|
Comment on this article |
Email this Article
|
|
News :: Miscellaneous |
|
A Quick Technical Primer on Web Logs |
Current rating: 0 |
by Joe Futrelle
Email: futrelle (nospam) ncsa.uiuc.edu (unverified!) |
28 Apr 2001
|
|
The "connection logs" that the FBI sought from the Seattle IMC were the ones kept by its web server. These logs need not be generated in the first place. |
Virtually all web servers have some kind of logging feature which records accesses to the server, errors, and other kinds of events as they occur. The access log contains one entry per access to the web server, in other words every time someone visiting the website loads a new page. Each entry records the time and date of the access, the IP address of the website user's machine, which page they accessed, etc.
Typically, site administrators use these logs to compile statistics about usage patterns, to find out which pages are being accessed most frequently and who their users are. Logs are rarely used for any other purpose, and they can be partially or fully disabled.
The FBI was interested in this information at the Seattle IMC ostensibly to identify a user who they perceived as a threat to security in Quebec, but had they gotten access to the logs they would have known much more: the IP address of every user of the Seattle IMC site during a 48-hour period in the middle of the anti-FTAA demonstrations.
I don't know in detail about the software that runs the IMC sites, but I very much doubt it requires that accesses to the sites be logged. So I think it's very likely that logging could simply be disabled on web servers that run the IMC sites. This would be a big step towards protecting the anonymity of the IMC sites' users from unscrupulous and opportunistic law enforcement organizations.
A more difficult issue is the ability for third parties to "sniff" web traffic as it passes through routers on its way from the user to the web server. Currently the best way to protect against this kind of surveillance is with the Secure Sockets Layer -- the technology used by online retailers to protect credit card information. As far as I know it would be possible to configure IMC servers so that the publishing form was handled over an SSL connection.
So in conclusion I think our first line of defense remains to be aware of and vigilantly defend our constitutional rights of free speech, free association, and freedom from unreasonable search and seizure. But a good second line of defense is all the technical means we can implement to protect our information from untrusted third parties. |
