Can You Plug a WikiLeak?
It’s not easy.
Dec 27, 2010, Vol. 16, No. 15 • By JONATHAN V. LAST
Lost among the many debates concerning WikiLeaks is a practical question: When an irresistible force, such as the Internet, meets an immovable object, like a government, which one’s gotta give? Could a government shut down the website if it really wanted to? The answer is: yes and no.
Photo Credit: Newscom
As a technical matter, it would be nearly impossible to remove from circulation the documents WikiLeaks has already released. Information on the Internet is resilient because the source files can reside on billions of computers in many different countries. WikiLeaks posts all of the documents it releases on its website, where users can view or, more to the point, download them. This website is run from servers currently located in France. Those servers could, in theory, be shut down. But even if they were, the downloaded copies would live on. What’s more, WikiLeaks had the foresight to publish its full run of documents in what is called a torrent file.
Torrents are the most common and efficient method of peer-to-peer sharing—that is, a somewhat anonymous exchange of files between computer users. The creator of the file turns it into a torrent “seed” and then allows others to download that seed from him. Once the seed has been published, anyone wanting a copy of the file in question can download it not just from the original source but from anyone else who has already downloaded it. Once a torrent has been out in the wild for a prolonged period of time, it becomes very hard to kill; it has been reproduced too many times and is stored on too many different computers. (Hollywood knows all about this problem: Torrents are most often used to pass around pirated movies and TV shows.)
WikiLeaks made its complete archive of documents available as a torrent file some weeks ago. By now, it is safe to assume that it has been downloaded many thousands of times. The torrent file is small enough to reside on personal computers and even smart phones. And since every torrent that has been downloaded is capable of being used as a seed for others to download, there’s no stopping that information now—genies, bottles, horses, barns.
But what about WikiLeaks going forward? People tend to assume that the lubricating power of the Internet makes it impossible to stop the flow of information. But that’s not always true. Take the case of ESPN reporter Erin Andrews. A year ago, someone with a spy camera filmed her through a peephole in the door walking around her hotel room in the altogether. Andrews took immediate, aggressive legal action. Today it’s nearly impossible to find the video on the Internet. On a larger scale, China has successfully censored the web for a billion citizens for several years. Governments are not powerless against the Internet.
To understand what could be done to stop WikiLeaks, you begin by looking at WikiLeaks as a system with three functions: (1) It gathers leaked information from third-party sources; (2) it publishes this content; and (3) it distributes this published material across the web to readers. As a technical matter, each of these processes can be curtailed to some degree. Let’s start with the front end of the operation and work backward.
WikiLeaks publishes by uploading material onto its website, which resides on the organization’s servers. You access the site by going to wikileaks.org. Three weeks ago wikileaks.org became inoperable when a massive distributed denial-of-service attack (DDoS) was launched against it. That is to say, a small network of computers conspired to send so many requests to wikileaks.org that its server became overloaded and crashed. The DDoS assault on WikiLeaks sank the group’s main website for a day or two.
WikiLeaks responded by asking hosting providers to voluntarily set up “mirrors”—exact replicas of the WikiLeaks site—on other servers at different addresses. Many volunteers appeared. As of this writing, there are 1,885 mirror sites running, with URLs such as wikileaks.enzym.su and wikileaks.thinkfurther.de.
It would be difficult, though not impossible, to launch denial-of-service attacks against all of the mirrors. But what is vulnerable is WikiLeaks’ canonical server—the WikiLeaks server that is dedicated to supplying the mirror sites. In theory, one could approach WikiLeaks posing as a host interested in providing a mirror. When WikiLeaks established the mirror, an attacker could then use the data gathered about the canonical server to launch an attack against it, thus disrupting all of the mirrors at once.
But the most promising line of foreclosure is a legal one. WikiLeaks has been on the run for the last month, moving its virtual operations in an attempt to avoid being shut down. Originally its domain (the IP address which points a user to a website) was registered in Sweden and its servers were hosted there, too. But the threat of being shut down forced the group to move its domain registration to Switzerland and the hosting to France. Almost immediately, the French minister of industry asked that the site be banned from French servers. The hosting company, OVH, won a temporary victory when a judge ruled that it could not be forced to evict WikiLeaks.
But that may not be the end of the story. The only reason WikiLeaks is using OVH servers is that after leaving Sweden, it set up shop on servers run by Amazon.com (and moved its domain registration to another American company, EveryDNS.net). These companies quickly severed ties with WikiLeaks, not because they were forced to by law but because the backlash against them for being in business with WikiLeaks was more trouble than it was worth.
Other companies have also cut ties with WikiLeaks. PayPal, the service WikiLeaks once used to collect donations, stopped working with them after the last group of leaks was released. So did Visa and MasterCard, which refused to process money being sent to the group. As a result, it has become much more difficult for WikiLeaks to receive donations. Other big, high-profile companies are still providing service to WikiLeaks—Facebook and Twitter, for instance, allow WikiLeaks to use their services to network and disseminate information about their activities. There’s no reason a government couldn’t lean on them, as well as on the second-level companies that do business with the businesses who support WikiLeaks, such as OVH.
If gay advocacy groups can force Dr. Laura Schlessinger’s radio program off the air through coordinated complaints and boycotts, it seems likely the U.S. government and its allies could exert enough pressure to make it tremendously uncomfortable for corporations to be in the WikiLeaks business.
The end-user experience with WikiLeaks is also vulnerable to pressure. Filters, applied to a network, would make WikiLeaks and all of its mirrors invisible to users within the system. That’s the Chinese model, and although it’s possible for determined users to get around such a firewall by using encrypted trickery, the number of people sophisticated enough to do so is quite small.
America doesn’t have a network built like China’s, but there are other ways to keep people from looking at WikiLeaks files. For instance, to combat the WikiLeaks torrents, a government could create dummy torrents designed to mimic the WikiLeaks files. These dummy files would have the same file size and same file nomenclature and would look like the real WikiLeaks to anyone searching for its torrents. But once you downloaded them, they would contain only gibberish. If these dummy files were massively seeded on the torrent networks, it would make it difficult and time-consuming for users to find genuine WikiLeaks torrents in a sea of meaningless fakes.
Which brings us to the site’s first-order function: collecting leaked information from volunteers.
WikiLeaks exposes one of the dirty secrets of security: You can’t make a system totally secure. You’ll never have a setup in government from which it is technically impossible to leak documents. All you can do is make sure that employees know that if they leak, they will be caught. And then hope that no one is willing to pay that price. In that sense, one of the most effective tools for curbing WikiLeaks would be an energetic, and public, prosecution of Pvt. Bradley Manning.
Even if WikiLeaks disappeared, might other organizations materialize to perform the same function? Perhaps. A former WikiLeaks staffer, Daniel Donscheit-Berg, is readying a competitor, Openleaks.org, for launch in the near future. It’s possible that other leak sites could be as destructive as WikiLeaks. Or more so. But it’s also possible that if it were run to ground, WikiLeaks might be replaced by a more diligent and judicious organization. After all, it’s not difficult to imagine a leak site that really does operate in the public interest. The problem with WikiLeaks is the practice, not the theory. (Donscheit-Berg has split with WikiLeaks because he thinks the group’s leader, Julian Assange, is running the shop in an irresponsible manner.)
It seems equally possible, however, that WikiLeaks is a product of the moment: that it took off because a single megalomaniac with just the right resources appeared at a time when the costs for leaking and publishing sensitive information were not yet well defined. If WikiLeaks were driven underground and potential leakers saw that the cost of giving away secrets was frighteningly high, then maybe this would become the movement’s high-water mark.
All of that said, it’s entirely possible that the most prudent course of action for the Obama administration is to leave WikiLeaks alone. But it’s important to remember that the Internet is not an all-powerful force before which mere governments are helpless. The challenge in dealing with WikiLeaks isn’t a dearth of options. It’s balancing the benefits against the costs.
Recent Blog Posts