Dec6

The WikiLeaks Saga: Denial of Services, Net Neutrality, Web host-client relationship, and Swarming

The WikiLeaks affair, which has also been labeled “Cablegate”, illustrates the powerful struggle between those who wish to make information roam free (public) and those who wish to control its dissemination in the interests of national security (private).

The episode also specifically amplifies attention on important sub-themes such as the rights of the hosting customer, net neutrality, denial of services (DoS) and a new phenomenon called “swarming” which research firm Gartner Inc predicts will be one of the game changing forces in the online workplace over the next decade.

Since 2006, WikiLeaks has operated as a new media non-profit organization which over the last few years has built up over a million collected documents which represent leaked material from government, banking and IT agencies around the world.

Its recent release of U.S. state department diplomatic cables will progressively highlight close to 80k documents about the war in Afghanistan and elsewhere.

This latest offering has been classified a severe national security threat by the U.S. government, which they claim puts their international military personnel in harms way and undermines their relationships with key trading and political partners.

The most visible outcome of Cablegate was the recent move by Amazon to shut down the WikiLeaks site on their cloud servers forcing an uncomfortable re-examination of the web host-customer relationship.

WikiLeaks selected Amazon as its web host replacement after a “DoS was pummeling its servers at 10 gigabits per second, forcing its Swedish hosting provider to discontinue operation of the site. In order to continue operating smoothly, WikiLeaks moved its site to Amazon’s elastic cloud computing infrastructure. This will allow it to scale better in the face of massive DDoS attacks,” said technology news site, Ars Technica.

Amazon then knocked WikiLeaks off its cloud servers after mounting pressure from the U.S. government. This was followed by a similar move by PayPal to kill the donation application on the website that WikiLeaks has been using to help generate revenue for the non-profit.

There also appears to be evidence that Amazon itself was struggling to contain a follow-up massive denial of services of attack on their servers scattered around the world. This may be have been a supporting factor, although this has not been fully substantiated.

One of the advantages of cloud computing is its elastic ability to scale with sudden or temporary spikes in traffic usage. Generally, this elastic ability was typically intended towards things like e-commerce scaling and not necessarily a hacking attack such as a DOS. However the outcome for both should be the same: The client website should be able to weather the e-commerce or DoS storm, in whatever form or shape it assumes.

However, the decision to pull the plug on WikiLeaks, first by Amazon and several days later by PayPal shows the cloudy debate over information security and who should have access to it. Overlapping fault lines temper the debate and will influence future web hosting policies:

Securing a vast, centralised government database
The first fault line was a massive government document database that reportedly allowed access to over 500k government and military personnel. The system became a dumping ground for both secure and non-secure documents. Subsequently, Laziness crept in with regards document visibility and user access. Once a user decided to pass this information onto a third-party the fuse was lit.

The hosting-client relationship
The second fault line, is a grey area: Were the documents as sensitive as the U.S. government claims AND does a hosting provider have the right to terminate a client’s contract based on the nature of the content on its site?

On this battleground, decision-makers and policy-makers will debate, discuss and argue the new future direction for documents stored within onsite servers and private/public clouds.

Net Neutrality
The third fault line is a controversial debate over something called net neutrality, which in principle proposes “no restrictions, by Internet service providers and governments on content, sites, platforms and the modes of communication.“

Ultimately, it calls into the question the possibility that broadband providers may use their physical infrastructure to block Internet applications and content, perhaps even competitors. It remains to be seen how this debate will impact the WikiLeaks site which now has its content served from ‘neutral’ Swiss servers.

Swarming
The fourth fault line is a new emerging phenomenon called “swarming” boldly predicted by research firm Gartner Inc, which broadly covers DoS attacks and describes a new Internet World Order where anonymous users group together to complete a community, work or social goal. Theoretically a DoS attack is encompassed by this theory.

Fundamentally, Gartner defines this “swarming” approach in the following manner:

Online swarms form quickly, attacking a problem or opportunity and then quickly dissipating. Swarming is an agile response to an observed increase in ad hoc action requirements, as ad hoc activities continue to displace structured, bureaucratic situations.

In reality, a DOS is an example of a swarm — an anonymous one. It is disruptive, powerful and affective. Further, it employs anonymous crowdsourcing in a manner that is difficult to control, only influence.

This swarming approach can be used for good or evil and companies of the future will increasingly try to access and influence these swarms to complete online tasks or reap competitive and economic advantage. Amazon’s Mechanical Turks Program is an example of harnessing the positive power of the swarm. Thousands of faceless online users are employed to tackle a task activated by a online client.

Conclusion
In conclusion, the WikiLeaks saga is an opportunity to lay down the final ground rules for how cloud computing (private and public) should be secured, leveraged and accessed by users and companies.

It also raises important questions about the host-customer relationship highlighting the need to identify under what circumstances a host may terminate its relationship with a client.

The WikiLeaks timeline is an opportunity to confront these concerns sooner rather than later and it’s going to be considered an historical milestone in the continued evolution of private and public virtualised clouds.

This article was brought to you by VI.net, for dedicated server hosting, cloud servers and 24/7 support visit our site here www.vi.net

One Comment

Leave a Reply

You must be logged in to post a comment.

Stop blending in with the rest of the crowd and start leaving your mark on the web