All posts by Flokinet

World Password Day

World Password Day is a day to be aware of the important role passwords play in our digital lives. Here are five important tips:

  1. Use a unique password for each online account that consists of a combination of letters, numbers, and symbols. A strong password is one of the most important measures you can take to secure your online accounts. By using a unique password for each account, you can prevent a hacker from gaining access to multiple accounts if they manage to crack one password.
  2. Never use personal identifiers in your password. Avoid using any information that can be easily guessed or found online, such as your name, birth date, or phone number. Instead, use a combination of random letters, numbers, and symbols that are difficult to guess.
  3. Use a password manager to generate and store your passwords securely. Password managers are software applications that can generate and store complex passwords for you. They can also fill in login credentials automatically, saving you time and effort. Some popular password managers include KeepassXC, 1Password, and Bitwarden. KeepassXC is free and open source software while 1Password and Bitwarden are pais services.
  4. Use two-factor authentication for an extra layer of protection. Two-factor authentication (2FA) adds an extra layer of security by requiring you to provide two forms of identification before accessing an account. This could be a password and a fingerprint, a password and a one-time code sent to your phone, or a password and a security token. We recommend using an open-source 2FA app like FreeOTP+.
  5. Regularly check if your data has been compromised in a data breach by visiting haveibeenpwned.com. Have I Been Pwned is a free website that allows you to check if your email address has been included in any known data breaches. If your email address has been compromised, it’s important to change your password for that account immediately.

Another year, another censorship attempt

On January 15th, 2023, we received a Cease and Desist letter (you can see the letter at the bottom of this page) from the ‘General Counsel’ of Cellebrite Ltd., requiring [us] to immediately shut down the site named “EnlaceHacktivista.org” on the grounds that their intellectual property was made public as part of a series of leaks which also include “Micro Systemation AB” from Sweden. Within these leaked data, it is possible to find documentation with tools developed to break into private devices (phones, tablets and laptops) and extract information.

Both companies are notorious for selling their products to oppressive regimes with very poor human rights records, which use these tools to harass journalists and put their work and lives in danger. So, while a cease and desist letter is an internationally recognized procedure, according to the EU law this leak is protected by the DIRECTIVE (EU) 2019/1937 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 October 2019.

We take the protection of our customers’ privacy, security, and general rights seriously and in this case, we have determined this request clearly attempts to use copyright laws to suppress free speech and media, which is not legal as detailed in the DIRECTIVE 2001/29/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. As a result, we have politely informed the representative of Cellebrite Ltd. that we will not take action.​​​​​​​​​​​​​​ Last year ended with a similar request regarding this platform: https://blog.flokinet.is/2022/11/11/censorship-in-ecuador/

More information about these companies can be found here:

https://theintercept.com/2021/06/14/myanmar-msab-eu-technology-regulation/

https://signal.org/blog/cellebrite-vulnerabilities/

https://www.theguardian.com/technology/2021/apr/22/signal-founder-i-hacked-police-phone-cracking-tool-cellebrite

=======

The letter can be found here:

Dear Sir / madam:

I am Cellebrite DI Ltd. and its group companies (“Cellebrite”) General Counsel. It has come to our attention that person(s) operating under the name of “EnlaceHacktIvista.org” (“Enlace”) have a domain under the name of www.EnlaceHacktIvista.org. It has further come to our attention that FlokiNET are the ISP hosting this Enlace domain. On January 13, 2023 Enlace issued a statement on their website notifying of the receipt of certain Cellebrite owned files from an authorized person, and further indicated the “leaks” are available for download in different locations including their said domain.

Cellebrite hereby requires that you immediately shut down www.EnlaceHacktIvista.org and cease and desist from making available or enabling the availability, on such website or otherwise, of any of Cellebrite’s copyrighted software, documentations, scripts or any other artifact identified to be owned by Cellebrite, including, without limitation, the Cellebrite installation files (collectively the “Cellebrite Materials”).

All use or distribution of the Cellebrite Materials is subject to Cellebrite’s end user license agreement (“EULA”). Cellebrite’s EULA provides that the license grant is subject to the terms and conditions of the EULA, including without limitation the restrictions on transfer, assignment or distribution, making the grant of the license conditional on compliance with the terms of the EULA. Under Cellebrite’s EULA, Cellebrite Materials may not be sublicense, transferred or assigned without Cellebrite’s prior written consent. Under Cellebrite’s EULA, Cellebrite Materials may not be distributed, including by selling a product on a secondhand market, nor is it permitted to attempt to distribute Software. As Cellebrite’s EULA does not permit transfer, assignment, distribution or an attempt to distribute Software or other Cellebrite Materials, publishing of Cellebrite Materials infringes Cellebrite’s copyright and other intellectual property rights in such materials.

We, therefore, demand that you immediately cease and desist from making available or aiding in allowing availability of any Cellebrite Materials on the said website www.EnlaceHacktIvista.org or otherwise. Your failure to remove the website or our materials from the website and to provide us with written assurance that you have done so within seven (7) days of the date of this letter will force us to explore additional means of legal redress available to Cellebrite in connection with the unauthorized use of Cellebrite’s copyrighted Software and other materials.

This letter is not intended to exhaust or waive any claim or argument that Cellebrite have or may have. Nothing in this letter (or any lack thereof) shall prejudice any of Cellebrite’s claims, rights or cause of action against you or any other party acting on your behalf.

Respectfully,

General Counsel

Cellebrite DI Ltd.

As we stated before, we will not censor free press and the freedom of speech!

Censorship in Ecuador

After we received a request from the Australian Police in May this year (see more here), in which they wanted to censor one of our customers for leaking important data about the abuse happening in the Island of Nauru, we received another request from law enforcement in Ecuador.

Spanish original:

“Buenas tardes señores, Flokinet

Les saludamos de Ecuador para reportar que la Ip 185.165.170.80 alojado en su hosting se encuentra publicando información que afecta a la integridad de la Empresa Pública del Estado Ecuatoriano, por lo consiguiente solicito a ustedes como provedores de servicio de internet, tengan a bien dar de baja mencionado foro.

https://enlacehacktivista.org/index.php/Extractivist_Leaks/es#ENAMI_EP

Saludos cordiales,


Dirección de Ciberinteligencia”

English translation:

Good afternoon gentlemen, Flokinet

We greet you from Ecuador to report that the Ip 185.165.170.80 hosted on your hosting is publishing information that affects the integrity of the Public Company of the Ecuadorian State, therefore I request you as internet service providers, please remove the above mentioned forum.

https://enlacehacktivista.org/index.php/Extractivist_Leaks/es#ENAMI_EP

Kind regards,


Directorate of Cyber Intelligence

This time, Ecuadorian law enforcement is focused on shutting down the hacktivist group Guacamaya which leaked 400000 e-mails uncovering the cyber vulnerability of the military corps.

As a reply, we remain committed to our fight for a free press so our answer remains clear: We will not take down whistleblowers’ websites.

Keep Iran connected

In the light of recent events happening in Iran:
You can use the secure Signal app to stay in touch with friends and family.

For Android users:
Playstore is blocked in Iran so you have to download the Signal APK file if you dont have Signal yet installed:
https://signal.org/android/apk/

Optional: you can download the file from our website: https://flokinet.is/signal/

For iPhone users: You have to get a VPN to download Signal from the app store as a manual setup for Android is impossible.

After the setup, you will have to set in the settings the proxy domain you can request from us by Twitter or email (info@flokinet.is).


A detailed how-to can be found here:
https://support.signal.org/hc/en-us/articles/360056052052-Proxy-Support

Also in Persian available:

https://support.signal.org/hc/fa/articles/360056052052-%D9%BE%D8%B4%D8%AA%DB%8C%D8%A8%D8%A7%D9%86%DB%8C-%D8%A7%D8%B2-%D9%BE%D8%B1%D9%88%DA%A9%D8%B3%DB%8C

If you have any questions, please contact us at info@flokinet.is.

Why The Netherlands?

Why did we open a data center in the Netherlands?

We made this decision in order to have a footprint in Western Europe for low latency and high bandwidth options. Additionally, the freedom of speech and press laws are great, something that comes to our advantage in protecting the values that we believe in.

What does the Netherlands have to offer in terms of hosting advantages?    

Excellent connections within Europe, low bandwidth prices, DDoS protection and withal all products are wind energy powered, having a low carbon footprint.

Where is the following location of a FlokiNET data center?

We are perpetually probing, for now, various locations. The next one will be most likely outside Europe. As soon as we have details, we will publish them and let the world know our next move.

What products does FlokiNET offer in the Netherlands?

We already offer all products that are available in other locations like shared hosting, VPS, dedicated servers and colocation. You can check out our products here and see which one fits best to your hosting needs.

Have any questions or suggestions for us? Contact us at info@flokinet.is.

Fight surveillance law in Romania

How does it influence the hosting and cybersecurity industry in Romania?


The law will require:

– Hosting provider to intercept communications, provide customer data and decrypt data if necessary, also at their own expense.

– IP resource hosting providers and electronic communication providers “to grant, at the request of authorized bodies, under the conditions of this law, the decrypted content of communications transited in their networks”


But what would this cause for customers in reality?

– decrypt encrypted content. So for example SSL/TLS based data has to be decrypted on request. In case the provider has access towards your key (for shared and managed hosting this is always the case, the same for most DDOS filter)

– provide details about website visitor (IP log)


How will be FlokiNET affected?


The law does include also foreign provider operating IP / network in Romania. However we and our legal team does clearly sees the proposed law as illegal under Romanian constition as well as under EU law. All passwords, decryption keys, SSL keys etc are managed by FlokiNET ehf Iceland and handing them over would violate Icelandic law. We are more then willing to discuss this in court and will not cooperate in any matter that would break Icelandic law.


Customer data remains safe?

Yes, it does! All our server are encrypted, without the keys stored safely in iceland no data can be decrypted.


Should i move my hosting / server towards a different location?

There is no need for this, in case our legal opinion changes or the law becomes permanent we will adress our customers.
What action will take FlokiNET to ensure customer data safety?Since FlokiNET was founded in 2012 customer data protection is our DNA.

This includes the encryption of all data and several technical and legal measurements to make sure this data remains safe. However in the case the law will become active in Romania we will immidiate challenge this in court and are confident to appeal the law.


Conclusion for our customers:

No changes or worries required for now. In case the situation changes we will let you know.

What can i do?

In our previous blog post we mentioned that the Romanian Senate is due to vote on a piece of legislation that severely crippled the ability that hosting companies have to provide secure services to you, the customers. If you want to take a stand against this, we urge you to send a letter to the Commissions inside the Romania Senate, as well as the representatives of Romanian political parties.

You can use the letter below as a template, add your own position to it, and send it. We recommend you act sooner rather than later, since the vote on this piece of legislation is scheduled, most probably, for Monday, February 14th.

Think of it as sending a Valentine’s Day letter to a secure Internet. 😉

The blog entry with the background:

ANTI-SURVEILLANCE OPEN LETTER

A new proposal to extend communication surveillance and to intercept encrypted communications is about to be voted in the Romanian Senate.

This law proposal is designed to increase surveillance by crippling hosting security. Below you can find an open letter that we and other hosting companies have send to prevent this from happening and the letter that will go to the Romanian Senate.

In our second blogpost you can find further details how it influence your services with us.


Greetings,


There is a piece of legislation, most likely due to receive the Senate’s vote on Monday, February 14th, in Romania, that introduces a number of obligations that amount to increased surveillance and a decrease in the secure services we can offer. 
The piece of legislation is an amendment introduced, without any public debate, inside the Code for Communications (which implements a European directive). The amendment has nothing to do with the surrounding legislation – it was introduced strictly in order to increase state surveillance. 
I’ve composed an open letter, which I invite you to read and if you are in agreement with what is expressed, sign. The English version of this letter is appended at the end of the e-mail, and the Romanian version is attached. Your signature will appear on both. 
I urge you to respond to this as soon as you can – we need to send the open letter, in order for it to be received and read by all those we will contact:- the Communications, Economic and Juridic Committees inside the Senate;- the president of the Senate;- leaders of Romanian political parties.
The exact same open letter that I have attached to this e-mail will be sent to all of the above. 
Please respond, if you are willing to sign, by 5pm this Friday, February 11th. Let me know how your want your signature to appear (I suggest a format such as “Ion Popescu representing XYZ hosting company”).
For more context around this matter, you can consult the following:- the open letter of the civic society https://www.stareademocratiei.ro/2022/02/10/senatori-interceptarea-comunicatiilor-trebuie-facuta-legal-si-constitutional-nu-acceptati-calul-troian-din-codul-comunicatiilor/– the initial form of this amendment https://apti.ro/largirea-interceptarii-comunicatiilor-electronice-impusa-pe-sest– the aftermath of the amendment going through the Senate Committees https://apti.ro/furnizori-gazduire-calul-troian


Senator,


With this open letter, the signatory entities, providers of storage (hosting), instant messaging, and other online services express their common position of rejection of the Bill to amend and supplement certain regulatory acts in the field of electronic communications and to establish measures to facilitate the development of electronic communications networks (L532/2021, Communications Code) [1]. 
The signatory entities appeal directly to you to reject Article 10 index 2, in its current form and, possibly if still necessary, to send it to the Special Committees for rethinking and appropriate discussion.


In particular, the new obligation for IP resource hosting providers and electronic communication providers “to grant, at the request of authorized bodies, under the conditions of this law, the decrypted content of communications transited in their networks” puts us in the position of violating the confidentiality of communications transited in our networks, which is an express legal obligation provided by Art 4 Law 506/2004 (as the implementation of EU Directive 2002/58/EC Eprivacy) and Art 28 of the Constitution on the secrecy of correspondence.
Technically, this would be almost impossible if content served by one entity was encrypted by another entity unless we equipped ourselves with a series of highly sophisticated tools and turned into cyber criminals for a man-in-the-middle attack. Even then we don’t think we’d succeed.
Also, the concept of transit itself is vague and cannot be directly translated into a technical solution. In any web application, the term “communications content” refers both to messages exchanged between human users, who are communicating, but also messages exchanged between automated entities, which are part of the smooth functioning of the application. It is incorrect to treat any form of information exchange as homogeneous.  We remind you that most web communications are encrypted (https) nowadays.


The signatory entities are brought together by a common interest in providing customers with quality hosting, storage and messaging services to the same standards as other entities operating in the same field. The signatories carry out commercial activity on the territory of Romania, an activity which is directly targeted by the provisions of the draft law through the following wording:
“provider of electronic hosting services with IP resources – a person who, on the territory of Romania, provides services for storing, distributing content and ensuring access to it, on owned or rented servers, by managing a set of IP addresses on the Internet”.
We would also point out that providers of this type are already regulated by Law 365/2002 on electronic commerce, and an obligation to notify ANCOM (unique in the European Union) would violate the principle of Art 4 (1) of this law.


The Romanian civil society has addressed an open letter to you [1] whose arguments we support:
1. The Communications Code should not be extended with amendments that legislate the interception of communications. The European Directive, which is transposed by the present Communications Code, does not specify such obligations. Moreover, the amendment introduced in the Communications Code is contrary to the existing E-Commerce Directive and the proposed Digital Services Act Directive; 
2. The wording in the amendment is vague: both the wording describing the entities covered by the amendment and the wording describing the obligations incumbent on the entities. From the present wording, the obligation is imposed on any entity hosting content or providing messaging services on the territory of Romania, regardless of the legal entity, the location of the infrastructure, the purpose of the activity. Moreover, this wording is directly contrary to the proper functioning of some hosting and messaging services – from a technical point of view, encryption is necessary and critical for the security of these systems. The obligations of the amendment translate directly into a degradation of the quality of services, which will be suffered by all persons accessing content on Romanian territory;
3. The Constitutional Court of Romania has ruled that vague formulations cannot be considered constitutional.  
Thus, the signatory entities recommend:
1. Rejection of art 10^2 or referral to discussion in the Senate Committees.
2. Transparency in the drafting of legislation on hosting and messaging services, as well as public debates in which the actors concerned offer their support for the drafting of laws that are beneficial to all. 
[1] – https://www.stareademocratiei.ro/2022/02/10/senatori-interceptarea-comunicatiilor-trebuie-facuta-legal-si-constitutional-nu-acceptati-calul-troian-din-codul-comunicatiilor/

 

Flokinet DNS Resolver

An open DNS recursive service for free with high security and high privacy in mind.

No data containing your IP address is ever logged in our service. Connections can use encryption if your system supports it and unlike a growing number of resolvers we do not censor your DNS.

We support DNS over HTTPS and DNS over TLS to allow you to encrypt your DNS traffic so untrusted networks can no longer see or tamper with the websites you look up.

All websites are encrypted today and so should your DNS traffic be.

Our anycast DNS can be reached at:

resolv.flokinet.net
IPv4: 37.156.68.20
IPv6: 2a06:1700:100:20::1

Our DNS in Romania is reachable at

ro.resolv.flokinet.net

IPv4: 185.247.225.17

IPv6: 2a06:1700:0:36::1

Our Netherlands resolver is reachable at

nl.resolv.flokinet.net

IPv4: 185.246.188.51
IPv6: 2a06:1700:3:11::1

Freedom Of Speech


Freedom of Speech

One of FlokiNET’s core values is freedom of speech. We promote this through our products and services.

However, in the context of the latest global health crisis, it has become more clear that the line must be drawn between what’s acceptable for FlokiNET and what’s not.

Where are the limits? The legal framework surrounding freedom of speech differs by country. While one might have fewer limitations, like the United States, through the First Amendment, other countries might be more restrictive about the expression of speech in certain ways.

Even under the protection of the First Amendment, there are certain categories that are not considered free speech: obscenity, fighting words, defamation (including libel and slander), child pornography, perjury, blackmail, incitement to imminent lawless action, true threats, and solicitations to commit crimes. So certain speech would be illegal under most speech laws.

For us, the guidelines we use when it comes to freedom of speech are dictated by law. More specifically, Icelandic law and the law our server are located in. The Icelandic constitution protects and aims to be a haven for freedom of speech; however, there are certain limits (for example, hate speech. See the case of Lilliendahl V. Iceland )

Covid and the worldwide pandemic

Since the start of the pandemic, we have often received requests to host websites that spread false information and make unsupported claims such as COVID-19 being a hoax, vaccines not working or endangering people, and so on. As a result, we refused all similar offers or suspended any websites that tried to proceed to create such content without our consent.

As much as we do love free speech, we have the responsibility to host content that doesn’t violate the EU’s best practices in the context of a global pandemic. Every client who signs up with FlokiNET should carefully read our terms and conditions regarding disinformation in order to avoid any misunderstandings and issues.

As the European Union Council cites: “Disinformation is hazardous to your health. While disinformation is always used with destructive or divisive intent, it can turn into a lethal weapon when it concerns public health.” Having this in mind, we have not and will not support any type of content that uses disinformation regarding the global pandemic.

We believe in free speech. We believe in science.

For any questions or suggestions please contact us at info@flokinet.is.

Webhosting 101 – Reseller Hosting

Have you heard about reseller hosting? It is an easy and efficient method of expanding your hosting business.

What is reseller hosting?

Reseller hosting is the process of buying hosting services from a provider and then reselling them to others.

You sell our products under your own brand and prices while counting on us to give professional support, manage the operation’s technical back-end, and lower costs as you grow.

When is reseller hosting a good option?

It’s the perfect kick-start for companies that are just beginning their hosting business venture as it requires no time to create products from scratch. Reseller hosting implies low investment, fixed costs, easy planning, and a variety of features.

This option also offers a wider range of products in different regions and networks, reaching a broader market.

What do you need for it?

  • A website
  • A web hosting management platform
  • A billing system ( for example WHMCS)
  • A payment system (for example coinpayments.net)
  • A customer support system

Optional: a registered company, if you don’t want to trade as a private person.

Plus points

  • Cost-effective
  • A way of earning extra income
  • A way to expand your hosting business
  • Low investment
  • Customer support offered by the owner company

Minus points

  • Availability for customer support in case it is not offered by the renting company
  • Reliance on third parties  
  • Products flexibility

Is reseller hosting a good option for your hosting business?

For any questions or suggestions please contact us at info@flokinet.is.