9
9
6
It has been reported that Wikileaks.org was taken down because of massive denial of service attacks. This raises the question, "Who is coordinating these attacks?" Some experts have speculated that some hackers who were annoyed by Wikileaks unleashed these attacks. I don't buy it. There's something more interesting going on here. I think the US government may be involved and that raises a lot of questions.
flickr image by kryptyk
I know about denial of service attacks. My site has been hit by them numerous times. Generally, you know that your site is under attack because it slows down, totally fails to load or you start getting reports from multiple locations all over the world that the site is down. But it is not usually entirely down. Some people get through.
Checking the server, if you are under a Distributed Denial of Service Attack (DDOSA) you will see that many sites are "hitting" the server, taking up its resources, so it takes longer to access the server, if it is even available at all.
You CAN identify the worst offending IP addresses. When we've had DDOSAs, we've seen IP addresses from Russia, China, the US, Africa-- all over the place.
The thing is, those IP addresses are theorized to represent computers that have been infected with special viruses designed to be turned on when activated. Hackers create the viruses, send them out to infect millions of computers and then the hackers hit a switch and start those infected computers logging on to Denial of Service Attack target sites.
When my site had serious problems with DOFAs, our server managers set up a firewall and started blacklisting the IP addresses that were the worst offenders and any IP address that acted in certain ways. I'm not server engineer, so I'm doing the best I can to explain this.
The point of this mini-lesson is that it takes advance planning, technology and strategizing to deploy the web resources necessary to start and maintain a DDOSA. Reports indicate that the attack on Wikileaks.org is far more massive than the average attack, volumewise.
I am speculating that the US, or perhaps one of its allies has built up either on its own, or through working with third parties, possibly including hackers, even third world hackers, since some of the best hackers are not in the US or first world countries, and that the attacks are under the direction of either the US or one of its allies or partners.
This would mean that the US or its partners are using spam and virus malware intentionally as a way to control a website-- in this case, shutting down wikkileaks.
This is not really surprising. In fact, it might even be reassuring, that the government has faced the reality that these technologies exist and have great power that should be accessible by appropriate government and military agencies. But the consideration that these technologies are being employed by the US also suggests that they can be employed by any government, or even corporations.
This raises some questions about controlling the use of DDOSAs as a strategic technology.
-Is it appropriate and acceptable for the government to do business with hackers that have sent out millions of viruses and malware?
-Is it appropriate and acceptable for the government to hire third party operatives or companies that do their work by spewing out viruses and malware?
-Is it acceptable for the US government to directly or indirectly infect millions or thousands of computers using malware designed to participate in Denial of Service Attacks?
-Should government agencies-- CIA, FBI, military, Homeland Security-- be allowed to use these technologies without getting authorization, like they used to have to get for wiretaps or setting up other intelligence gathering activities?
If you believe that some random hackers have brought down wikileaks.org with a massive DOFA far more powerful than those usually seen, then, well, don't worry
Recently, Homeland security shut down a few dozen file sharing websites that were accused of engaging in file sharing. Could the same legal premise be in use to shut down wikileaks? (I really don't get why copyright protection-- the goal of shutting down file sharing websites-- is the mission of homeland security.)
If you think that the US or one of it's allies or partners were involved, then we need to have a conversation about this, about the technology, the policies and how they are handled. Wikileaks has pissed off a lot of people, but I haven't seen any reports that the US has shown that Assange or his site have broken any laws.
There are some legislatiors and media people calling for Assange's assassination or execution. It looks like someone gave the order to "kill" the wikileaks website. Maybe we should talk about what that means to our laws, our rights and the future of the web.
This is no small consideration. Assange is ranked one of the 100 most powerful people in the world for good reason.
