Por Aline

Numa ação conjunta da polícia italiana com a norueguesa, um servidor do Austistici/Inventati teve seus discos copiados.

As consequências desta ação são: os dados dos usuários e dos coletivos ativistas foram violados, abrindo precedente para que pessoas e movimentos sejam identificados, criminalizados e perseguidos.

Quando uma ação deste tipo ocorre em países como Irã e China, muitos se levantam em defesa do direito à privacidade e liberdade de expressão.

E quando isso acontece no coração da Europa Ocidental?

_________________________________________________

Police raid: shoot a thousand to hit none!

It happens, since notoriously police doesn’t know how to aim properly: shoot in the crowd, you might eventually hit your target. Exactly as when they run round-ups, bringing havoc to whole streets as they look for something that might not even exist. The Italian postal police has a bad habit of rummaging in hundreds or even thousands of people’s personal data just to fine one particular message. It has happened again with the server the A/I collective keeps in Norway: its disks have been entirely cloned for an investigation we still cannot know anything about. It is likely that A/I is not directly implied in this supposed enquiry, but whatever may be happening, our users’ data (which were mostly encrypted) have been acquired by someone who could at most show a warrant for one specific search. It is the principle of hitting hundreds of people to pinpoint one of them: and while they’re at it, seizing all data is too much of a temptation; after all if you won’t find what you are looking for, you’ll have a prize at least to show your police friends.

<<Acontece, já que notoriamente a policia não sabe como agir devidamente: atire na multidão que você pode eventualmente acertar seu alvo. Exatamente quando eles fazem rondas, levando caos em ruas inteiras quando procuram algo que pode até não existir. A polícia postal italiana tem um mau hábito de revistar centenas ou até milhares de dados pessoais apenas para encontrar uma mensagem particular. Aconteceu novamente com o servidor do coletivo A/I mantém na Noruega: seus discos foram inteiramente cxlonados para uma investigação que ainda não sabemos nada a respeito. É provável que o A/I não está diretamente implicado nesta suposta demanda, mas independentemente do que está ocorrendo, nossos dados de usuário (que estão em sua maior parte criptografados) foram obtidos por alguém que pode pelo menos exibir um mandado para uma busca específica. É o princípio de atirar em centenas de pessoas para acertar uma delas: e ainda que estejam fazendo isso, capturar todos os dados é uma grande tentação; afinal, se você não encontrar o que você está procurando, você pode ao menos mostrar o prêmio ao seus amigos policiais.>>
When such things happen in China or in Iran, crowds of privacy champions pour into the streets to protest against the “regime” spying on its citizens. But if it happens in front of them, they are distracted, perhaps due to the media hype on the petty scandals that haunt this petty country.

Such occurrences require us, all of us, to react quickly, learning to protect our privacy as well as protesting against electronic surveillance, which, clumsy as its claims may be, is in any case unjustified and repressive.

It is also interesting to note that there was no need for this operation: every time we have been asked for logs or information, we have always answered — it is not our fault, if the data they need do not exist or if they find them useless. Actually, we find this is one of our merits.
And we think it is also a merit that the R* Plan has allowed us to restore the services that were hit by this raid in no more than 24 hours: for 5 years now we have been telling our users that our aim is avoiding the destruction of our services, while in the meantime we have also realized and tried to tell everybody that each single user is responsible for her own privacy, which depends on your intelligence when you write and read and on your accuracy in never entrusting this fundamental aspect of your life to someone else. Apart from the mailing lists archives, our disks were encrypted, but now they have been copied, and with time no encryption system is unbreakable. So don’t delude yourselves in a false sense of safety.

<<E entendemos que é também um mérito o Plano R* ter permitido que restaurássemos os serviços atingidos por esse ataque súbito in menos de 24 horas: nos últimos cinco anos informamos nossos usuários que nosso objetivo é evitar a destruição de nossos serviços, enquanto isso nós compreendemos e tentamos avisar a todos que cada usuário é responsável por sua própria privacidade, a qual depende de sua inteligência quando escreve e lê, e de seu cuidado em nunca confiar esse aspecto fundamental de sua vida a qualquer outro. além dos arquivos das listas de email, nossos discos eram criptografados, mas agora eles foram copiados e com tempo [para quebrar a criptografia] nenhum sistema é inquebrável. Portanto, não se iludam com uma falsa sensação de segurança.>>

Support the battle that we will launch as we did after the first crackdown on our server: spread the news we will publish, fight against any restriction to your freedom of communication.
Unlike the police, we want to educate hundreds to hit one — the genius at the postal police who thought that copying 2000 people’s data could be a good idea to find nothing at all.

_______________________

Yesterday the Norwegian police seized for some hours our server in Norway and copied all disks following a judiciary request from Italy. Although it’s highly likely that this investigation concerns just one user/website/mailing list, the whole content of the box was copied, so, even if in an encrypted form, your passwords are not in safe hands anymore. Therefore, we warmly invite all our users (not only those who had their mailbox in the Norwegian server) to change your mail and FTP password and to recommend to do so to anybody you may know who has a mailbox and/or website with A/I.

As a precaution, we have moved to a different server all mailboxes that were kept in the seized computer: if you had not downloaded your mail to your private computer and your mailbox was located in this box, now your archive will be empty. In the next few days we will recover the whole content of your mailboxes, but we hope that this accident can help remind you more than ever that it is not a good idea to leave your archives in a server you cannot control: even if in our disks mailboxes are encrypted, violating a cryptation code is not a science fiction scenario.

More updates will follow soon.