Infrastructure (physical layer)
Political server defense - bridging user & admin communities, etc.
How can we connect geek fronts with other struggles in the wider movement?
Text to be insterted...
Alternative community-driven internet service providers
While providing internet access for local communities has mostly been a matter of providing a low-cost solution by sharing access and costs in the past decades, it is now again becoming a neccessity, but for different reasons. European data retention laws allow governments to snoop on who connects to whom, and to retrieve this information from your local Internet access provider, which makes it difficult to work around this information being gathered.
This creates a new need for founding local internet access providers. The data retention legislation allows small (less than 1000 users) and non-commercial internet access providers to operate without a need for providing direct 24/7 access to an expensive black box for the snooping activities of the governments. Also, shared accounts and wireless LANs may allow for making it impossible to legally circumvent identification of single internet users. We can also learn from the past and from existing projects here. Reports on how community driven access providing has worked in the past and is working now will be of help in working around issues others have already encountered and overcome.
Reforming local internet access communities is a very important counter measure to the growing surveillance activities of organizations which think you are guilty until proven otherwise.
SeaCCP colocation facility in Seattle
we host about 30 servers in two cabinets, mostly from other autonomous collectives but also some non-profits and linux hobbists. the colocation website is http://seaccp.org. i can talk about how it got started, issues we have faced, advice for starting a colocation project, the advantages/disavantages of commercial facilities, or whatever is of interest.
I am interested in talking about other such infrastructure projects and how we can cooperate.
XarxaSenseFils, wifi ISP from Barcelona
|From:||Darkveggy » enric|
Since the very infrastructure we need to create the network can provide connection to Internet, we offer people and entities the possibility to cancel their contract with their Internet provider and contract the connection with xsf-coop. This way we promote an ethic consume of Internet at the same time we finance the alternative. The Internet quotes and band width allows to finance the infrastructure monthly costs, the purchasing and installation of the main access points, as well as the jobs necessary for the daily running of the service.
Servers, contracts and who signs them
|From:||based on ideas from ionnek, but not organized yet|
What kind models have been developed to set up servers? Who signs the contract with the internet service provider? Who gives their name: an indivual, an existing or non-existing group? What are the legal advantages and disadvantage? And what can Indymedia learn from the experience of other groups on this issue? What can Indymedia (and its network of supporters) do to support a global infrastructure of 'left servers'?
Gitoyen, or HOWTO be your own network operator
Text to be inserted...
FDN, or HOWTO be your own ADSL provider
Text to be inserted...
System administration / core services (system layer)
Technical server defense - towards a common security policy?
includes: Solidarity Protocols (Txopi) & Servers Global Action Ring (Txopi)
Solidarity Protocols (Txopi)
We could try to design some kind of protocols to help servers to each other and react to machine seizures and other kind of attacks. This protocols could be preventive (emergency mailing lists at other server, ...) and reactive (fast mirroring agreement between two servers if external help is needed, ...).
Servers Global Action Ring (Txopi)
Just a funny name to call a list of autonomous servers that would want to coordinate with the others and act globally when one server of the ring is at risk of seizure and situations like that.
The new threat model
|From:||Alster, NEEDED: people to introduce laws|
Impact of data retention and counter measures What exactly is the impact of the new data retention legislation? What is going to change for people in europe? What similar law is there in other locations in the world? How have people organized there to minimize the negative impact it causes? What kind of repression becomes possible by this new legislation? How do we need to react to it? What counter emasures are there?
As many of you may now, the Chamber of Commerce of the United States of America holds the final rights to determine the contents of the root zone file. The root zone file defines the available TLSs (Top Level Domains) like .net or .fr. One can easily imagine what enormous power is that.
There is an international process to change that situation. The United Nations held a two part conference entitled World Summit on Information Society (2003 Geneva and 2006 Tunis) which kick-started the transformation of Internet Governance structures. After a field-report on the DNS front we could asses the relevance and significance of the WSIS/IG process to our work and existence in hyperspace.
Introduction to the R*Plan
Decentralised server layout built by Autistici/Inventati.
Introduction to riseup.net
whatever people find interesting, i guess. our main areas are 1) email 2) lists 3) hosting 4) colocation 5) vserver farm 6) software development 7) security patches. all of our notes are online at http://deb.riseup.net. our patches are online at http://dev.riseup.net. the colocation website is http://seaccp.org.
A configuration monitor to ease collective administration. Metche is both a pratical tool to monitor the changes made to your system and an organisational method for collective administration. How to put into question the "root = 1 übergeek" paradigm?
Tools and applications (application layer)
Indymedia as service to the movement?
Where stands Indymedia in a time where everybody can just set up a blog in 5 minutes? How do we move forward from here? Can an IMC be a service during a big event (like the legal team, the street medics and the kitchens) and something else during the other 360 days of a year?
An activist online security policy
How should activists behave online, what should they do, what not? Which policies should we always keep in mind? Which software should we use, which should we avoid? Can we work out a general security policy which may serve as a daily reference for online activists, a general document which names the dangers and explains how they can be worked around, lightweight enough to bring it to your the internet cafe? (Alster)
I'd like to lead an discussion on general activist internet security, both on personal computers, and when travelling/using internet cafes. I use some tools and was researching a few more programs to prepare for this, but would also love to hear more ideas and practices from other people (especially about WiFi). My view is that this would be a discussion among generally technically minded people. My main goal would to get a comprehensive set of information that we (me and hopefully a few more volunteers) could compile into a pamphlet on internet security for activists that could be distributed at the general PGA gathering. (Loquito)
Block device encryption for the masses
The process of encrypting firmly installed hard drives as well as portable storage devices such as USB HDDs and pen sticks is a neccessary prerequisite to create and maintain a (partially) repression safe working environment. As many activists as possible should be using encrypted partitions and file systems. Unfortunately, this is not yet the case for many activists, because it is not easy to set up encrypted file systems in a usable and secure way. It is, however, possible. With the advent of DMCrypt and LUKS encryption it is much easier to create well-manageable encrypted devices. However, knowledge on how this is actually done is still not very well distributed. The most practical question an activist will ask is probably this: "How can I easily transform my current disk drive / partition / file system into an encrypted one?"
Is there a definitive answer to this? Can a user oriented, user friendly pictured guide be worked out which will allow an activist with mediocre tech skills to apply these changes to her system herself? Can this be translated? How can this be made a lovable tool (GUI allowing management + showing encryption strength, encrypted tux icon...)?
Indymedia CMS 2.0
|From:||Clara - but only if there are people who want to contribute|
There's some discussion about stopping to use specific CMSs developed for Indymedia: http://techmeet.sarava.org/English/Notes, http://cats.revolt.org/cats-vii/indymedia/ and some work on plone/zone. Maybe somebody can give an update on it (as well as on the new radar), and some discussion what different (types of) indymedia voluteers consider necessary to have and/or improve - mentioned in mails of bonzai, elijah and alex
What are the requirements that we as users need of a dispatch system? What are typical situations? I would like to get together with some people how have done dispatch and define a list of criteria and to write up a few case - to give to those people who want to write a dispatch system as a better basis to develop them. This is not a general presentation on what dispatch is but a place for people who write and use such software to work together.
Tagging and tracking, RSS
|From:||maybe Clara, based on ideas from Ionnek|
What are experiences with RSS feeds? Are they used? How can one access postings on the same topic on different Indymedia sites (and maybe also on other sites). As experiences from biotech.indymedia show: rss feeds don't really work here.
Indymedia history project
We can post our own articles about what is happening right now, but who is writing our own history? More and more often some of us are asked to write articles for some book, and there is a book in the making but nearly all of that are written in a traditional form: one or a few authors write for an editor. On the other hand there are some first ideas about an "Indymedia history" site (for the UK by Yossarian, http://tachanka.mine.nu:300) or about wiki pages (by toya). A discussion and maybe some practical work on it.
Each of these topics should be prepared by one person/group and should at least cover the following aspects: * Overview * Protocol * Usability * Abilities and Limits (functionality, compatibility, laws) * Pros and Cons
The following is an incomplete list of potential topics in this category: * TOR * Freenet * Darknets * Mixminion
In addition, a global overview and comparison and evaluation of these anonymization methods should be prepared. This may also include a longer discussion to work out different perceptions of what is most suited for different needs.
Secure communication with signing
The issues caused by SSL certificates and how to deal with them - To retrieve a valid SSL certificate, you need to register with a valid Certificate Agency. Certificate Agencies (CA) require that you provide information which makes you personally identifyable, both to the organization running the agency as well as to the world through public certificates they create for you. This undermines any attempt to protect the privacy of the server maintainer(s) by means of anonymization.
Self-signed certificates can work around this problem, but they are not trustable, as this system relies on the fact that the validity of the identity of the server maintainer is ensured. Is there an alternative solution which can be easily implemented on both server and client side, or can a compromise for the existing Public Key Infrastructure (PKI) been found?
How do we work together in the real life? Whom do we trust and whom don't we trust and what are the criteria for this? How do we develop such lines of trust? How can this workflow be transferred to the 'online world'?
Would a CA which is run commonly by alternative projects, which uses nicknames instead of real names work? How could be made so that the certificates it generates have some value, i.e. how can it be made so that it is reliable that the person they are made for are actually the ones who run the sites they are used on?
Don't try this at home: we will present our recent efforts to raise awareness about RFID related security issues, including a presentation of an RFID zapper tool built out of a common cheopo disposable camera. If there is enough interest, we will do a workshop where everybody can solder their own RFID Zapper. We will bring the necessary stuff, you go to the next souvenir store and buy the camera.
|Form:||Discussion/Workshop? Not sure|
Indymedia has used a website to facilitate internal (discussion) and external (articles, video subtitles etc) translations: http://translations.indymedia.org. This has proven to be necessary but at the same time many translators found it confusing and at the moment a new tool is in the making. Not only indymedia needs translations to be able to function as an international network and so this discussion is meant to develop ideas about how written as well as spoken translations can be better facilitated. Please bring examples!
Tools 4 Avtivists
|Form:||Discussion and concrete planning (hopefully)|
We all probably spend a lot of time answering the always same questions by friends, their friends and the rest of the world how to use different kind of tech solutions to activist problems, such as encryption, use of mailing lists, photo editing etcetcetc. At the same time many good How-Tos and useful yet for many unknown good software exist. I want to see who's interested in collecting the good things that are there and add what is missing in a website easy to find for everyone who all of a sudden needs help and doesn't have a techie friend to ask. A page more like a portal with different sections, each well kept up-to-date by those who deal with the different issues anyway. I'd like to discuss the idea and explore what exactly is needed, and see who's interested in participating one way or another.
|Form:||Discussion (who feels like presenting something?! could be useful)|
I'm not prepared to give a lecture with up-to-date information about latest scientific results about why there are so few women in activist tech communities. Or anyone else not white male etc. but it's quite obvious, also for this conference, and I'd like to have the chance to exchange ideas, questions, analysis.. possible ways out of it.
Can we get all people together who are somewhat connected with Indymedia for a "real life chat"? Getting together to connect names and faces, sometime in the beginning of the meeting, informal with some drinks.
GnuPG keysigning party
|From:||anybody willing to organize this?|
Bring your pgp key, or make one while you are there.
FOR MORE INFO ON THE PROGRAMME, CONSULT THESE WIKI PAGES: http://stamp.poivron.org/MediaActivism