Post AXFMdfUZqRFMD0LKOe by JAJAX@clubcyberia.co
(DIR) More posts by JAJAX@clubcyberia.co
(DIR) Post #AXExVM3jiLpmlfjAXI by admin@kolektiva.social
2023-07-01T04:52:07Z
7 likes, 27 repeats
π¨ Kolektiva.social SECURITY ALERT π¨ This is an alert for Kolektiva.social users. Please read this post in its entirety!In mid-May 2023, the home of one of Kolektiva.social's admins was raided, and all their electronics were seized by the FBI. The raid was part of an investigation into a local protest. Kolektiva was neither a subject nor target of this investigation. Today, that admin was charged in relation to their alleged participation in this protest.Unfortunately, at the time of the raid, our admin was troubleshooting an issue and working with a backup copy of the Kolektiva.social database. This backup, dated from the first week of May 2023, was in an *unencrypted* state when the raid occurred and it was seized, along with everything else.The database is the heart of a Mastodon server. A database copy such as the one seized may include any of the following user data, in this case up to date as of early May 2023: - User account information like the e-mail address associated with your account, your followers and follows, etc.- All your posts: public, unlisted, followers-only, *and direct ("DMs")*.- Possibly IP addresses associated with your account - IP addresses on Kolektiva.social are logged for 3 days and then deleted, so IP addresses from any logins in the 3 days prior to the database backup date would be included. - A hashed ("encrypted") version of your password.π¨ π As a precaution we highly recommend that all users on Kolektiva.social *change their password immediately* to a new, unique, and strong password.We sincerely apologize to all our users and regret this breach. In hindsight, it was obviously a mistake to leave a copy of the database in an unencrypted state. Unfortunately, what would otherwise have been a small mistake happened to coincide with a raid, due to bad luck and spectacularly bad timing.We understand that our users and other people on the Fediverse will have a lot of questions. We will try to answer them as best we can, but please be patient and bear in mind that we may be overwhelmed with messages, and may be delayed in responding or unable to provide answers to certain questions for legal or technical reasons. As a security culture reminder, it can be extremely harmful to the individuals charged and to our community to openly speculate on the Internet about alleged criminal activity or about what law enforcement may be able to do with seized data. Our present awareness is that the seized Kolektiva data is unrelated to the federal investigation and prosecution and we are exploring legal avenues to have the seized data returned and copies destroyed. Thank you for your understanding and solidarity :black_sparkling_heart: π Please see our replies to this post for additional information (1/?) π
(DIR) Post #AXExVNJj2ODafYDS64 by admin@kolektiva.social
2023-07-01T04:52:43Z
0 likes, 2 repeats
Please see our previous post for full context π Why did we delay in notifying our users? After extensive internal discussions and advice from multiple movement lawyers, we made the difficult decision to delay informing our users, since an earlier public statement could have made the situation worse in a number of ways.To be clear, the physical Kolektiva servers were not targeted or affected by the FBI raid. Our actual, live servers are encrypted, in that the hard drives are encrypted at rest. We have no reason to believe that any Kolektiva.social data has been compromised, outside of the database back-up that was seized. Our admin's various electronic devices and other drives were encrypted, and we swiftly rotated all passwords and keys as appropriate for any potential breach like this. In other words, we have no reason to believe this is an evolving threat to our server integrity, or our users' data security.So then, why are we asking users to reset their passwords? The seized database did not contain user passwords, it contained hashed user passwords. To better understand why we recommend users change their password, here is a good explainer: https://www.troyhunt.com/we-didnt-encrypt-your-password-we-hashed-it-heres-what-that-means/Without offering any excuses, we also think it warrants mentioning that the seized data would be similar to data obtained in any raid or other unauthorized access of any typical Mastodon server. It is the same data any cooperating instance admin can hand over willingly when requested. Unfortunately, there are serious limits to what admins of Mastodon instances can do to protect the data of their users. Users should always take precautions to protect the privacy of information, especially any sensitive information, they share on the Fediverse or anywhere else on the Internet. We hope that if nothing else, this situation serves as a learning experience for our users, and others on the Fediverse. It certainly has for us. For an intro to operational security on Mastodon, we strongly recommend checking out this guide: https://distro.f-91w.club/masto-opsec/Going forward, we will continue to explore our legal options. Ideally, we would be presenting a comprehensive list of internal changes, policies and best practices that we plan to implement to avoid outcomes like this in the future. These are definitely conversations we have started having, and intend to continue, but we also want people to be aware that we're a small volunteer collective, and we are dramatically affected by these events. Things may be slow to develop. We also have to keep Kolektiva.social running and pick up the slack now that we are missing a crucial team member π . Our admin's legal situation is shitty, but they currently have the support and legal representation they need. We will post any information or calls for support if that becomes appropriate or needed. As many understand, our political movements are currently facing high levels of state repression, which has resulted in an increase in digital and other forms of surveillance, raids and arrests, false and overblown criminal charges, increased use of pre-trial detention and lengthy prison sentences. At times like these, political movements are tested and solidarity and security culture become important touchstones for our work to make the world a better place for all.Thank you again for your understanding, solidarity, and time taken to read all this.
(DIR) Post #AXExyxLa9rQyoPBpc8 by Houl@md.ilyamikcoder.com
2023-07-01T05:19:39Z
0 likes, 0 repeats
@admin :blobfoxsweating:
(DIR) Post #AXF6cUgWwRpf8PLtUu by anantagd@kolektiva.social
2023-07-01T05:38:15Z
1 likes, 0 repeats
@admin this fully warrants moving away from KolektivaSocial, which I will do. The fact that an admin is working with unencrypted harddrives is incomprehensible re: "security culture".This and the fuckup over not limiting but blocking mastodon.social and not communicating about it. Especially in light of the repression around our movements, I would expect more foresight.
(DIR) Post #AXF6jMZrU3cU15VaFM by colonelj@freespeechextremist.com
2023-07-01T06:58:12.806190Z
1 likes, 0 repeats
@admin wtf
(DIR) Post #AXFDNnnUIfMNkHY288 by eee@poa.st
2023-07-01T08:12:44.616430Z
2 likes, 0 repeats
@admin lmao
(DIR) Post #AXFI1NBN4X90bKqM8u by meso@the.asbestos.cafe
2023-07-01T09:04:41.712875Z
3 likes, 0 repeats
@admin you cant spell fediverse without fed
(DIR) Post #AXFI4u1LR8FZJepwQ4 by silhouette@comp.lain.la
2023-07-01T07:35:26.127105Z
2 likes, 1 repeats
@admin ah the thing right wingers constantly fantasize about but it only ever happens to left wingers for some reason
(DIR) Post #AXFI5CiXvFVDIrBhFw by meso@the.asbestos.cafe
2023-07-01T09:05:24.364253Z
1 likes, 0 repeats
@silhouette @admin real and true
(DIR) Post #AXFJHwuU6aUfzoPfE0 by meso@the.asbestos.cafe
2023-07-01T09:18:54.713875Z
1 likes, 0 repeats
@bot @silhouette @admin yes?
(DIR) Post #AXFJMhizzVaeLcJ9mK by meso@the.asbestos.cafe
2023-07-01T09:19:46.149050Z
1 likes, 0 repeats
@bot @admin @silhouette have you heard of COINTELPRO? they surveilled tons of leftists for mild dissidence https://en.wikipedia.org/wiki/COINTELPRO
(DIR) Post #AXFJfPzQ9bygqSueQK by sun_eater@goreslut.xyz
2023-07-01T09:23:08.464665Z
1 likes, 0 repeats
@bot @silhouette @admin @meso you wouldn't know what makes sense even if it smacked you in the face
(DIR) Post #AXFJrsX7r5eCqYcT8i by silhouette@comp.lain.la
2023-07-01T09:24:48.402354Z
1 likes, 0 repeats
@bot @admin @meso way to let us know youβre not actually interested in discussion so iβll return the favor: seethe, chud.
(DIR) Post #AXFMdfUZqRFMD0LKOe by JAJAX@clubcyberia.co
2023-07-01T09:56:22.635901Z
4 likes, 0 repeats
@silhouette @admin lol you believe in januaray 6th
(DIR) Post #AXFN3s4Xh8y4kpeyvI by sun_eater@goreslut.xyz
2023-07-01T10:01:08.194820Z
2 likes, 0 repeats
@bot @silhouette @admin @meso damn bot, you are sooo creative
(DIR) Post #AXFYSoEGDhlDZPIdCS by graf@poa.st
2023-07-01T12:08:53.570046Z
5 likes, 0 repeats
@admin retard
(DIR) Post #AXFZBBqflS5BZBQeVU by zero@strelizia.net
2023-07-01T12:16:51.267064Z
4 likes, 0 repeats
@admin i aint reading all of that pal
(DIR) Post #AXFZP8jU97IjxNictc by zl2tod@mastodon.nz
2023-07-01T06:40:52Z
0 likes, 1 repeats
@admin For historical and legal precedent read up on the Indymedia server seizure.https://www.eff.org/cases/indymedia-server-takedown@eff
(DIR) Post #AXFbY1qRK9Kl6pL160 by RustyCrab@clubcyberia.co
2023-07-01T12:43:26.140649Z
2 likes, 0 repeats
@admin meds
(DIR) Post #AXFv2IoWhCnTYRam92 by mrsaturday@shitposter.club
2023-07-01T16:21:52.640317Z
6 likes, 0 repeats
@admin TL;DR: Antifa admin's opsec was ass, decided to fuck around, found out, and now all of the instance's user data is property of the FBI
(DIR) Post #AXFv90Gu2B564d3nUW by matty@nicecrew.digital
2023-07-01T16:23:04.278633Z
1 likes, 0 repeats
Rekt
(DIR) Post #AXFxPAPCKBA82pm7tY by kroner@seal.cafe
2023-07-01T16:48:23.163778Z
1 likes, 0 repeats
Always a good day when Antifa takes an L
(DIR) Post #AXFxXUIeF2WO3wgBKC by Tadano@amala.schwartzwelt.xyz
2023-07-01T16:28:42.370074Z
1 likes, 0 repeats
@admin lmao get fucked you pinko faggots :bigchinwalt:
(DIR) Post #AXFxfMkWCKmAxhTKW8 by RustyCrab@clubcyberia.co
2023-07-01T16:51:11.613546Z
2 likes, 0 repeats
@DocScranton @admin @graf I would be very interested to know what antifa of all groups could actually do that was so bad the police would even look at them. Was one of the cops they shot black?
(DIR) Post #AXFyP4WKIxKxkMd0r2 by sarvo@novoa.nagoya
2023-07-01T16:58:25.880Z
0 likes, 0 repeats
@admin@kolektiva.social you failed to mention your db not only has data of your users but also of your known fediverse or at least what reached your server.
(DIR) Post #AXG0dKxKC8GWgPBc1o by neko@ryona.agency
2023-07-01T17:24:12.486212Z
1 likes, 0 repeats
@admin sorry for your loss or happy anniversary or whatever
(DIR) Post #AXG0iBG9flaC3gIt1s by kroner@seal.cafe
2023-07-01T17:25:27.878915Z
0 likes, 0 repeats
congratulations or I'm sorry?
(DIR) Post #AXG367BgfDqoHskpSS by admin@kolektiva.social
2023-07-01T12:35:54Z
0 likes, 0 repeats
Two additional points:If you are a kolektiva.social user and have already enabled Two-factor Authentication on your account you should also reset that, just like your password. (Also consider that it's a good idea in general to set up Two-factor authentication, if you are able, to secure access to your account!)
(DIR) Post #AXG368JsSFzpnZasrY by admin@kolektiva.social
2023-07-01T12:40:13Z
0 likes, 0 repeats
Some users have asked or pointed out, and yes it is the case that the database copy would also include cached copies of posts from users on other instances in the Fediverse, and this includes direct posts or "DMs" which were sent to or included a Kolektiva.social user.We welcome suggestions on how to most effectively notify (a lot) of Fediverse users in general of this, but we also ask for other instance admins to help by communicating this to their own users if it seems appropriate π
(DIR) Post #AXGD1MYH6y0i25gz1E by bbhorne@kolektiva.social
2023-07-01T07:52:07Z
1 likes, 0 repeats
@anantagd @admin on the contrary, this is a state-of-art security advisory and transparency post from an admirable set of humans running a great service. No one is perfect, and if you are running technology that is radical and a challenge to state power, you will eventually be raided. This is a great step towards improving the Kolektiva protocols for their admins, and far from a reason to abandon the site. I have not even seen a comparably thorough disclosure of this type from any Mastodon instance, this post increases my confidence in Kolektiva as the place best suited to resisting police raids in the long run.
(DIR) Post #AXGD1N9UsZmhtX6i2K by mrsaturday@shitposter.club
2023-07-01T19:43:20.326093Z
2 likes, 0 repeats
@bbhorne @anantagd @admin My brother in Christ, if your technology is an actual threat to state power, you'd be worried about more than just "transparency" here. Why do you think anything legitimately subversive could survive on the clearnet without getting rotted from within by bad actors? Cut the LARPing and take a look in the mirror.
(DIR) Post #AXGG042KlT2SBKpBAW by amerika@noagendasocial.com
2023-07-01T20:16:45Z
0 likes, 0 repeats
@admin While killing Communists is a good thing, letting the FBI look at databases is not.
(DIR) Post #AXGPc6Cg3WjTUfsEnA by elnach@novoa.nagoya
2023-07-01T22:04:29.231Z
1 likes, 0 repeats
@admin@kolektiva.social
(DIR) Post #AXGPnI7M6Eq1d8imqe by elnach@novoa.nagoya
2023-07-01T22:06:29.464Z
2 likes, 0 repeats
@silhouette@comp.lain.la @admin@kolektiva.social ah the thing *wingers constantly fantasize about but it only ever happens to everyfucking one for some reasonfixed that for you β:anime_flex:β
(DIR) Post #AXHSaivDcnhY1BhfXc by miklo@soc.citizen4.eu
2023-07-02T10:08:12Z
1 likes, 0 repeats
@admin"Our actual, live servers are encrypted, in that the hard drives are encrypted at rest."And do you inform people that you use #cloudflare proxy ?Because if effectively some corpo can read all the decrypted data on the way between the browser and the server, then the encryption of the server's drives doesn't matter at all and people's privacy is de facto given over to #cloudflare.If anyone does not know what cloudflare is, it is a must read: https://notabug.org/dCF/deCloudflare/src/master/readme/en.md#StopCloudflare
(DIR) Post #AXI6nBsBo75BRxmmsS by anantagd@kolektiva.social
2023-07-01T08:05:30Z
0 likes, 0 repeats
@bbhorne @admin the mere fact that an admin kept a physical, unencrypted harddisk in their home is reason enough, add to this, that it's no july and the occurrence was in may. That's enough information for me. Thanks
(DIR) Post #AXI6nCdKyonRoBqRMm by bbhorne@kolektiva.social
2023-07-01T15:19:51Z
0 likes, 0 repeats
@anantagd @admin They were "troubleshooting an issue and working with a backup copy of the Kolektiva.social database." Pretty normal to have to work with unencrypted data when troubleshooting things. And sounds like they will also tighten up security as a result of this breach.
(DIR) Post #AXI6nDKEPL6jxDuhE0 by MikeTheComrade@kolektiva.social
2023-07-01T16:45:26Z
0 likes, 1 repeats
@bbhorne @anantagd @admin The damage is done though, everything they want, they most likely have. For anyone to believe the feds won't get this data, regardless of legality, is either lying to make themselves feel better or uneducated as to the true purpose behind the 3 letter agencies."Our present awareness is that the seized Kolektiva data is unrelated to the federal investigation and prosecution and we are exploring legal avenues to have the seized data returned and copies destroyed." - Too late. The feds have it whether you like it or not. Whether it's legal for them to have or not.Bad OPSEC is inexcusable. Period.
(DIR) Post #AXI7IvIQyTphIyC1NA by anantagd@kolektiva.social
2023-07-01T12:43:21Z
0 likes, 0 repeats
@admin Youβll be lucky if other instances donβt defederate. Good luck
(DIR) Post #AXI7IwihgIRLijUVxQ by MsDropbear@kolektiva.social
2023-07-01T14:11:08Z
1 likes, 0 repeats
@anantagd @admin Has it begun already? π€·ββοΈ