Journalist Sues FCC For Hiding Details About Its Alleged, Phantom DDOS Attack
from the calling-your-bluff dept
You might recall that when John Oliver did his latest piece on net neutrality, the FCC's comment system ground to a halt under the load of viewers pissed to realize that the FCC is trying to kill popular consumer protections protecting them from buffoonery by the likes of Comcast. But the FCC then did something odd: it claimed that a DDOS attack, not HBO's hit show, resulted in the website's issues. A statement issued by the FCC proclaimed that extensive "analysis" by the FCC had led the agency to conclude that it had suffered the attack at roughly the same time Oliver's program had ended:
"Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC."
The problem: security experts saw no evidence that claim was true in publicly available logs, and saw none of the usual indicators preceding such an attack. And the FCC ever since has been bizarrely cagey, refusing to provide any evidence whatsoever supporting its claim. The FCC was subsequently prodded by several Senators as to the nature of the attack, but the FCC still refused to share any real data, despite agency boss Ajit Pai repeatedly, breathlessly insisting he would be a stalwart defender of transparency at the agency.
And when Gizmodo recently filed a FOIA request for anything regarding the nature of the attack, the FCC first released seventeen pages of nonsense, before admitting it had no documented "analysis" proving an attack as previously claimed. When additional websites began to point out that the FCC's behavior here was a little odd, the agency sent out a strangely-punchy press release lambasting news outlets for being "irresponsible."
So what's really happening here? The unsubstantiated journalist guess du jour is that the FCC bizarrely made up a DDOS attack in a feeble attempt to downplay the "John Oliver effect" in the media. "We weren't inundated by millions of people angry that we're killing popular consumer protections solely to the benefit of Comcast," this narrative suggests, "we were unfairly attacked!" The fact that there never actually was a DDOS attack would go a long way toward explaining the Trump FCC's subsequent inability to provide any evidence supporting the claim, even under pressure from Congress.
Hoping to flesh this theory out a bit, journalist Kevin Collier last week filed a lawsuit against the FCC (pdf) not only demanding more data on the agency's supposed DDOS attack, but also urging the FCC to provide some insight on what it's doing to address the wave of bogus, bot-produced anti-net neutrality comments flooding the agency's website in recent months:
"Collier said his records request was prompted by the FCC’s “weird and cagey” inclination to obscure details about the incident. “The fact that they gave Gizmodo such a runaround in its own request for internal ‘analysis’ of the attack just goes to show this,” he said. “I want to know the full story.” Sen. Ron Wyden, Democrat of Oregon, told Gizmodo last week the FCC’s actions raised “legitimate questions about whether the agency is being truthful when it claims a DDoS attack knocked its commenting system offline.”
Again, the refusal to address fraudulent anti-net neutrality comments being made at the FCC website (like the one made in my name), combined with the FCC's bizarre, phantom DDOS attack, has many believing the FCC is actively engaged in an intentional, amateurish attempt to downplay the massive backlash to their assault on net neutrality. And while it's entirely possible the FCC is just being non-transparent and generically stupid here, if it can be proved the agency actively lied about a DDOS attack then covered it up simply to downplay the immense unpopularity of its policies, the inevitable lawsuits against the agency in the wake of its final vote to kill the rules could get very interesting.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: ddos, fcc, foia, kevin collier, public records
Reader Comments
Subscribe: RSS
View by: Time | Thread
They are afraid
[ link to this | view in chronology ]
So basically the FCC website got Slashdoted.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Just how robust? A quick host lookup on fcc.gov shows Akamai, but they may only serve static content depending on the level of service you pay for. If they only use it for static content and they have centralised DB or other vulnerable infrastructure design. In fact, "cloud" doesn't mean invulnerable to DDOS, it just means that a well designed site is less likely to have problems with a decent provider.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: DDOS versus legitimate overload requires human judgement
That is, if John Oliver cared to talk up techdirt, techdirt can expect an unprecedented load on the site functionality. If there's enough broken browsers or packet loss out there, or techdirt's ISP (or maybe just comcast) is full of something besides good stuff, it looks *just like* a DDOS attack.
We call "good" traffic the traffic eventually sourced by human beings on an individual basis, but really good AI can generate something that is hard to distinguish, and it gets really complicated when you remember that Russia had a paid army of people putting the russian slant on things and generally fanning the flames of discord.
[ link to this | view in chronology ]
Re:
That wasn't an attack.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
Distraught Denizens overloading System? The only one trying to 'deny service' is the FCC.
[ link to this | view in chronology ]
The question is merely how they quantify the following:
"These actors were not attempting to file comments themselves"
In order to honestly make that claim, they should have evidence in support of it, so show us your log files.
[ link to this | view in chronology ]
Re:
While the effects may be similar, there certainly is a difference. Just as there is a difference between, say, self defense and murder.
Ahh, so there is a difference. My point, exactly.
[ link to this | view in chronology ]
pathological liar...
[ link to this | view in chronology ]
Re: FCC liar...
...step back from the minutiae here and observe the much larger picture .... if the FCC leadership is demonstrably dishonest & actively working against the public interest --- then the government-regulatory-model of economic/social improvement is fundamentally flawed.
This type of "independent" behavior by government regulatory personnel is very common. So consider the overall implications for average citizens in relation to their government.
[ link to this | view in chronology ]
Re: then the government-regulatory-model of economic/social improvement is fundamentally flawed.
[ link to this | view in chronology ]
There is plenty of evidence that they lied and you don't need any documentation that's not already public anyway to prove they lied. Pai is the one who will have to "produce" documents proving public knowledge wrong. And that's pretty much impossible.
If I may suggest, you (Techdirt or at least Mike) should join the party and at the very least fill an amicus brief calling attention to your own name being used fraudulently and the total lack of will to fix it displayed by the FCC.
And if it's proven the FCC lied then sue Pai himself for his actions.
If Pai wants to ignore the people and screw them at the very least lets make his life legally miserable.
[ link to this | view in chronology ]
Re:
Two words: Qualified immunity.
[ link to this | view in chronology ]
Re: Re:
He's not qualified for his job, so maybe he's not qualified for immunity, either. Wait... that's exactly why they came up with 'qualified immunity' in the first place, isn't it? Damn. Got my hopes up for a second, there.
[ link to this | view in chronology ]
Re:
And at that point, where would TD fall on this? A government website is hosting known false information tying thousands of people to views they do not hold. Is it free speech? Fraud? Something else?
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
You state those other attempts, and therefore state that the comments are tainted.
You keep whining that FCC ignores your own snowflake butthurt, because you're highly important among millions. After all, you've been "prattling", your word from profile, for decades now.
You keep insisting that the FCC ignore all "false" anti-neutrality comments, which is simply trying end-around to what you want, "neutrality", though have never defined specifics that will definitely have desired effects without drawbacks. -- You seem to want the Wild West phase to continue, or so I gather from your prattling. If wrong here, it's your fault for not having bullet* points.
You don't admit possibility that the FCC may not know, be able to determine, or may not care about cause of the comment flood: again, those comments are NOT binding!**
NOW you're ecstatic over start of drawn-out and quite likely failing attempt to pry out meaningless data, not even knowing if available or clear.
Last and best, you ignore that even if got ALL data including internal memos and other items available in the surveillance state, proved beyond doubt that Oliver caused the crash not some DDOS, and everyone in the FCC lied up and down about that fact, is STILL irrelevant for the decision, which is NOT based on comments, but entirely on other factors! No court will ever bother digging into it.
And then pushed out this text plunk in the middle of exactly NO important topics.
Going to be another Classic Techdirt day.
---
* I can only hope that 2nd Amendment-hating Stephen T Stone doesn't assert that "bullet" is more hidden "dog whistle" code threatening violence!
** Commenting at FCC is EXACTLY like my comments here, just a way to have feeling of input. But at least I know better! Enjoy your rant for itself, kids, but don't expect any results! It's just a mild vice, wasting time!
[ link to this | view in chronology ]
Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
Nah, I'm bored now, work week's over and I'm off to the pub in the sun. If you weren't so familiar, I'd say you got started waaay before me, but sadly I know your poor state of mental health.
[ link to this | view in chronology ]
Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
There are many places in the internet that I could criticize like the trolls here but I simply don't bother because it won't be constructive commentary. I still read them because it's good to be in touch with different points of view even when you know they are flawed. But seriously, if I ever bother to write my critic it will have plenty of evidence and explaining in it, not factless rants like this one.
[ link to this | view in chronology ]
Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.
Yes, but you're not getting any more "in touch" with those different points of view the 700th time the same guy expresses them in the same way than the 699th.
[ link to this | view in chronology ]
Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.
[ link to this | view in chronology ]
Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
So a bot posting automated fraudulent comments is the same as Oliver airing a very informative piece leading to his viewers actively commenting not even using boilerplate text. Right.
Your comment is full of defeatism. I feel sad for you. Sure a ton of comments may pale in terms of 'power' compared to the fat paychecks he was promised or is already receiving but at the very least they show there is plenty of opposition and this can be used in other channels. It's a good thing that most people still fight instead of declaring defeat like you do. That's wht helped repeal SOPA for instance. And there are plenty of examples of where even the smallest activism being effective when reaching critical mass.
And it has its regular dose of bullshit. The definition of NN is pretty clear. You just don't like it. Among others I won't bother to address.
"** Commenting at FCC is EXACTLY like my comments here, just a way to have feeling of input. But at least I know better! Enjoy your rant for itself, kids, but don't expect any results! It's just a mild vice, wasting time!"
Then please employ your defeatism to this as well and go away, you are annoying.
[ link to this | view in chronology ]
Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
[ link to this | view in chronology ]
Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Read this good piece from a commentor on Reddit. This one was detailed with several sites linked proving his point of the FCC outright lying. There is a lot in there and I haven't had time to go through all of the details but I was impressed with the time it must have taken to gather all the data.
[ link to this | view in chronology ]
Doesn't Help FCC's Narrative
If the attacks were real, what that would really signify is that a malicious and well-funded interest saw the John Oliver piece, and was afraid that real people might make their voice heard following his segment.
In other words, the best case for the FCC is to take this as admission that someone is trying to manipulate the normal democratic process in favor of the telcos.
[ link to this | view in chronology ]
Ok then. Release the stats for how many comments were filed leading up to and during the attack. If it's a flat line, then the claim of a DDOS attack sounds *slightly* more believable. If there was a steady increase, chances are it was the flood of comments that took the system offline.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Proving its ineptitude might be a contingency plan that gets rid of the FCC entirely.
[ link to this | view in chronology ]
And while it's entirely possible the FCC is just being non-transparent and generically stupid here,...
Never attribute to stupidity that which is adequately explained by Ajit Pai's greed.
[ link to this | view in chronology ]
FCC's goin slow?
I NEVER WANTED THE FCC TO CONTROL THE INTERNET. EVER.
I CONSISTENTLY SAID THIS.
POWER AND FREQUENCY mismanaged the day they ripped up their original mission statement.
NETWORK mismanaged the day they stole authority. (sic)
YOU ALL LOVE THIS.
YOU ALL SAID YOU WANTED IT.
YOUR GOING TO HALT WORK TO STOP IT? NATIONAL STRIKE? NO? then shut up.
[ link to this | view in chronology ]
Re: FCC's goin slow?
We just wanted someone (with the FCC being in the best position to do so) to limit the ability of ISPs to control the Internet.
[ link to this | view in chronology ]
I TOLD YOU SO!!!
The Department of Transportation is regulation Pain chips! because it regulates ROads and you use Roads to get Paint Chips. Just "like" how the FCC "controls" th e Internet by controlling the isps!!! Because of you "Control" a "thing" that is used to get to a different Thing, then you are controlling the Thing! It's So Simple! Don't you Sycophantic "idiots" understand how very Simple the things I say are! They make "sense"! So much sense!
Because I am so very "smart". You can tell that I am Smart becaus I spend so much time saying I am Smart, which is what "smart" people do.
Every Nation eatst the Paint chips it Deserves!
[ link to this | view in chronology ]