Could WikiLeaks Be Stopped?

BY Chris Amico  December 1, 2010 at 2:00 PM EST

Wikileaks founder Julian Assange
WikiLeaks founder Julian Assange in London on Oct. 23.; Getty photo

Update, 3:30 p.m.: Wikileaks says it has been ousted from its Amazon cloud hosting.


WikiLeaks servers at Amazon ousted. Free speech the land of the free–fine our $ are now spent to employ people in Europe.Wed Dec 01 via web

Wikileaks was down for parts of Wednesday morning and afternoon.

. . .

Connecticut Sen. Joe Lieberman thinks it’s time for WikiLeaks to go dark. In a statement condemning the site for releasing a cache of diplomatic cables, he said:

I also urge the Obama Administration — both on its own and in cooperation with other responsible governments around the world — to use all legal means necessary to shut down Wikileaks before it can do more damage by releasing additional cables. Wikileaks’ activities represent a shared threat to collective international security.

Good luck with that, says Erica Naone of MIT Technology Review:

Think of how difficult it is to stop spammers or those distributing malware through websites. That requires proof that a site’s activities are illegal within the hosting jurisdiction. The Internet Service Provider (ISP) hosting the site then has to be contacted, and it has to agree to shut the site down. A site can easily jump to a new ISP.

Wikileaks is currently hosted in Iceland, but it could easily move to another country. Mirror sites all over the world could copy the information on the main site and make it available even if they main site were shut down entirely. And Wikileaks data is also circulating through the file sharing service BitTorrent. Removing all copies of that data would be incredibly difficult, as the record industry is well aware.

The other problem (which Naone points out) is the way WikiLeaks distributes documents. By using BitTorrent, those who download the massive files WikiLeaks makes available also seed those files to other downloaders. If the main site is knocked offline, there are other channels for distribution.

After releasing its War Logs in July, WikiLeaks posted an encrypted file called “insurance.aes256.” Wired editors downloaded the file and looked at who else was seeding:

We dipped into the torrent Friday to get a sense of WikiLeaks’ support in that effort. In a few minutes of downloading, we pulled bits and piece of insurance.aes256 from 61 seeders around the world. We ran the IP addresses through a geolocation service and turned it into a KML file to produce the Google Map at the top of this page. The seeders are everywhere, from the U.S., to Iceland, Australia, Canada and Europe. They had all already grabbed the entire file, and are now just donating bandwidth to help WikiLeaks survive.

Of course, there are other, less legal ways to make a website go away.


We are currently under a mass distributed denial of service attack.Sun Nov 28 16:29:54 via web

WikiLeaks and its Cablegate were unreachable for several hours Sunday. WikiLeaks reported (via Twitter) that it faced a distributed denial of service attack, a simulated flood of web traffic designed to overwhelm the site’s servers.

A self-described “Hacktivist for good” named Jester claimed credit for the attack.


www.wikileaks.org – TANGO DOWN – INDEFINITLEY – for threatening the lives of our troops and ‘other assets’Sun Nov 28 17:02:17 via web

That was a short-lived outage, though, and the site remains up as of this writing.

Craig Labovitz of Arbor Networks posted an analysis of the attack, calling it “modest in the relative scheme of recent attacks against large web sites.”

Shortly after the attack started, WikiLeaks redirected DNS from its AS8473 Swedish hosting provider to use mirror sites hosted by a large cloud provider in Ireland (and later the US as well). While the DDOS attack generated an outpouring of blog posts, news articles and tweets, it appears to have had little impact on the WikiLleaks “Cablegate” disbursement of documents.

The attack added about 2-4 gigabits per second of traffic to WikiLeaks servers, as shown on the diagram below.

Wikileaks DDOS

WikiLeaks reported more attacks Tuesday morning, this time exceeding 10 gigabits per second, though the site remains reachable. The Guardian reports that WikiLeaks moved some hosting to Amazon.com’s cloud infrastructure on Monday.

And even if those attacks succeed, it’s unclear whether that would stop sensitive documents from getting out, since several newspapers had access long before the cables’ existence was known publicly.

As Rebecca Jeschke, a spokeswoman for the Electronic Frontier Foundation put it:

“The documents that were released this week would not have been stopped by shutting down a website.”