Duk Op and Online Security

Duk Op takes your internet privacy seriously, and does its best to avoid gathering unnecessary information about its users. On this page you can read more about our policy, about the different user types we have on the website, about why you should protect yourself when surfing the internet, and also find a simple way to protect your privacy when online.

Summary:

Our policy

The aim of our privacy policy is to protect our users from unwanted surveillance of their online activities. User privacy is one of our foremost concerns and we have developed dukop.dk with this in mind.

Like almost all websites, we log visits and activity on the website in order to debug errors and identify attackers. However, we delete all logs that are more than two days old and we do not make any effort to connect IP addresses to specific users or their activity. This means that we cannot in practice connect users to IP addresses after these two days, nor do we wish to. Please note however, that if you need to conceal your IP address while on Duk Op, we recommend the use of TOR, as described below.

For the same reason we have actively chosen not to link our Duk Op login to Facebook or Google, which are companies that you cannot trust, when it concerns your data and your privacy.

We do however save the email addresses of our registered users in our database. This is necessary for us to send email confirmations and to allow us to reset users' passwords for them. We may also use user's email address to contact users if there are problems with the events they have created. Users' passwords are stored in an encrypted format in our database (bcrypt). This means that even though we control our database, we still cannot read your password; we can only confirm that you have entered the correct password when you log in.

Duk Op is only available over a secure web connection. This means that the data you exchange with the application will always be encrypted to prevent interception by people eavesdropping on your connection.

Duk Op's different user types

There are two different possibilities to create events here on dukop.dk. Events can either be created by registered users or by anonymous users.

Registered user

To log in as a user you need to register with a username and password, and need to write your e-mail in order to get a confirmation. This allows you to access more functions, like editing or deleting events you have created or commenting on your and others' events with your visible username.

Anonymous user

Alternatively, you can choose to create events anonymously. A username is generated for you, and you do not need to provide a password or a valid e-mail address. The event is created by the user "Anonymous". Keep in mind that you cannot edit or delete your event after your session expires or you log out.

Cool, right? Yes, but there are still some things you need to be aware of, if you need to make sure that no one else (for instance your internet provider) eavesdrops when you use dukop.dk and if you want to make use of all the features on the website. Read on to find out why should protect yourself on the internet, or jump directly to how you can do it.

Why should I think about internet security?

Despite the fact that we do not register your IP address when you visit dukop.dk, as a rule of thumb you cannot trust that your internet provider or other actors do not keep an eye on what you do online. For this reason you need to be very careful if you want to protect yourself and your private life, for instance when you invite other people to participate in political activities. Perhaps you are sitting there and thinking that the activities you are advertising for on Duk Op are legal and innocent, and that you do not need to worry about internet security. Well, you might be right, but there are at least two good reasons to protect yourself when you use Duk Op (and all the rest of the internet, too!).

The first good reason is that it is all about habits: the more we get used to protect ourselves in normal and "innocent" situations on the internet, the less we will need to change our ways of doing when we actually do need to be anonymous. So it may very well be that you don't think that the lecture on Swedish birds you are holding in two weeks is anything dangerous, but by acting securely and by protecting you today, you get used to it, and do not panic or make mistakes when you need to invite to pirate party or a blockade in two months.

The second good reason is solidarity: the more people hides their traces from the internet, the less suspicious it looks, when others, that might need it more than us, do it too. So, by using the intenet securely, you are doing a favour to both yourself and your comrades!

How should I protect myself when on Duk Op?

If you have come this far, you have hopefully been convinced of the need of doing a small effort to protect your data and hide your traces from the internet. The most normal situation, and probably also what you are interested in here on Duk Op, is to avoid that your name, e-mail or IP address get connected to a specific place, group of activists or type of activity. Fortunately there is a good and easy-to-use tool that can help you with it! Its name is TOR (The Onion Router), and can be downloaded here: www.torproject.org

TOR is very simple to use: you pack it out of its compressed file, install it (Ubuntu and Linux users: no install needed), and click on the icon. TOR opens then a copy of Mozilla Firefox, which is set up so that you can surf anonymously on the internet. This means that no one can see which websites you are visiting and, here on Duk Op, that no one can see that it is you, that is creating a certain event. You can read more about TOR on their homepage, but we can give you a couple of ideas on how you can use TOR on Duk Op.

You can use TOR on Duk Op in two different ways:

  1. You can use it when you create anonmyous events (highly recommended!). Only in this way you can be sure that there is no one else reading the communication between your computer and our server, when you create an event. In practice it means that you open TOR, write dukop.dk in the address field of the TOR browser and create your anonymous events from there.
  2. The other way to use TOR is to create a new e-mail account, which you can use to create a user on Duk Op. By creating a new e-mail address and by NEVER logging into it without using TOR, no one can see who the person that sits behind the e-mail address is. After you have created an e-mail address, you can use it to create a new Duk Op user. Afterwards, when you log in on Duk Op via the TOR browser, you can make use of all the features that registered users have access to, without compromising with your internet security.

Remember to write TOR's warning page.

Further readings about online security