Now Random Webhosts Are Demanding Wikileaks Mirrors Be Taken Down Over Possibility Of DDoS?
from the weak-sauce dept
With all the attempts by corporations to distance themselves from Wikileaks -- often claiming dubious legal issues or terms of use violations that don't seem to really exist -- the EFF is pointing out that one of the (many, many) Wikileaks mirror sites was told by his hosting company he had to remove it or he'd lose his account. The reasoning was quite bizarre. The host claimed that its upstream provider was worried about potential DDoS attacks:Recently we heard from a user who mirrored the Cablegate documents on his website. His hosting provider SiteGround suspended his account, claiming that he "severely" violated the SiteGround Terms of Use and Acceptable Use Policy. SiteGround explained that it had gotten a complaint from an upstream provider, SoftLayer, and had taken action "in order to prevent any further issues caused by the illegal activity."Taking down a site because it might possibly be subject to a DDoS attack in the future? How does that make sense? We were confused enough when EveryDNS claimed that getting hit by a DDoS violated its terms of service, but its even more confusing to think that the remote possibility that at some date in the future you might get hit by a DDoS is a terms of service violation.
SiteGround told the user that he would need to update his antivirus measures and get rid of the folder containing the Wikileaks cables to re-enable his account. When the user asked why it was necessary to remove the Wikileaks folder, SiteGround sent him to SoftLayer. The user asked SoftLayer about the problem, but the company refused to discuss it with him because he isn't a SoftLayer customer. Finally, SiteGround told the user that SoftLayer wanted the mirror taken down because it was worried about the potential for distributed denial of service (DDOS) attacks. When the user pointed out that no attack had actually happened, and that this rationale could let the company use hypothetical future events to take down any site, SiteGround said that it was suspending the account because a future DDOS attack might violate its terms of use.
Separately, I was quite surprised to see SoftLayer's name as being involved here, because I'm aware of other situations in which SoftLayer has been protective of customer rights and not prone to act rashly. So I'm curious if this was a miscommunication or if something else happened.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ddos, hosting, mirrors, wikileaks
Companies: siteground, softlayer
Reader Comments
Subscribe: RSS
View by: Time | Thread
That would be......
[ link to this | view in chronology ]
Hosting a wikileaks mirror is risky in all sorts of ways, from the legal implications of distributing documents, the potential for DDoS, and even the potential for huge spikes in traffic beyond the ability of the server and network to handle. Each of these events could lead to problems that would hurt all of their other clients.
A DDoS hurts all the clients. It can entirely wipe out a providers ability to service their customers. As wikileaks has been DDoS before (and some would say it is likely to happen again), and because of attempts to make it a distributed group of mirror sites, there is potential that the DDoS could be reflected to any of the mirrors. No host wants to be part of that.
Further, a hosting company would be unlikely to want to take the risk of search and seizure at their facilities. In the US, I have seen data center raids that involve having the upstream providers disconnect the entire data center from the net to preserve it as is while they search for the boxes in question and confirm that all backups and such have been removed. That would hurt all of the other customers of that hosting company, while the search is being conducted.
It just isn't worth the risks for the hosting companies to handle material that may or may not be legal, and may lead to other problems such as DDoS attacks.
Is is a pretty simple concept, no?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
But then again withdrawing a Wikileaks mirror could also provoke a DDOS attack...
[ link to this | view in chronology ]
Re:
Who knows when they will be used to transport illegal drugs or used to commit other crimes.
[ link to this | view in chronology ]
Re:
Lets do some numbers shall we. 2,000 wikileaks mirrors, a botnet of 50,000 machines, thats 25 machines attacking each mirror. WOW that would really do some major damage ... less than a 1% spike in server load.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Oh, wait, you are mitigating your risks by not doing it. I understand. Now if you could just understand that other companies are doing the same, perhaps you would stop feeding this nonsense.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Sounds like backwards thinking to me.
[ link to this | view in chronology ]
This just shows how hard it is for those with the tools and money to help them, to actually help. I know they have tons of mirrors already, but lots have been taken down this week (a few hundreds if I recall properly) and more will likely follow... so why the difficulty of becoming a mirror?
[ link to this | view in chronology ]
Re:
The main servers can then hand off the same but with greater granularity. In fact, you can even hand off the resolution process to specific servers and these can themselves be distributed.
This is technically not a difficult problem. In fact, a torrent of all the pieces where every piece has many seeds is one possible other solution to this problem.
[ link to this | view in chronology ]
OH So little mikee feels
[ link to this | view in chronology ]
Re: OH So little mikee feels
Human rights organizations have been hit a lot recently with DDoS attacks. They should all be taken offline. And those are completely unrelated to the Wikileaks thing.
Master Card, PayPal, I'm sure the list of sites more likely to get hit can go on and on.
[ link to this | view in chronology ]
Re: OH So little mikee feels
[ link to this | view in chronology ]
Re: Re: OH So little mikee feels
[ link to this | view in chronology ]
Re: Re: OH So little mikee feels
I was confused about this before too, until he explained it to me. Notice his name is Michial? Little Mikee is actually his pet name for his wang. He's just very confused....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
http://wikileaks.techdirt.com
just a redirect to the front page of TD?
Time to step up there TD! Time to put your money where your mouth is. Mirror the site. Become the biggest mirror you can be. Join in, and stand up for what you believe in. It's time. Stand up for your rights to free speech. Stand up for your rights!
I dare you.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
http://dilbert.techdirt.com/
*fail*
The truth? TD talks the talk, and then lets other walk the walk and take the legal beating.
TD? Hello? Wikileaks mirror? Why not?
[ link to this | view in chronology ]
Re:
Next time, try harder.
[ link to this | view in chronology ]
Re: Re:
If free speech is so important, and TD completely believes that what wikileaks is doing is so important, and that all of these mirrors are so important, and that every ISP should be bound to accept them no matter what... then why is TD not also mirroring wikileaks?
The answer is simple: They don't want to risk their other businesses, because they understand the risks involved. They just don't want hosting companies, payment processors, and banks to be allowed to make the same choice.
Until TD starts a wikileaks mirror on US based servers, they are really just talking out their butts on this one.
[ link to this | view in chronology ]
Re: Re: Re:
What's next? Super special double dare? According to your logic, TD should mirror every single thing that has been unfairly taken down on the internet by anyone at all.
I guess you could always donate to buy servers for that. But you would have to give personal information... too bad.
[ link to this | view in chronology ]
Re: Re: Re: Re:
And now I am using tomato.techdirt.com! Thanks, thats neat! Although Chrome tries to scare me off of using it when I login.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
If Chrome is acting up, maybe you're using https? Browsers warn you if the URL doesn't match the one in the cert.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Answer the question: Why doesn't TD mirror wikileaks?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Er, maybe because Mike has specifically stated in several posts that he has problems w/the way Wikileaks did what they did and isn't 100% behind them, despite your attempt to portray otherwise?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
If he has problems with they way wikileaks has done things, and he isn't 100% behind them, why do other companies not get to make the same choice?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
And because none of the above apply to some random guy with a blog on the net. Only to the actual service providers that have signed a service contract with the customer.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
Because your question of whether Mike hosts or not a Wikileaks mirror has NOTHING to do with whether Mike's webhost would disable or not Mike's account for hosting said mirror.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
Ugh, THEY CAN! Nobody is saying they can't. The problem here is that they're making up reasons for doing so that don't fly. If they came out and said, "we're disabling all Wikileaks mirrors because don't like them", what could anyone say about it?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
They are not 100% comfortable with what is going on with wikileaks, they are not 100% sure of the legal ground they stand on, and they are not confident that there will not be some sort of DDoS organized, or other attacks against their businesses.
If we give TD the benefit of the doubt and the right to choose, even if some of us don't agree with their reasons, should we not extend the same benefit of the doubt to the hosts?
For me, this smacks more of a frenzy, and more of a group of people doing the old "do as I say, not do as I do". I also notice that EFF doesn't host a mirror either. Remarkable.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re:
Ugh, yes the ARE, and NO it isn't the same process. Try to follow along. Being afraid of future DDoS attacks is a made up reason. If it wasn't, then they would take down ANY site that had the remote possibility of being attacked, which they haven't done. And Techdirt is NOT taking down other people's site. They're not hosting a mirror may be do to several reasons (none of which I think Mike has ever addressed), but they've said NOTHING about why they aren't doing it.
"They are not 100% comfortable with what is going on with wikileaks"
They didn't state that.
"they are not 100% sure of the legal ground they stand on"
they didn't state that either. And THAT'S the problem. If the hosting company had simply come out and said something like, "We're taking down WL mirrors, because we support America, damn it, and that's what we want to do", the worst they'd endure would be some criticism from those that like Wikileaks. This "well, there might be some DDOS in the future" crap is bullshit.
"If we give TD the benefit of the doubt and the right to choose, even if some of us don't agree with their reasons, should we not extend the same benefit of the doubt to the hosts?"
YES! They're not doing that. They're making up boogeymen....
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
Quite simply, if accounts were on a virtual (shared) server, and likely to take other users down if there was a DDoS attack, and knowing that wikileaks has been the target of a DDoS attack, I would say they are exactly right and smart to shut down the sites.
No "boogeymen" as you call them, just the facts.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
How did you manage to list out a bunch of speculation and then call it "facts"?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re:
Webhosts provide their CUSTOMERS with disk space to host their sites.
Website OWNERS get disk space from webhosts. They put the content THEY want in their sites. Asking one host "why don't you host X" is stupid. Asking the Barbie Fan Site blog why it doesn't host Transformers content is STUPID.
Techdirt: Web SITE. Mike: Website OWNER.
Wikileaks mirror: Web SITE.
EFF: Web SITE.
Techdirt: not hosting Wikileaks mirror.
EFF: not hosting Wikileaks mirror.
Wikileaks mirror: hosting Wikileaks mirror.
Techdirt's Web HOST provider: doesn't disable account.
EFF's Web HOST provider: doesn't disable account.
Wikileaks mirror HOST provider: DISABLES account. real reason: shit scared / hates Wikileaks. bogus reason: one day a time traveler will go into the past and destroy their servers.
Analogy:
Web HOST for Barbie Site: doesn't disable account.
Web HOST for Transformers Site: DISABLE account. real reason: hates Transformers.
Barbie site: posts in their blog how unfair is that the Transformers site got disabled.
Anonymous Troll: "Why doesn't the Barbie Site hosts Transformers content if they're SOOOOOO concerned?"
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
However, TD can still choose to host a wikileaks site on their servers as part of the package they get from their hosting company. Nothing stops them from adding stuff on their server(s).
You don't have to be a host to choose to hostcompany to host something on your servers.
So, yes, you made a funny, but once again, deflecting from the main question: Why does TD hold other up to a higher standard than they hold themselves up to?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
Please start making sense.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
There, adding a new domain to your account, or adding a third level domain to an exist account is simple. The hosting company would not even be aware of it as it is created.
When the hosting companies are finding these things, they are looking at them and making a choice. They have no prior knowledge and no way to control them before the go live.
In the end, the hosting companies are making the same choice the TD has made, only doing so under pressure because someone has foisted it upon them.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
Notice, of course, that the might TD leadership avoided this thread like the plague. They don't want to answer a straight up question.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
If wikileaks is that important, if it is such a free speech issue, and all of these hosting companies are declining mirrors, why doesn't TD step up and support the cause?
TD / Floor64 is in a great position to host it under their own domain, on servers they already have, and really stand up for what is right. After all, if hosting it has no legal implications, and no risks for DDoS or other online issues, why not big the bigger men and step up and host a mirror.
I will leave the leader of TD to come down from his high hill and explain to you why he won't do it. I doubt he will address any of the real issues, and instead will come up with a scathing personal attack instead.
I think that TD readers need to know why TD won't step up to the plate. If you really believe in something, believe in their rights to operate, why not step up?
Perhaps TD can sell hoodies and stuff and send the money on to wikileaks. Perhaps do a Wikileaks fun raising drive, using their merchant account and paypal account to do it. Perhaps at that moment, TD might feel what it is like to put a business at risk by making certain choices, rather than ragging on others for making their choices.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
Understand yet?
[ link to this | view in chronology ]
Re: Re:
http://The.Groove.Tiger.is.your.master.bow.down.to.him.techdirt.com
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
But surprisingly successful :/
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
Quit trolling!
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
Make me.
[ link to this | view in chronology ]
Re:
Hey you! Yes you, with the forehead!
Don't you give a crap about people that are dying because they need blood transfusions? Why aren't you donating your blood right now!? In fact, why aren't you permanently wired to a blood extraction machine!?
I guess you talk the walk, but don't walk the talk, huh? Are you chicken? I'm daring you to donate blood right now!
.
.
.
I knew you couldn't do it.
[ link to this | view in chronology ]
Re: Re:
However, the point is that there is only so much any individual or group should be expected to put up and that depends on what resources they have.
[ link to this | view in chronology ]
You have been sentenced to death
"You have been sentenced to death by electric chair as we doubt that you might kill somebody in the future"
or a more funnier one..
"You are charged with copyright infringement and fined for a billion dollars. We think you might listen to a song in 2040"
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
$100 million to take down Techdirt, or...
Internet - Techdirt = sad panda
[ link to this | view in chronology ]
Re: $100 million to take down Techdirt, or...
[ link to this | view in chronology ]
Re: Re: $100 million to take down Techdirt, or...
FTFY
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Fat dumb and happy.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Trolls
[ link to this | view in chronology ]
Re: Trolls
note how most posts declared trollish do not do this, hitting the same fallacies again and again, and being impervious to logic and reason. unlike large parts of the internet, Logic and Reason are considered, umm... significant... here.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
- PayPal
- Mastercard
- VISA
- Amazon
- EveryDNS
- SiteGround
- SoftLayer
(I'm limiting online purchases like the Humble Indie Bundle 2 to AmEx-backed Google Checkout for now)
[ link to this | view in chronology ]
the real DoS
The guy should move his business to a better web host, and make the move as widely known as possible.
[ link to this | view in chronology ]
SoftLayer is just doing the same. Can you imagine a DDoS taking down networking equipment and causing thousands of servers to go offline? They would surely lose thousands of dollars if that happened. Every provider out there is pro-active on this stuff. If some customer came to them and told them he presented a large DDoS risk they would choose not to accept their business. All the bleeding heart liberals need to check themselves if they think it's a good business practice for Siteground and SoftLayer to host an extremely risky wikileaks mirror.
[ link to this | view in chronology ]
Re:
TD won't put up a mirror on TD servers. They won't risk their hosting, their processing, and their operations to support what they believe in. They will however mock any company that makes a similar choice.
This is simple, and casts a horrible shadow over everything else TD writes about.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
WikiLeaks mirrors
You fool no-one!
[ link to this | view in chronology ]
Re: WikiLeaks mirrors
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Wikileaks, a military psyop
Upon closer inspection, Wikileaks appears to be a military psyop working with intelligence operatives and mainstream media disinfo agents. Many think Wikileaks is used in conjunction with other fronts to sway public opinion on behalf of the globalist bankster families - who by the way, intend to control and manage ALL aspects of your life.
Check it out: WHO is behind Wikileaks?
John Barremore
Houston, TX
[ link to this | view in chronology ]