Julian Assange: The Latest Digital Refugee
The following article is reprinted with the permission of Radio Free Europe/Radio Liberty (RFE/RL), 1201 Connecticut Ave., N.W. Washington D.C. 20036.
Julian Assange: The Latest Digital Refugee
By Luke Allnutt (Tangled Web)
December 4, 2010
With WikiLeaks under attack and with major corporations withdrawing their support, Julian Assange has become something of a digital refugee.
Earlier this week WikiLeaks moved its site from its hosting platform in Sweden to Amazon in an attempt to deal with distributed denial of service (DDOS) attacks. Then on December 1 Amazon withdrew its support, saying it took down the site as it violated “terms of service” in that WikiLeaks was hosting content it didn’t own. (There were also disputed reports that Senator Joe Lieberman had been involved in getting Amazon to pull the plug.)
Then on December 3, EveryDNS, a company that provided WikiLeaks with its Domain Name System (the URLs that correspond to IP addresses), withdrew its support — not they said because they disagreed with WikiLeaks’ content, but rather because providing their services to WikiLeaks threatened their operations and other customers.
Of course, companies that provide hosting and web services are right to be worried. In 2009, DDOS attacks against a Georgian blogger, Cyxymu (who might have been the first popular digital refugee) meant Twitter going offline for a few hours and caused problems and speed issues for Facebook and LiveJournal. Cyxymu, a 34-year-old economics professor from Tbilisi, had most probably incurred the wrath of Russian hackers who were upset by his stance on the 2008 Russian-Georgian war.
DDOS attacks are relatively cheap, usually effective, and don’t need an incredibly high level of technical knowhow. They can also be pretty hard to defend against. As Hal Roberts from Harvard University’s Berkman Center points out in a blog post, “there are very few infrastructures that can deal with them”:
Defending against these large network attacks requires massive amounts of bandwidth, specific and deep technical experience, and often connections to the folks running the networks where the attacks are originating from. There are only a couple dozen organizations (ISPs, hypergiant websites, and content distribution networks) at the core of the Internet who have sufficient amounts of bandwidth, technical ability, and community connections to fight off the biggest of these attacks. Paying for services from those organizations is very expensive, though, starting at thousands of dollars per month without bandwidth costs and often going much, much higher.
Whatever you may think of Assange (I think his attempts at radical transparency are misguided and will eventually backfire), the WikiLeaks case does raise many interesting questions about “intermediary censorship,” where private companies, for instance Internet service providers or social networks, remove offending material. (A good example from this year was Facebook removing content related to the Everybody Draw Mohammed Day after complaints from the Pakistani government.)
Human rights groups often go with companies like Amazon for their hosting, or use Google’s Blogger platform, as those organizations have the capacity to deal with huge DDOS attacks. They see them as safe havens. The problem, of course, is that big conglomerates (especially in authoritarian countries) aren’t always safe havens and as Ethan Zuckerman points out in a blog post, “you’re relying on that company’s continued willingness to host your site.”
Intermediaries can censor/pull the plug for many reasons: direct pressure from officials; because they want to continue receiving preferential treatment from a government; or because they don’t want to damage their business. Those intermediaries can justify removing content by saying it violates the site’s terms of service: i.e. attracting cyber-attacks and thus slowing down the site for everyone else. It’s what Evgeny Morozov has called “Terms of Service Censorship.”
Of course, for those organizations intent on getting their message out, there are always other distribution channels. There is currently an initiative to set up mirror sites for WikiLeaks. Another option is BitTorrent, a peer-to-peer file sharing service. (For a while, there has been a mysterious “insurance file” which WikiLeaks has asked people to download and share.)
Bar shutting down the Internet, there’s very little that can be done to stop those files from being distributed.
Luke Allnutt is the author of Tangled Web, a regularly featured blog on RFE/RL.