Skip to main content

View Diary: Wikileaks Under Attack: California Court Wipes Wikileaks.org Out of Existence (262 comments)

Comment Preferences

  •  More Egg Baskets Will Solve This Problem (27+ / 0-)

    The Internet stays up and running by routing around problems. Those problems have to be more or less foreseen by engineers and managers so facilities to route around them can also be planned.

    In this case the problem is that the Internet uses a single "authoritative record" at a single host to look up Internet addresses ("IP numbers", which are themselves not necessarily controlled by a single authority once issued to a user/redistributor from the central registry). It's centralized to prevent other people from hijacking the lookup ("spoofing") and thereby hijacking the traffic. Hijacking the centralized registration is a fairly new and rare attack, which can probably come only by compromising the registrar against the interests of the registrant, which contract typically forbids. So only a legal attack like this one is likely to succeed. Engineers and managers haven't really planned for that one, since it's both rare and (usually) legit.

    But now it's evident that this problem is possible. Since it's proven effective, especially against news and other time-critical targets, other attackers will copy it. So Internet developers will now work to change the system so it's not necessarily a risk.

    One way around it is to use a registrar which is not a single centralized entity, but rather a group of registrars. The registrant would have a contract independently with each registrar, who would resolve the name into the number on any request from across the Internet. The registrars themselves would have a contract with each other to periodically look to all of the others and set its lookup results to what they set it to. And to drop their authoritative role on any request from the registrant.

    Then, when any registrar is at risk of being compromised, the registrant can drop it before the action (legal or otherwise) stops the registrar from obeying its contract. Any registrar that goes awry before being dropped will get outvoted among the others. The worst that will happen is that some people getting the domain name will get invalid results, but not everyone. And it's likely that such unsynced behavior, which causes larger problems for the Internet as a whole, will be much harder to force registrars to do, especially when there are contracts specifically prohibiting that kind of intervention. If they're all in very different legal jurisdictions (enemy countries, for example), then legal threats won't be able to stop them all, except in the most extreme cases, in which the force is so overwhelming that bullets through the door are probably worse concerns.

    This problem and its solution aren't appropriate to only this kind of legal censorship. Many registrars hold the domain name hostage for unfair reasons, like jacking up service prices, or just trying to steal valuable names. So this kind of reorganization of DNS is inevitable. As usual, we can thank targets like WikLeaks.org (AKA 88.80.13.160 ;) for clarifying the problem enough to start producing a solution.

    "When the going gets weird, the weird turn pro." - HST

    by DocGonzo on Mon Feb 18, 2008 at 07:54:50 AM PST

    [ Parent ]

    •  DocGonzo's plan of technological defense above (10+ / 0-)

      deserves further circulation and analysis.

      I ask others join me in keeping an eye peeled for opportunities to circulate DocGonzo's remedy, and moreover taking any action you can in its actual application.

      I don't particularly care whether others alert me to the fact that they are participating in trying to get moving on this technological defense.  My interest is limited to seeing the fruition of the defense itself by any route.

      Thanks to DocGonzo for assembling and sharing a potential practical fortification of electronic freedom of speech.

      It's getting drafty in here. Somebody close the war.

      by mrcoder on Mon Feb 18, 2008 at 08:23:39 AM PST

      [ Parent ]

      •  EFF (13+ / 0-)

        My first move, was to visit the Electronic Frontier Foundation, and spread the word there.  I am a member of the EFF.

        And I soon discovered the EFF provides no peer forum for members to communicate.

        What is the wrong with the EFF to not even host peer information exchange between members?

        Top-down mentalities continues to plague EFF and ACLU.  Neither one provides any means for members to discuss ideas amongst themselves.  

        Lawyers at the top of these organizations, while doing good work, are arrogant SOBs to presume that good ideas spring forth uniquely from the minds of the organization's bosses.

        Their leadership needs to get into the 21 century.  Their leadership are risking the loss of continuing monetary donations to go along with the loss of valuable discussion contributions.

        It's getting drafty in here. Somebody close the war.

        by mrcoder on Mon Feb 18, 2008 at 09:14:32 AM PST

        [ Parent ]

        •  EFF Blog (9+ / 0-)

          The EFF has a "blog" called "DeepLinks". It is the most simplistic of blogs, as it publishes posts only from authorized EFF staff, and doesn't even accept comments.

          You're a member. You should send an email to the EFF and urge it to open the blog to comments, and also to user submissions, even if it ghettoizes them in a separate category that doesn't interfere with the clarity of the current "DeepLinks".

          You could mention your experience with DKos, and how DKos has a large, activist community with many mutual interests with the EFF (and who donate money). Point out how much more engaged EFF will be with other online communities, and even those not yet in one because they're waiting (whether they know it or not) for the EFF to offer one.

          The people at EFF are familiar with the environment. These facts won't be news to them: they're no doubt themselves frequent participants in online communities as "mere" members, who can contribute to the discussion and make things happen. But reminders from members might encourage them more than just the abstract knowledge. That's how communities work.

          "When the going gets weird, the weird turn pro." - HST

          by DocGonzo on Mon Feb 18, 2008 at 01:02:44 PM PST

          [ Parent ]

        •  That could make a good volunteer project (1+ / 0-)
          Recommended by:
          lightfoot

          I'm an EFF supporter and someone who knows people who work at the EFF. I also have a friend who went to the EFF for legal advice, which my friend got. The following is entirely my own opinion, based on going to local EFF events.

          From what I see, the EFF is rate limited in what they can do by money and time. They have less than 30 staff, and, iirc, under 20,000 members.

          From what one of them said at a recent EFF event, they get far, far more requests for help than they can take, even for short projects (helping a person do a FOIA request, for example) or for referring a person to other lawyers who know technology and the Constitution.

          They're constantly having multiple cases and legal actions going on, above and beyond the 2 years old lawsuit against AT&T. They've got a website with thousands of pages, with every new case adding tens or hundreds of new pages (all those legal docs).

          For the EFF to have a forum-style blog, based on the size and needs of other blogs that cover those controversial legal issues, they'd have to pull people off of other projects to maintain and moderate it.

          I can't see asking the EFF to do that, not when they're already in a position of having to tell many potential clients they can't take their cases.

          And I bet a large coffee that the EFF folks knew about this case as quickly as any other techie--they read Slashdot too.

          What non-profit's blog would you use as a model for what you'd like the EFF to do? Could it be something that an EFF supporter sets up as a diary here at DailyKos?

    •  the solution (5+ / 0-)

      Automatically replicate Wikileaks in 10 different countries with a country specific domain for all 10.  It now takes 10 court cases in 10 countries to shut down Wikileaks.  

      By automatically replicating, electronic records can be much more robust against legal challenges than paper ever could.

      "Reality has a well-known liberal bias." -Stephen Colbert

      by Monkey In Chief on Mon Feb 18, 2008 at 10:49:54 AM PST

      [ Parent ]

      •  Fragmented Mirrors (8+ / 0-)

        The technique you described is known as "mirroring", and it's widely used on the Web. WikiLeaks probably already uses it to keep its content synced under multiple names and at multiple different server sites, to avoid the dreaded "single point of failure" (better understood as the "single failurepoint", a bottleneck which will cut off a whole system if that point fails).

        The problem then isn't that WikiLeaks is off the Web, it's that people used to looking for "WikiLeaks.uk" won't find it, links to it by that name will fail, and they won't know where to look for the other names, or that they can.

        The scheme I described eliminates that single failurepoint in favor of a truly redundant system. That doesn't rely on solely tech protection, but also features of global legal systems. It's not the default yet, but probably will be sometime soon to protect from these kinds of attacks.

        "When the going gets weird, the weird turn pro." - HST

        by DocGonzo on Mon Feb 18, 2008 at 01:07:23 PM PST

        [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site