Skip Navigation | Sheffield IMC | UK IMC | Editorial Guidelines | Mission Statement | About Us | Contact | Help | Support Us

UK Indymedia UK Indymedia Sheffield Indymedia Sheffield Indymedia

Post Flash Fallout, Lessons and Activist security

IP address supplied | 12.01.2011 20:00 | Analysis | Indymedia | Repression | Sheffield

Everyones being talking about Mark since Oct but what have people learned or changed? We always knew that the state was interested in our activities and that they send people to our meetings and monitor our email etc. However it seemed unlikely that the cops would take us seriously enough to go to such extreme lengths to embed a cop in our circles so deep or for such a long time. Sure, the cops would have their snitches among us, those who dedication to the cause could not compete to their own dedication to drink, drugs, parties and easy cash. Of course we also knew that the corporations we target would also be spying on us and that there were companies who specialised in infiltrating our groups and selling info to whoever would pay. When the news about Mark broke, the surprise wasn't that we had been infiltrated, it was the it was a cop and not simply a private detective or a friend turned informer.

Why would the cops send their asset on expensive overseas trips rather than concentrate on activists in the UK? What did they hope to gain from sending Mark to Iceland or Italy etc? These were just some of the questions we all asked ourselves. As more information has emerged we've learned about Marks connection to Global One who sold info to the likes of Eon. Now the overseas trips make sense, Global Ones corporate paymasters are multinational and while the state might have though Mark was their asset, actually he was playing a wider game selling info directly to our targets. Perhaps his bosses in the force knew this, after all, they are the ones who set up companies like Global One - no doubt it pays significantly better than the state!

So, what should we have learned from all this? What if anything should we change or do differently?

Activist security it shit! I'm always amazed how shit it is while at the same time there is so much paranoid rhetoric. People make such a big deal about the presence of mobile phones (even in public meetings that any cop or Daily Mail reporter could attend), whispering to avoid being overheard by phones in pockets should a comment be too brief to go to the effort of pulling batteries, but they are happy boast about their latest activities to people who really don't need to know. All too often people expose their circles of associates through shoddy email etiquette or the use of social networking sites, or engage in gossip which might supply leverage to our enemies.

I'm not going to try to list things we could do better, there are already resources out there to read and learn from (see the Activist security project for example). However I think we should all do a bit of honest soul searching and think about what we are personally lapse about. For example, I admit it, I don't use TOR to access and post to indymedia, even when posting action reports. I know that is shoddy and dangerous behavior, I should know better. How about you?

IP address supplied


Hide the following 20 comments

steady on!

12.01.2011 20:21

well I never someone actually talking fucking sense re: flash rather working as an unpaid researcher for the mail. nice one.


jobs for the boys in blue

12.01.2011 20:39

Policemen just like everybody else need to earn a living. They are just looking for imaginary "threats" to their masters, to justify their existence and continued expansion. There's nowt else to it.
And we are merely facilitating the states hastened demise through obesity. They know it, but they just cant resist feeding at the trough. Snouts out boys, get a proper job;)


Justice through deterence

12.01.2011 21:41

"Why would the cops send their asset on expensive overseas trips rather than concentrate on activists in the UK? What did they hope to gain from sending Mark to Iceland or Italy etc?"

There are repeated clear cross-overs from state to corporate infiltrators, but ignoring that, there is clear cross-overs from one state snitch to another. The German cabinet is obviously complicit in Kennedy's activities in Germany, from their covering up of inconvenient questions in the past months. They probably paid for his travels, so you can't trust any European or Echelon state national here simply due to their nationality.

"So, what should we have learned from all this? What if anything should we change or do differently?"

I've seen numerous suggestions from old-timers and actual victims of this guy, and I disagree with 90% of their 'obvious' suggestions. Real activists sometimes do have money, sometimes do travel, and sometimes do seem 'too good to be real'. Watch what people ask for no apparent reason. Check their families out unexpectedly, like normal people do unintentionally. Follow basic principles like don't ask, don't tell and be suspicious when others don't. On a case by case basis, not a checklist that agents can follow.

"Activist security it shit! I'm always amazed how shit it is while at the same time there is so much paranoid rhetoric"

It fucking is, for the most part. I'm surprised there is anyone outside of prison sometimes. I could quote examples that would make you laugh and cringe.

Something you haven't said though, that I will, is that is plenty of reward for infiltrators and no effective deterrent as yet. They get hundreds of thousands of pounds, free rape, foreign travel, but when they get caught what do we do to them? We act hurt and bad-mouth them. We won't deter their awful misdeeds until we start punishing them severely for the injustices they have perpetuated.

I don't think infiltrators should be exposed, they should be disposed.

IP address withheld

indymedia is safe

12.01.2011 21:43

You don't need to worry about hiding behind proxies when posting here, just when using corporate sites like, facebook, twitter etc. Indymedia connections are safe. Publishing is always made via SSL secure encrypted connections and the server never logs IP addresses so even a court order gets the cops nothing. Of course using TOR is good practice anyway.


Fail! Go directly to jail

12.01.2011 23:24

"Activist security it shit!...I don't use TOR to access and post to indymedia, even when posting action reports. I know that is shoddy and dangerous behavior, I should know better." - IP address supplied

"indymedia is safe You don't need to worry about hiding behind proxies when posting here" - IMCista

Since Indymedia UK is currently attracting more than usual numbers of tabloid interest I am going to criticise the above posts anonymously and without reference to personal experience. Hide this post though and I will repost it without the self-censorship on MSM.

Indymedia is not safe. No website can be safe. Saying this site is safe is not just dishonest, it is an insult to everyone's intelligence. If you post anything illegal here then you MUST post it anonymously. That used to be standard IM advice here from this point on: so I am surprised any IMCista would claim otherwise. Tor or whatever alternative anonymiser is essential.

I'll explain in general terms that shouldn't be seen as paranoia and shouldn't be dismissed lightly. Any webserver requires a TCP/IP address to make a connection. Most webservers log those details, this collective says they have switched that logging off, kudos to them for that (not all collectives do permit this for some unfathomable reason). However, any techie who has access to the server, whether from within the collective or externally, still can see the connections being made and can record your IP address on a bit of paper. In a way, any webadmin has to to defend the server from malicious attack so it's not necessarily sinister. If you don't take every reasonable precaution to anonymise then you shouldn't be posting about other activists crap security when your own is obviously crap, this is basic stuff. And for an IMCista to dismiss this is just awful.
You shouldn't just be using Tor for illegal posts, it should be standard operating procedure for all posts on all sites that permit anonymous posting - and you should be wary of sites that don't permit it. IM UK do permit it so use it. That's not paranoia, that is best advice, and the IMCistas used to say that themselves, I don't know why the standards have slipped here, or rather I don't want to speculate.

Tor is not bullet-proof in itself, you have to use it properly and learn it's limitations, and you have to be cautious which Tor software you use as some are fake malware. Learn the basics about computing and you'll see there is a network of trust, that open software is more trustable so any anonymiser from SourceForge is more trustable - once you read the fucking manual!

Try this one, it's a suite that has other sweet apps bundled-


Don't be naive

12.01.2011 23:36

No indymedia site is safe and IMC UK is no exception. Site users can trust IMC UK only so far as they can trust the people who admin the site and server. If Mark Stone teaches us anything it's that we can't assume we can trust even those we have worked with personally for years.

The cops don't need to get court orders or seize servers to get hold of IP addresses from IMC UK, they just need somebody on the inside and that wouldn't be hard to do, a lot easier in fact than the Kennedy deep infiltration. Indymedia admins are pretty faceless and not necessarily particularly active or known by the diverse range of activists who use the site. There are dozens of people who have admin access through the various local collectives that make up the network and they all have access to IP logging features built into the content management system used by the site. It is trivial for anyone of them to be saving that data and sending it on to others.

While indymedia may be dedicated in principle to protecting users identity, nobody should trust Indymedia any more than any other site in protecting their identity. Everyone should use TOR, or other means, to avoid being identified by IP addresses and other information about their computer access!


the state is your enemy

12.01.2011 23:40

You may have been at pointless meetings (Flash often wasn't he was always more interested in the action side of action)

I think you will find that Flash was involved in the political disruption of serious anarchist activity, Like many attempts on large parts of the carbon infrastructure, the physical confrontation of the fascists or assaults on Berlin's city centre.

Most of his stuff abroad as far as we know was about the links between UK revolutionary and our comrades abroad. I can completely understand why the state would want one of their assets in this .
I'm not amazed in the slightest that the secret state has a number of operatives disrupting our movements all I'm annoyed about is that he was him, I used to think he was a decent bloke.

As well as reviewing security you could also start viewing our own movement as a credible threat Npoiu certainly do.


Basic lesson number one

12.01.2011 23:51

The most basic lesson people should have taken on board as a result of my cover being blown is don't believe somebody is necessarily who they say they are. That is even more important when considering the credibility of articles and comments posted online. Just because somebody posts as IMCista does not mean they really are, any one can post as anything they like!

Information from sites which allow and encourage anonymous posts must always be taken with a pinch of salt. Indymedia is full of comments posted maliciously by people hiding their true intentions and the threads about the infiltration story are no exception. It is painfully obvious that activists are being wound-up and provoked by people who are not really activists at all.

Don't fall for the bait, all that nonsense about withholding info/photos etc, all the criticism of the way things have been handled, it's standard procedure for disinformation trolls who have been operating on IMC UK on a daily basis for at least seven years.

Mark Kennedy

More constructive

13.01.2011 10:12

At least this has that potential.

The most telling comment above is that Flash Mark often wasn't at important meetings. By and large, he just did the action. He was often absent even from very action-oriented meetings when everyone was very cautious about security. Other times he'd be seen gossiping on the fringes rather than paying attention to what was going on. In many of those cases he'd already been approached to do X, Y or Z and if the general idea was agreed to go ahead, that's what he did.

There is a lot more I was going to say about how we can protect ourselves better and be more certain who is genuinely trustworthy without turning into an inquisition or operating like Trots, but I have just deleted it. Another time. Lets not make this a handbook on advanced infiltration techniques, eh?

Two reasons to be cheerful:

1. There have been at least two others who've been suspected, the suspicion has reached them or has been openly stated and then it's been confirmed by their prompt and total disappearance. Flash Mark was a better (i.e. worse) act than these people, who were never really trusted. We're not entirely defenceless or utterly stupid and this should encourage us to improve security further. I'm not saying there isn't or can't be another Flash -or several- but it's not as easy to achieve as some people think and it's our job to make it even harder.

2. This whole farce is a big kick in the goolies for NETCU. Taken together with the cuts, this lavish job creation scheme for bent coppers may now be doomed. Whether or not Flash Mark really "went native" as suggested by some, it's clear they lost control of him and of large slabs of police wonga in the process.

Two things would be worth investigating further;

1. Mark said, when confronted, that he hadn't voluntarily resigned, but had been "asked to resign" (this is usually police-speak for sacked when, for their own scummy reasons, they don't want to charge an egregiously corrupt rozzer with criminal offences). It's obviously daft to believe it just because Flash said it, but if it's a lie it's hard to see a reason for it, except possibly...

2. What actual evidence is there, if any, of Mark working for any of the powerful non-state or quasi-state interests we're up against? No, don't post it here if you have any, but worth thinking about and discussing elsewhere. Or is it just supposition as an alternative to the "went native" theory? We could be failing to give ourselves credit for -albeit unwittingly- having "turned" a bastard. I'm not saying that's the case (before anyone jumps in), but it's also worth considering.



13.01.2011 11:40

Just seen the Guardian / Daily Mail stuff on Flash's alleged private sector ventures. It may invalidate some of what I said above and needs thinking about.

I say only "may" though. If they really think they've lost him, it could also be bullshit set up to make sure we never trust him again and HE won't be spilling any beans to US. We wouldn't ever trust him again anyway, I'm sure, but just try thinking with their deranged perceptions. It's easy to set up companies and feed the media. Journos are nearly all lazy bastards.


To Grassy Knoll...

13.01.2011 19:21

Grassy Knoll, you have mixed a load of half truths and speculation and come to some seriously wrong and destructive conclusions. Amongst many errors, you are saying that the people that exposed him know where he is now. This is a very serious and wrong accusation, and with no evidence you are basically calling them cop assets.

It's a very serious accusation, and one that you should retract now unless you have proof, which you won't cos it's not true.

Comradely? Or Destructive?

Hang on

13.01.2011 20:50

Wasn't it said numerous times on comments on the earlier MS threads, and by people very close to the 6, that they wouldn't disclose MS's whereabouts to protect his family?

IM reader

The best of the rest

13.01.2011 21:55

I read the grassy knoll article when it was briefly on the newswire earlier - before it was swiftly removed. IMO there have only been 3 good posts on this subject and this is easily the best. As the piece says why are 6 people in Notts (at least 1 of which is talking to the press) being allowed so much power when this affects hundreds. We have to face up to what has happened and putting our heads in the sand while a minority squeal to the press isn't helping.



13.01.2011 21:56

Nobody knows where he is (apart from the vague 'in the USA' that the media have said), and the only info not being made public is his childrens details, for what I think are the right reasons!

Nonny Mouse

So wrong...

13.01.2011 22:03

Only 5 people confronted him. If you can't even get that basic fact right, fuck off with the rest of your lies. None of those people have any more info about were Mark is than anyone else. And you'd had months to bring this up and haven't, even personally with the people that exposed him.


Stone's whereabouts

13.01.2011 22:23

Probably smoking a fat spliff on a warm beach NOW. But at the time he fucked off people in Notts knew precisely where his other life was. They chose to keep that secret just as they did the location of the boat. This is not all just about a few ageing mostly retired eco-activists in Notts.

Korky Kat

kennedy has the entire state to protect him and his family

13.01.2011 22:36

Why does he need you lot to help him out? Unless you are just sticking to your side of the bargain. The movement is not full of child killers btw. You dont trust your comrades but you trusted newsnight.

pissed off

Too many self-pitying cry-babys...

13.01.2011 22:53

...not enough revolutionaries. The State must send cops into our movement for a nice safe holiday. Seven years shagging about, boozing in the Sumac, getting off your head. and if it comes on top don't worry you can go on your way without so much as a slap. 'Money problems'? I don't believe that for a minute, he must be minted. Probably get an invite to S.Lewises next dinner party.


Provocateur alert

14.01.2011 00:07

I have been watching the comments about the infiltrator on indymedia UK for a while now.
A pattern is clearly visible. At first a lot of disrupting posts appeared, quite chaotic, like a gang's response to a security breach.

Then it was relatively quiet.

Now a wave of the same posts of allegations and attacks against the 5 or 6 people who confronted the spy. Followed by a wave of posts displaying support to the attack.

They regrouped, had a meeting and came up with a strategy.

I spot an organized attack against the brave 5 or 6.

I hope they realize that no activist will feel anything else but compassion and support.
I hope that we'll all see the attacks for what they are: a damage limitation exercise for the failed corporate mission and a attention diverting and disrupting exercise by the corporate 'agents provocateurs'

Unity is strength!


speculation is weakness

14.01.2011 00:43

I've seen the same posts, and am not involved in either group, and both are as bad as the other. I could equally point out you spell like an American. You must be CIA then?!

None of this is conclusive, few of the lessons I've seen listed are valid, this whole shit storm is 99% speculation dressed up as fact. We all knew there were infiltrators, and the one thing we know for certain after this exposure is we weren't being careful enough in our trust-relationships and accuse others of 'paranoia' so readily.

It is always worth challenging and being challenged, but after the fact then don't draw lessons you didn't see before. Stick to simple principles, provable facts, and always investigate yourself. We got lucky this time because the guy confessed, that rarely happens. The time to be paranoid about Mark has passed and too much breast-beating now is doing more damage than he ever did. Unity is not strength, strength is strength.

spotted dick


South Coast

Other UK IMCs
Bristol/South West
Northern Indymedia

Sheffield Topics

Animal Liberation
Climate Chaos
Energy Crisis
Free Spaces
Ocean Defence
Other Press
Public sector cuts
Social Struggles
Terror War
Workers' Movements

Sheffield [navigation.actions2016]

Sheffield [navigation.actions2015]

Sheffield [navigation.actions2014]

NATO 2014

Sheffield Actions 2013

G8 2013

Sheffield Actions 2012


Sheffield Actions 2011

2011 Census Resistance
August Riots
Dale Farm
J30 Strike
Occupy Everywhere

Sheffield Actions 2010

Flotilla to Gaza
Mayday 2010
Tar Sands

Sheffield Actions 2009

COP15 Climate Summit 2009
G20 London Summit
Indymedia Server Seizure
University Occupations for Gaza

Sheffield Actions 2008

2008 Days Of Action For Autonomous Spaces
Campaign against Carmel-Agrexco
Climate Camp 2008
G8 Japan 2008
Smash EDO
Stop Sequani Animal Testing
Stop the BNP's Red White and Blue festival

Sheffield Actions 2007

Climate Camp 2007
DSEi 2007
G8 Germany 2007
Mayday 2007
No Border Camp 2007

Sheffield Actions 2006

April 2006 No Borders Days of Action
Art and Activism Caravan 2006
Climate Camp 2006
French CPE uprising 2006
G8 Russia 2006
Lebanon War 2006
March 18 Anti War Protest
Mayday 2006
Oaxaca Uprising
Refugee Week 2006
Rossport Solidarity
Transnational Day of Action Against Migration Controls
WSF 2006

Sheffield Actions 2005

DSEi 2005
G8 2005
WTO Hong Kong 2005

Sheffield Actions 2004

European Social Forum
FBI Server Seizure
May Day 2004

Sheffield Actions 2003

Bush 2003
DSEi 2003
Evian G8
May Day 2003
No War F15
Saloniki Prisoner Support
Thessaloniki EU
WSIS 2003

Server Appeal Radio Page Video Page Indymedia Cinema Offline Newsheet

secure Encrypted Page

You are viewing this page using an encrypted connection. If you bookmark this page or send its address in an email you might want to use the un-encrypted address of this page.

If you recieved a warning about an untrusted root certificate please install the CAcert root certificate, for more information see the security page.


satellite tv


estrecho / madiaq
la plana
northern england
nottingham imc
united kingdom

Latin America
chile sur
cmi brasil
cmi sucre
puerto rico


South Asia

United States
hudson mohawk
kansas city
minneapolis/st. paul
new hampshire
new jersey
new mexico
new orleans
north carolina
north texas
rogue valley
saint louis
san diego
san francisco
san francisco bay area
santa barbara
santa cruz, ca
tampa bay
united states
western mass

West Asia


fbi/legal updates
mailing lists
process & imc docs