all. At thesame time, I think there are some places I just dontwant to go my freedom and physical well-beingwouldnt be protected or respected there. "Similarly,I think that using network services makes mycomputing life fuller and more satisfying. Can wemake working on network services more like visitinga friends house than like being locked in a jail?"Time will tell whether we can craft a culture around

Free Network Services that is respectful of usersautonomy, such that we can use other computers

27


28/32

with some measure of condence."

Evan Prodromou, "RMS on Cloud Computing: Stupidity",

CC BY-SA, http://autonomo.us/2008/09/rms-on-cloud-computing-stupidity

Further Info

This short booklet was always going to have to strike adicult balance between the vast amount o inormationout there on the topic o online security, and the need to

make it accessible enough to be understood by humans.Whilst we have tried to condense and simpliy all o theinormation we could into this booklet, it is by no means acomprehensive or in depth guide. Instead we hope it willgive the reader an introduction to good practice oractivists whilst using the internet, and a desire to nd outmore. Here is a list o urther reading or those who wishto delve a little deeper. Whilst this list is by no meansexhaustive, it should help to point you in the rightdirection.

General How Tos

docs.indymedia.org

A vast wealth o knowledge accrued over 10 years oproviding a secure alternative to the mainstream media.Amongst the highlights on this site, you can nd out howyou can set up your own local Indymedia centre, as wellas there being documents available on many aspects orunning secure websites/groups/communications network.https://docs.indymedia.org/

28


29/32

wiki.aktivix.org

Aktivix is a UK based radical tech collective and their wikicontains articles on many aspects o internet securityalong with practical advice on a range o subjects and aspace or groups documentation.https://en.wiki.aktivix.org

ossmanuals.net

FLOSS Manuals is a collection o manuals about ree andopen source sotware together with the tools used to

create them and the community that uses those tools.There are manuals that explain how to install and use arange o ree and open source sotwares, about how to dothings (like design) with open source sotware, andmanuals about ree culture services that use or supportree sotware and ormats.http://en.ossmanuals.net

tacticaltech.org

Tactical Tech is an international NGO helping human rightsadvocates use inormation, communications and digitaltechnologies to maximise the impact o their advocacywork.

http://tacticaltech.org

howtoforge.com

HowtoForge provides user-riendly Linux tutorials aboutalmost every topic.

http://howtoorge.com

29


30/32

Alternatives to corporate providers:

news:

http://www.indymedia.org.uk/http://www.schnews.org.ukhttp://www.theregister.co.uk/(Alternative to: BBC news, The Guardian, CNN)

email:

https://mail.riseup.net/https://en.wiki.aktivix.org/Activix:EmailAndLists(Alternative to: hotmail, gmail, yahoo, hushmail

etc) wiki, forum, chat, and much more:

https://we.riseup.net/(Alternative to: Facebook, Myspace, Bebo etc)

blogs:

http://blogsport.eu/http://noblogs.org/

(Alternative to: Wordpress, Blogspot etc)Note: whilst not strictly blogs, many o the newbreed o Indymedia sites such aslondon.indymedia.org and northern-indymedia.orgnow implement a groups eature that means allmembers o a collective can publish contenttogether and can have their own microsite in thetime it takes to create an account.

search engines:

http://scroogle.org/(Alternative to Google that doesnt log yourpersonal details)

30


31/32

The author: HacktionLab

HacktionLab is a regular convergence space where

activists interested and/or working in the areas oalternative media, renewable energy, on-line videodistribution, ree sotware or any other orm o activismthat utilises technology, can get together and plan how tobetter harness the technology (or not) to support grassroots social movements.

Visit our web site at http://hacktivista.net to nd out moreabout events and gatherings run by HacktionLab,including our summer rural gathering, BarnCamp, whichtakes place in June in the Wye Valley.

HacktionLab is sel-unded and the printing o this book

was paid or by contributions rom members. I you havea copy o this book in your hands and you nd it useul,we would welcome a donation rom you. We suggest onepound per booklet.

You can nd out about way to donate to HacktionLab byvisiting http://hacktivista.net/donate

31


32/32

Statement on Data Retention 2008

We want to stop Data Retention o the type that is being

imposed on us by the E.U. Directive 2006/24/EC becauseit is a preemptive surveillance o communicationstructures:

Imagine the postal services kept a record o everyonewho sent a mail to you. When. Who. How. Where. This isexactly what is happening now with your email, yourphone calls and other electronic communications.

We as providers are orced to store YOUR communicationmetadata. This is orcing us to work as outsourced policeorces. We do not want this. We will pour as much sandinto this machine o suspicion as we possibly can. And weencourage everyone else to do the same! Do not supportthis attack on privacy!

We will continue to ght against Data Retention in anyway possible and we will support each other in our

diferent eforts to ght it.Signed:

aktivix.orgall2all.bealterezo.beblacksec.orgblogxpopuli.orgboum.orgcassiopea.orgcrackedwillow.netdomainepublic.netefraie.orgespace4you.orgree.deglobenet.org

hacklab.dkherbesolles.orgimmerda.chkoumbit.orglautre.netlineeed.orgmanitu.demarsupi.mine.numoviments.netmutins.netnadir.orgno-log.orgnodo50.org

open-web.rpoivron.orgpuscii.nlrezo.netriseup.netsamizdat.netsindominio.netso36.netsquat.netsystemausall.orgsystemli.orgtachanka.orgtoile-libre.org

hacktionlab tech tools for activists rev1

Documents