interesting, both from the LUG and anon-remailer interception points of
view -- fwd from EDRI-gram --
http://www.edri.org/edrigram/number3.14/Italy :
Another Italian community server violated?
14 July, 2005
»
Privacy | Wiretapping | Security
After the recent discovery that the Italian Autistici/Inventati server had
been seized by the Italian police and a backdoor had been probably
installed to allow for easier monitoring of all communication going
through it, looks like another Italian community server could have endured
the same fate.
On Monday 27 June 2005, two members of FLUG (Firenze Linux User Group)
visited the data centre of Dada S.p.a., in Milan, where the community
server of the group is physically housed, in order to move it to another
provider.
When the server was put out of the rack, however, it was discovered that
the upper lid of the server case was half-opened. At a closer inspection,
it was also discovered that the case lid was scratched, as if it had been
put out and reinserted into the rack. Worse, the CD-ROM cable was missing,
as were the screws that kept the hard disks in place.
Dada S.p.a. was immediately contacted, but its representatives denied any
fiddling with the server. Other FLUG members that could have potentially
had access to the server farm confirmed that they had not tampered with
the server.
Even though a quick forensics analysis of the system showed that no
shutdown and reboot operations, besides those that had been planned in the
past, had taken place (the hard disks were not "hot swappable", therefore
a shutdown of the machine is necessary in order to take them off the
server) FLUG decided to consider the server as compromised, as the
shutdown/reboot operations could have been erased from the logs.
What is particularly worrying is that the server hosted an anonymous
remailer, whose keys and anonymity capabilities could have been
compromised. Considering what happened to Autistici/Inventati server -
which hosted another anonymous remailer - this possibility is not so far
fetched. This begs the question whether a co-ordinated attempt at
intercepting anonymous/private communications on the Internet has been
ongoing in the past weeks and months.
An interrogation to the relevant ministries will be probably issued in the
coming days by Mr Fiorello Cortiana (Green Party).
EDRI-gram 3.13, Autistici/Inventati server seized by the Italian police
(29.06.2005) http://www.edri.org/edrigram/number3.13/backdoor
Web page of the Firenze Linux User Group (FLUG)
http://www.firenze.linux.it/
Announcement by FLUG
http://punto-informatico.it/p.asp?i=53755
Photos of the server
http://www.firenze.linux.it/~leandro/compromissione/
(Contribution by Andrea Glorioso, Italian consultant on digital policies)
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
