this is frankly really scary. if you’re in a socialist org, please make sure that they’re not so lax with security like this. also, why the actual fuck are they using google products. we are fucking doomed here in the west man. To be clear I think this is probably more on the local chapter of your org than the national org, but even then I really think national orgs need to be giving out a lot more training about this kind of thing, and quite frankly booting out the leadership of local chapters if they’re lax like this.
tweet text here
PSL security culture: I left almost a year ago, their members locally know I don’t like them, but I’m still in some shared folder where I can see sensitive event and recruiting information
I highly recommend to the people joining orgs to take serious steps and ask questions around security. What if this got into the wrong hands? Out of courtesy I’m censoring the names. I have plenty more screenshots of events in case they try to refute this but I recommend they just hold this L quietly
*4 images showing proof
Our local PSL chapter used a private Nextcloud instance for most organizing efforts. For what it’s worth, PSL national did start up an IT security protocol that chapters were supposed to be moving towards, with detailed guides for setting up various online infrastructure in a secure way. Out of all the socialist orgs I’ve been a member of, the PSL has ultimately been the one most interested in tightening digital security. DSA is Google Docs central (and Slack). SRA is Discord all the way down.
https://lemmygrad.ml/comment/3730331
This is my comment made a bit earlier to encourage tech literate comrades to join their local org as they can help improve their IT infrastructure and opsec.
https://twitter.com/hornetnezt/status/1762437507675779517
I do agree with this person. I think this would have been handled better privately even though this info is helpful. In the pre-branch I am in, we do take opsec seriously and want to find alternatives to improve our security. I’m sure other local branches would be open to change if more IT comrades joined and made their voice heard.
I believe PSL worked with tools that were most convenient and accessible to them at the time. Plus, while I hate big tech tools and prefer self-hosted solutions, the security of Google, Microsoft, and other mainstream products is nothing to scoff at (ignoring backdoors built in for the feds), though your privacy goes down the drain. PHP originally self-hosted their git repository and had to migrate to their mirror on GitHub after they were compromised.
Time is of the essence to build class consciousness among the proletariat. We have been raising awareness of the genocide in Palestine, and I don’t believe our organization is working in vain by running a campaign and accruing members and resources. Our current campaign isn’t simply to win office. Of course there’s extremely little chance we will win. The campaign is an invitation for workers to join a communist organization to fight for a better world, and the presidential election is definitely not a time to be quiet as more people are paying attention to politics now. Revolution is not going to happen overnight, and we are still in early stages of emerging in the US.
I do agree with this person. I think this would have been handled better privately even though this info is helpful. In the pre-branch I am in, we do take opsec seriously and want to find alternatives to improve our security. I’m sure other local branches would be open to change if more IT comrades joined and made their voice heard.
I think you’re a little too biased as a PSL member. quite frankly they had almost a year to notice this themselves, and speaks to an extreme problem with that local chapter that needs to be spoken about publicly. I’m not in PSL so I can’t say what national does about this kind of thing but the leadership of that chapter needs to be reprimanded or even be forced to step down imo. Does national provide training for this kind of thing?
Hey, I am just as critical in regards to security and socialist parties including my own, and I do want the party to improve on their opsec and prioritize open source, self-hosted, and encrypted/sandboxed/etc. tools, but blasting this onto twitter without the party’s consent isn’t very responsible. I don’t know if you are the same user as the one on twitter, but I do apologize for the experience and this is something I believe the local chapter as well as the national party should improve upon. I joined the party with the goal to contribute my IT skills to make the party more secure.
I’m still a bit new and still learning, and I am being careful about not sharing internal only information, but locally we do work on different trainings, and I may be helping organize one related to security. We need more IT comrades to help with the party in order to realize changes to our technical infrastructure, especially when we become larger and reach later stages of organizing and begin shining in the surveillance industrial complex’s radar. Simply slandering the organization by posting internal information does not help, especially for this issue regarding a hole in their security.
I’m not the same user, I’ve never been a member of PSL, Once again, it’s not so much the using of google products, which is bad tbc, it was that they didnt have any procedures to make sure that former members can’t burn them like this. Imagine if this person was a monster and shared this information with a local white supremacist group, it could lead to the deaths of organizers. I’m glad to hear that you’re working on organizing security training. But I think it’s important for people to see this info in the public so they know to keep an eye out for this kind of thing in whatever org they’re in.
As a Cybersecurity professional, I completely agree with every word.
The security concern is understandable and we should take necessary measures and keep important things between trusted people in real life, but we need to be honest with ourselves that we are under surveillance at all times anyways.
We’ve expressed more than communist sympathies online and in real life. We are high on the watch list (that literally everyone is on anyways).
Organizing definitely has pig and fed supervision and even infiltration. You should assume there is someone untrustworthy around you at all times.
But this does not mean we stop organizing, or slow down, or cower. If we have this weird pursuit of perfect privacy, we will do absolutely nothing. Because it doesn’t exist.
At some point we need to break through this fear of “getting got” because of bad security and recognize that it doesn’t take anything for the feds and pigs to do terrible things anyways. If you’re actually organizing in real life, if you’re actually active, you’re eventually going to need to be clear on your goals. And that right there blows your “security”.
If we are too scared to put ourselves in ANY amount of danger just through supervision, how do you expect us to actually carry a revolution forward?
I’d ask you all to consider the concept of revolutionary suicide, or at the very least, revolutionary sacrifice. It’s true, engaging in this may lead us to prison or death. And no amount of security is going to prevent that from happening when the going gets going. Is that worth it to you? Do you have the drive to live a life free that is so strong you’d give up everything for it? I say this not as a finger pointing or “you’re weak” thing, but a genuine question. I don’t blame you if the answer is no.
Once again, before I get crucified, I am not advocating against basic security measures to filter out feds and keep classified information in the hands of trusted people. I am pushing back at the overall theme I see specifically with online lefties that prioritizes security so heavily that we can’t share our names or general locations with these established orgs as if the feds don’t have this already. I’m pushing back against the overwhelming fear some people seem to have (justifiably) because we don’t need that right now. We need resistance. And that is dangerous.
physical location is most needed to be kept safe from right wing local stochastic terrorists rather than feds at least, you’re right about that. The big thing here, that i more meant to focus on, is that they let some random person who left the party get access to sensitive information for months, that is extremely bad, just because I might be on a fed list somewhere, doesn’t mean i want to be doxxed by a bitter former party member and face repercussions from anticommunist locals. I advocate for keeping the most sensitive information (like if your group is going to go sabotage something, etc.) off of computers and kept person to person anyways
I’d ask you all to consider the concept of revolutionary suicide, or at the very least, revolutionary sacrifice. It’s true, engaging in this may lead us to prison or death. And no amount of security is going to prevent that from happening when the going gets going. Is that worth it to you? Do you have the drive to live a life free that is so strong you’d give up everything for it? I say this not as a finger pointing or “you’re weak” thing, but a genuine question. I don’t blame you if the answer is no.
great thing we should all be considering, but one I’m not sure you can truly answer until the feds have got you in a jail cell threatening you with life if you dont betray your comrades to become their informant (as an example of extreme situation). I think I’m ok with it, but am I actually? we will see.
First part makes definite sense. Completely unacceptable to have that kind of thing just laying around for anyone, especially considering the pettiness that is sometimes present within leftist organizing lol.
Last part also good point. Yeah, I mean, shit we don’t really know until we are there. But I think we can get more and more of an idea and closer to saying yes as we get more involved in this organizing. We are in danger for before the feds have us in the cell. But yet we continue. That to me signals something brave
