5th of July Foundation

Security - Privacy - Liberty

Blog

New XMPP server and security breach

by

We have today officially launched our new XMPP (Jabber) server.

Register an account here:

https://jabber-signup.5july.net/

Our old XMPP (Jabber) server will be has been shut down.

If you used the old server, make sure to use a new password when you register on the new server.

Note that the new server has server address jabber.5july.net (the old one had .org in the end).

Security breach

The immediate reason for the switch to the new server is a security breach that occurred this morning. We think that usernames, hashed passwords, and possibly contacts have been leaked. We are still investigating, but bottom line is that there doesn’t seem to be any security patch for this vulnerability (for the version we are running, see below), which means that similar attacks could happen again. We will therefore shut down this server and start using a new one. We have sent an XMPP message about this to all users of our old server.

The switch to a new XMPP server has been in the works for some time already. Our old XMPP server ran on an older version of Prosody, and we had had problems updating to the newest version, possibly because the database had been corrupted after migrating from ejabberd to Prosody earlier on. After several attempts to update Prosody, we simply decided to start a new XMPP server running on the latest version. We tried migrating all accounts from the old to the new server, but without success. (If you noticed downtime in the last few weeks, this was the reason.) We therefore decided that we would have to ask all of you to register new accounts on the new server. Far from ideal, but doable.

Better XMPP compliance

The good news is that running the latest version of Prosody will make it possible to add various extensions that some of you have asked for. The Conversations’ XMPP compliance tester gives us a score of 80 percent currently, up from 60-something for the old server. We’ll implement more features over the next weeks.

We want YOU to join our team of awesome freedom technicians!

by

5th of July Foundation is hiring!

The 5th of July Foundation is recruiting.

We are looking for passionate digital freedom fighters who want to develop and maintain innovative network infrastructure that safeguards security, privacy and liberty for the world’s internet citizens.

You will work on a distance together with a small group of dedicated network technicians. You will be part of the continuous development of our VPN service, and you will be able to suggest your own services too that the foundation may offer in the future.

You must have a strong commitment to internet freedom. Maybe you are active in the pirate movement or the open source community? We want some kind of track record.

Send off an informal email today to info AT 5july.org. And let’s talk more!

5july signs #SaveCodeShare

by

The negotiations of the new EU copyright directive are coming to a close. The parliamentary committee for Legal Affairs (JURI) will vote on the directive on 20-21 June 2018. Since JURI is the main committee for this directive, the result of their vote will be the official recommendation for the European Parliament, when they vote about the directive at a later date.

Free Software Foundation (FSFE) and OpenForum Europe (OFE) have researched how the proposed directive may affect free and open source software, and the communities that develop them:

The proposed Copyright Directive has the clear potential to harm Europe’s competitiveness and growth in this area. Importantly, it could also restrict important fundamental rights of developers and internet users, without achieving a proportionate benefit. In particular, the proposed Article 13 could create barriers for the development of source code by imposing liability on platforms used by developers, harming a sector fundamental for the Digital Single Market. Therefore, both OFE and the FSFE consider that the proposed Article 13 should be redrafted in order to be consistent with the existing legal framework around intermediary liability, as established by the e-Commerce Directive.

The 5th of July Foundation has today signed the #SaveCodeShare open letter, which will be handed over to members of the EU parliament before the vote.

Sign the open letter here:

#SaveCodeShare

Read more about the proposed Copyright Directive over at Julia Reda:

EU censorship machines and link tax laws are nearing the finish line

Do you want to build the VPN of the future?

by

The Swedish non-profit 5th of July Foundation runs the VPN service Integrity VPN since 2013. We are dedicated to providing the strongest possible security, and part of that goal is our unique setup: Integrity VPN is available solely through reselling ISP’s. That way, we can focus on running and developing a great service without having to handle any personal data – we don’t know who our users are, and that makes for great security.

Integrity VPN has evolved to a very stable VPN service. We run it solely on our own physical servers and continuously invest in new hardware to make sure that traffic peaks never hit the ceiling.

U

Build the VPN service of the future with us

Do you want to join a small bunch of developers and network technicians to take Integrity VPN to the next level? There will be plenty of opportunities for the right person to shape the future Integrity VPN.

We are mainly looking for two persons (or one person with both competences):

1. DevOps person

You will work in the heart of the operation and further development of Integrity VPN:

  • Full IPv6 implementation,
  • Trying out new VPN protocols such as Wireguard,
  • Installing VPN servers in new locations (physically and/or remotely),
  • Adapting open source VPN clients to our needs.

You might not be an expert on all of this, but you should be knowledgeable about networks, server scripts, switches and routers, what is sometimes referred to as DevOps.

2. Developer

Except for Integrity VPN, the 5th of July Foundation offers other tools that enhance security, privacy and liberty for internet users.

  • As a developer, you will code these services, or adapt existing open source services to fit our needs.
  • You will also code for Integrity VPN, for example adapting open source GUI packages for various platforms.

You will also be able to suggest what services you want to code for us.

l

You’re an activist

The 5th of July Foundation is a non-profit foundation founded by internet pioneers and activists. We believe in spreading security, privacy and liberty to all internet users.

It is important that you share these values, and that you can back it up: What have you done before? Maybe you were involved in the open source community? Maybe you have a background in the pirate movement? Don’t be shy!

0

What you should know

  • We’re not hiring, technically. You will work as a freelancer who sends invoices (just like all of us, including the Executive Director).
  • You can be based anywhere. We are currently spread over three European countries with some kind of base in Berlin, Germany.
  • We’re not your regular business types. If you’re a bit of a social misfit, you’ll fit right in.
\

How to apply

Get in touch now by sending an encrypted email to info (at) 5july.org where you introduce yourself and tell us a bit about your specialties, preferably with some links to previous projects of yours.

Do it now!

Happy 5th of July – some updates

by

It’s the 5th of July 2016 today, and it’s been four years since the UN Human Rights Council adopted the “Resolution on the Promotion, Protection, and Enjoyment of Human Rights on the Internet”.

The 5th of July Foundation took its name from the day that bore those great aspirations:

Let’s promote, protect and enjoy human rights on the internet!

New podcast on internet politics

Our latest project to do this is a podcast, which covers internet politics in a broad sense. It’s in Swedish (so far) and we call it “5 juli-podden”. You can listen on for example Itunes, Soundcloud or Youtube.

Blog anniversary

Today also marks the two year anniversary for our resident blogger HAX, who is also co-host of the podcast. We’re celebrating by giving hax.5july.org a little facelift. As always, it’s somewhat of a challenge to make a blog work smoothly and look tasty without letting third party companies (read: Google) put their code on your pages.

Expanding our services

So far the “promotion” of human rights on the internet. What about the “protection” and the “enjoyment”?

It’s for those purposes that we run our privacy services: A free disposable email service (still beta), a free encrypted Jabber chat server, and our paid VPN service Integrity VPN, which we are now expanding, so that customers of more internet providers will have the choice to enhance the security, privacy and liberty of their everyday communication.

So that’s a brief update on our doings. We look forward to many interesting developments in the coming year. Cheers!

Bahnhof vs. Data Retention

by

There is an important legal battle going on between the oldest independent ISP in Sweden, Bahnhof (which has always stood up for privacy on the internet) and The Swedish Post and Telecom Authority (PTS).

Our sponsored blogger, writer and thinker HAX comments the latest installment in this battle: Bahnhof won a temporary injunction which allows them to refuse to hand over certain data to authorities. Read about it here.

5th of July Foundation is happy that its board member Wilhelm Dahlborn wrote the appeal that the court now listened to.

There is also a legal case going on between Swedish telecom/internet provider Tele2 and that same authority, PTS, about data retention. The second highest administrative court in Sweden has sent that case to the Court of Justice of the European Union (ECJ) in Luxemburg. On April 12, there will be an oral hearing in this case.