this post was submitted on 25 Jul 2023
1079 points (97.2% liked)

Technology

59187 readers
3192 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Synopsis: The article discusses the FBI's seizure of the Mastodon server and emphasizes the need for privacy protection in decentralized platforms like the Fediverse. It calls for hosts to implement basic security measures, adopt policies to protect users, and notify them of law enforcement actions. Users are encouraged to evaluate server precautions and voice concerns. Developers should prioritize end-to-end encryption for direct messages. Overall, the Fediverse community must prioritize user privacy and security to create a safer environment for all.

Summary:

Introduction

  • We are in an exciting time for users wanting to regain control from major platforms like Twitter and Facebook.
  • However, decentralized platforms like the Fediverse and Bluesky must be mindful of user privacy challenges and risks.
  • Last May, the Mastodon server Kolektiva.social was compromised when the FBI seized all electronics, including a backup of the instance database, during an unrelated raid on one of the server's admins.
  • This incident serves as a reminder to protect user privacy on decentralized platforms.

A Fediverse Wake-up Call

  • The story of equipment seizure echoes past digital rights cases like Steve Jackson Games v. Secret Service, emphasizing the need for more focused seizures.
  • Law enforcement must improve its approach to seizing equipment and should only do so when relevant to an investigation.
  • Decentralized web hosts need to have their users' backs and protect their privacy.

Why Protecting the Fediverse Matters

  • The Fediverse serves marginalized communities targeted by law enforcement, making user privacy protection crucial.
  • The FBI's seizure of Kolektiva's database compromised personal information, posts, and interactions from thousands of users, affecting other instances as well.
  • Users' data collected by the government can be used for unrelated investigations, highlighting the importance of strong privacy measures.

What is a decentralized server host to do?

  • Basic security practices, such as firewalls and limited user access, should be implemented for servers exposed to the internet.
  • Limit data collection and storage to what is necessary and stay informed about security threats in the platform's code.
  • Adopt policies and practices to protect users, including transparency reports about law enforcement attempts and notification to users about any access to their information.

What can users do?

  • Evaluate a server's precautions before joining the Fediverse and raise privacy concerns with admins and users on the instance.
  • Encourage servers to include privacy commitments in their terms of service to resist law enforcement demands.
  • Users have the freedom to move to another instance if they are dissatisfied with the privacy measures.

What can developers do?

  • Implement end-to-end encryption of direct messages to protect sensitive content.
  • The Kolektiva raid highlights the need for all decentralized content hosts to prioritize privacy and follow EFF's recommendations.

Conclusion

  • Decentralized platforms offer opportunities for user control, but user privacy protection is vital.
  • Hosts, users, and developers must work together to build a more secure and privacy-focused Fediverse.
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 190 points 1 year ago (4 children)

Original post: https://kolektiva.social/@admin/110637031574056150

Important context missing from the EFF article is that the Mastodon instance wasn't the target of the raid according to the admins.

In mid-May 2023, the home of one of Kolektiva.social's admins was raided, and all their electronics were seized by the FBI. The raid was part of an investigation into a local protest. Kolektiva was neither a subject nor target of this investigation. Today, that admin was charged in relation to their alleged participation in this protest.

[–] PaulDevonUK 46 points 1 year ago

Thank you.

Actual context paints a whole different picture compared to the clickbait post.

load more comments (2 replies)
[–] [email protected] 120 points 1 year ago (6 children)

I actually have a question about this - can’t anyone already see the posts and users’ data? Even a simple user account/script can query most stuff, like posts and comments, and you can indirectly query less easily available things like upvotes by compromising any connected server

[–] radix 68 points 1 year ago (1 children)

Disclaimer: I've never run a Mastodon or similar server, so the software may have more privacy built in, but potentially the issue would be account setup information that could be associated with public posts. Email addresses, IP address logs, etc. Those would be critical in matching public "anonymous" speech with real-world identifiable information.

[–] [email protected] 50 points 1 year ago (5 children)

The article also mentions that DM's were available to the admin.

However it should be assumed that DM's on lemmy or others are not secure in the first place. If you want secure chat, move to Matrix.

load more comments (5 replies)
[–] Eldritch 12 points 1 year ago

Or simply running their own server.

load more comments (4 replies)
[–] EatMyDick 65 points 1 year ago (30 children)

I have been laughed at and down voted every single fucking time I point out how woefully unprepared every fucking instance is.

The free model is flawed and will be unsuccessful every fucking time there is any signs popular server. And users aren't going to tolerate moving fucking servers every month.

You think cloudflare is going to keep on protecting lemmy.world each week on their free/professional their? Enterprise starts at 20k a year before traffic, good luck raising that kind of yearly money on a hobby server.

And then there is GDPR and CCPA all of which are ignored and clearly not being enforced just waiting for a lawsuit.

Oh and I do I need to explain to you people the child porn reporting mechanisms that need to be in place?

The only way if this bullshit is successful it's if someone starts a no profit e.g Mozilla foundation and acts like a functioning adult running a business vs a 16 year old tinkering with Linux.

Bring on the down votes and compium.

[–] [email protected] 82 points 1 year ago

You bring up valid points, but you are being very antagonistic towards server admins in the process. I get that you're frustrated by being dismissed all the time

[–] [email protected] 60 points 1 year ago (2 children)

Yea, you could have served your points in a less agressiv mana

[–] [email protected] 19 points 1 year ago

Given their username, I don't believe that was a possibility.

load more comments (1 replies)
[–] [email protected] 26 points 1 year ago* (last edited 1 year ago) (1 children)

The history of piratebay proves that you can host a website (or instance in this case) and have it be incredibly resilient, out of reach for US/EU law enforcement as long as you have the knowledge and energy to do so. How many millions of hollywood-dollars have been spent on taking it down, vs how many days has it actually been down since it's creation?

[–] deafboy 12 points 1 year ago (1 children)

The history of piratebay also proves that you have to be ready to face the consequences, and run to Cambodia if needed. Not many operators would do that for their users.

load more comments (1 replies)
[–] GONADS125 25 points 1 year ago* (last edited 1 year ago) (1 children)

You have great points, I agree, and it's why I donate to support lemmy.world. I'm hoping that enough people will donate small funds that it will cumulatively enable the server admins to better protect the instance. Basically like Wikipedia's funding model.

Maybe it's not realistic, but I'm hoping that the fact that we all gave enough of a shit to start anew on lemmy, a decent percentage of the userbase may be more likely to donate than typically the case in online platforms.

I guess time will tell the future of lemmy and the main instances.

Edit: Here are the donation pages:

load more comments (1 replies)
[–] [email protected] 18 points 1 year ago (1 children)

Enterprise starts at 20k a year before traffic

My Mastodon server has just under 1.5k MAUs and has raised $4k so far this year. We've only been open for six months. This is not hard money to raise.

[–] UFO64 11 points 1 year ago

People are willing to contribute to well run services. Make the contributions manageable for users and they will happy chip in a few dollars here and there.

[–] [email protected] 11 points 1 year ago (4 children)

I like the idea of it, but you're right. It's not going to scale because at some point, somebody has to pay for it. And most users, myself included, seem unwilling to dip into our own pockets to satisfy our crippling addiction to cat pictures and world weary cynicism.

In the old days we had Usenet newsgroups, hosted by ISPs, just like most of them still do with email. It's the ideal place for hosting a fediverse, maybe not necessarily this one. They already scale their stuff with the number of users. We already pay them. And it decentralises power away from a handful of tech billionaires.

Would they do it? Who knows. They're certainly best placed for it, but would they want the unenviable job of identifying and blocking kiddy porn and cartel torture videos? I know I wouldn't want to be looking at that shit all day. The big networks obviously have a solution for that, but automated AI image recognition stuff only goes so far. At some point there's a poor minimum wage worker looking at it in a third world country.

load more comments (4 replies)
[–] [email protected] 11 points 1 year ago

Cloud flare's business is protecting small websites as well as large across the world from DDOS attacks. You don't think there's a tier somewhere between "free" and "enterprise 20k base"? DDOS mitigation techniques have gotten pretty advanced and are no longer the sole domain of large companies.

[–] nomadjoanne 11 points 1 year ago (3 children)

I think part of the problem is that laws in the developed world essentially make in extremely expensive to run one of these services if you have a lot of users per month.

Te heart of the issue is that at some point it becomes more useful for mega-corporations to have a cozy relationship with the government than with you. It used to be that if a service found that there was child porn on their service, the law simply required them to remove it and report it to the police. Very reasonable.

The thing is though, if that is all the compliance one needs to follow, then the creation of new firms and services is quite easy. Mega-corporations don't like this. They want to slow the creation of new services and firms because this slows the appearance of new competition. Hence they become pro-regulation, and, I'd argue, attempt to shift the entire culture towards paranoia and a demand for more regulation.

Perhaps the only defense is to stay small. Obviously don't allow any abusive or illegal content. But stay small so that you can skirt by without having to deal with compliance with the big-boy regulations.

load more comments (3 replies)
load more comments (22 replies)
[–] [email protected] 60 points 1 year ago (5 children)

Interesting no mention of encryption-at-rest (disk encryption), which is something I'd recommend for servers in general.

[–] [email protected] 13 points 1 year ago (4 children)

I'm curious, how would you do this in such a way that it wouldn't come at the expense of effecting your high availability?

If the server were on-prem or in the cloud... and the system crashed/rebooted, how would you decrypt (or add the passphrase) to the encrypted drive?... cause the likehood of the kernel crashing or a reboot after and update is higher than an FBI raid... and it would get tiresome to have the site being down, while we wait for Bob to wake up, log in, and type the passphrase to mount the encrypted hdd.

You could use something like HashiCorp Vault, but it isn't perfect either. If the server were rebooted, it could talk to Vault and request the passphrase (automatically) , but this also means that the FBI could also "plug in" the server (at their leisure) and have it re-request the passphrase. ... and if Vault were restarted there's quite a process to unseal (unlock) a vault - so, it would be as cumbersome as needing to type in the passphrase on reboot.

My point / question is: yes, encryption (conceptually) is easy, but if you look at "the whole life cycle / workflow" - it's much more complicated and you (as an administrator) might ask yourself "does this complexity improve anything or actually protect my users?"

load more comments (4 replies)
load more comments (4 replies)
[–] [email protected] 39 points 1 year ago (2 children)

because of kolektiva the FBI has my nudes saved on a hardrive somewhere 💀

[–] [email protected] 18 points 1 year ago

If you posted them on the Internet, the NSA already had them.

load more comments (1 replies)
[–] [email protected] 35 points 1 year ago (4 children)

Why the state seize mastodon/exit nodes/megaupload/private servers and NEVER amazon/apple/facebook/twitter/google servers? The law is different if you are a zuckemberg?

[–] MajorHavoc 38 points 1 year ago (1 children)

The reason we don't see seizure of those servers is that those services have established working relationships with law enforcement, so there's no need to physically seize the servers.

It's worth noting that while various CEOs claim not to cooperate with law enforcement, the Patriot Act created provisions for establishing that cooperation without CEO permission or awareness.

load more comments (1 replies)
load more comments (3 replies)
[–] livedeified 31 points 1 year ago (4 children)

great info! question: how can users, "Evaluate a server’s precautions before joining the Fediverse"? ELI5 please.

[–] [email protected] 13 points 1 year ago (1 children)

That's a great question. The EFF article gives answers that I find somewhat unsatisfactory (but may be possible solutions given what're there at the moment):

For users joining the fediverse, you should evaluate the about page for a given server, to see what precautions (if any) they outline. Once you’ve joined, you can take advantage of the smaller scale of community on the platform, and raise these issues directly with admin and other users on your instance. Insist that the obligations from Who has Your Back, including to notify you and to resist law enforcement demands where possible, be included in the instance information and terms of service. Making these commitments binding in the terms of service is not only a good idea, it can help the host fight back against overbroad law enforcement requests and can support later motions by defendants to exclude the evidence.

Another benefit of the fediverse, unlike the major lock-in platforms, is that if you don’t like their answer, you can easily find and move to a new instance. However, since most servers in this new decentralized social web are hosted by enthusiasts, users should approach these networks mindful of privacy and security concerns. This means not using these services for sensitive communications, being aware of the risks of social network mapping, and taking some additional precautions when necessary like using a VPN or Tor, and a temporary email address.

load more comments (1 replies)
[–] [email protected] 11 points 1 year ago (1 children)

Well, you could determine what jurisdiction the server is physically located in, to determine what law enforcement agencies will be targeting it. For example, a community focused on abortion rights is going to attract users who have had abortions. It would be a tremendously bad idea for such a community to be hosted in Texas, where law enforcement agencies would be directed to target it for harassment. California would be a better option, but that still leaves the server under the jurisdiction of US courts, who may direct the server owner to provide user data to Texas.

Pirates would want to avoid a physical presence in copyright-unfriendly jurisdictions. Potheads would want to avoid weed-hating jurisdictions.

Most "servers" now are virtual machines. Police don't seize VMs. Police seize the physical hardware running the VM. When they target a torrent seedbox VM running on the same physical server as a Lemmy VM instance, they have access to everything on the Lemmy site as well. It would be useful, from a risk assessment profile, to know what else is attracting attention.

load more comments (1 replies)
load more comments (2 replies)
[–] [email protected] 21 points 1 year ago* (last edited 1 year ago) (1 children)

I would love defederated identity management in the Fediverse that came with direct and encrypted DM capabilities too. I don't use DMs but there's no need for an admin or anyone else to see what's in them either.

[–] [email protected] 21 points 1 year ago (2 children)

OpenPGP still exists. I've been saying this forever

load more comments (2 replies)
[–] [email protected] 14 points 1 year ago* (last edited 1 year ago) (2 children)

EDIT: I'm just going to note that kolektiva was an anarchist collective. Doesn't sound quite as trivial as before.

This says that the server was grabbed during an unrelated raid?

How is that even legal. You can just get seized because your neighbor in the server rack is doing something? I feel like that should be a lawsuit for taking down someone's business essentially. I'll be real with you it doesn't matter if the shits encrypted or not - in 15-20 years if Feds hold onto your messages trivial or not, with their budget and resources they can probably crack hashed data, if Quantum computing comes online especially, where quantum was stuck in a state of laughable doubt just like ML or AI was eight years back.

load more comments (2 replies)
[–] [email protected] 13 points 1 year ago

To look at the bright side (or less horribly depressing side, anyway) it’s good that this happened now, while the fediverse is relatively young. Making the necessary changes won’t be quite as complicated.

[–] [email protected] 12 points 1 year ago (1 children)

No it's not, stop posting this sensational bullshit. Or did you guys forget websites and http are also decentralized with the same issues?

load more comments (1 replies)
[–] [email protected] 11 points 1 year ago (1 children)

Did you use chatGPT to generate this article summary? LMAO

[–] [email protected] 16 points 1 year ago (3 children)

I did. I thought it did quite a nice job actually. I even did the formatting.

[–] [email protected] 21 points 1 year ago (1 children)

One should always proofread those summaries though and make sure the info lines up with the article, since AIs still tend to hallucinate.

I personally would like to see a disclaimer whenever AI is being used to generate post bodies.

[–] [email protected] 13 points 1 year ago (4 children)

I did proofread it to make sure that it followed the article; wasn't just generate and post. OTH, human summary isn't free of misunderstandings either.

load more comments (4 replies)
load more comments (2 replies)
load more comments
view more: next ›