-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday 04 April 2003 12:42 pm, koyaanis qatsi wrote:
Daniel Ehrenberg writes:
Actually, for anonymity, I think we shouldn't store
any information
potentially linking names and IP addresses to
messages. According to the
"patriot" act, the government can search anything
(like servers) with
automatic permission from a judge to find evidence
for terrorist
suspects. If someone were to write on a talk page "I
love Sadam Hussein and Osama bin Laden", then the government would try to
trace it to someone,
and if they have DSL, they might find someone and
"detain" them. Don't
Oh, it's not hypothetical at all; they'll even "detain" (or, more properly, "disappear" [and q.v. Argentinian history for those not understanding that term] people for something as innocuous as contributing to certain charities. It happened recently with an Intel employee.)
In fact, one (e.g. this one writing) could go so far as to argue that the U.S. is sprinting towards a police state, with terrorism already redefined as "damaging property" and states proposing legislation to sentence people to 25 years for protesting (oregon) and to outlaw hiding the content or source of any transmission online (FL, TX, others. and note that this, if passed, would outlaw PGP, firewalls, and SSL).
I'd argue that now is the time to be proactive, while it's still legal. I think it woul be great to encrypt *all* IP addresses in the database, and to *chronjob scrap server logs every 24 hours (this is a policy Bear Pond Books has taken up with customer info. Agents can request the info, even with no suspicion the customer has committed a crime; booksellers are under an immediate gag order about the visit. no info? nothing to give. and, for those worried about death threats? Mav's and Zoe's did not go unnoticed; they were instead immediately noticed).
I sound like a hopeless paranoiac, I know. Unbelievers should check out the text of the PATRIOT Act and the text of the proposed PATRIOT Act II, which would allow the U.S. government to strip citizenship from people born in the country, but who at some point endorse a group the government deems "terrorist" (I'm assuming they're not yet counting themselves in this group.) The hapless Intel employee, under Patriot Act II would, instead of being disappeared, would be disappeared and stateless. Good for prison labor, I guess.
cheers (or not),
kq
q.v. PATRIOT ACT I http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=11835&c=206
and the exciting sequel, PATRIOT ACT II http://publicintegrity.org/dtaweb/report.asp?ReportID=502&L1=10&L2=1... L4=0&L5=0
cryptome.org has some interesting (as always) documents on web page access logging and log retention:
http://cryptome.org/usage-logs.htm and http://cryptome.org/no-logs.htm
I agree with one of the person quoted in the above documents that rather than logging by default, there should be a concrete need for logging to justify its use.
What does wikipedia log, and for how long are the logs retained?
Sascha Noyes - -- Please encrypt all correspondence. PGP key available from: http://individual.utoronto.ca/noyes/snoyes.asc - --