WikiLeaks – War in the Clouds

Posted byMike Norman

We don’t do Politics here at the Virtualization Practice, but we do need to look at the biggest Cloud Computing story of the year – WikiLeaks. For those who haven’t been following it the relevant points are

  1. Wikileaks has posted some confidential data on the internet
  2. Various attempts have been made to shut it down
  3. Various countermeasures have been taken by Wikileaks and its supporters.

We are covering this story because we believe that the enormous coverage of this particular sequence of events is much more likely to shape the future of cloud computing through its impact at the “C” Executive level (i.e. CEO, CIO and CFO) than any vendor announcement or technology trend that impacts IT.If we consider Wikileaks to be a cloud application, the first interesting point is the way that it has been able to stay up despite being subject to a number of severe external interventions. Initially it took the commercial IaaS cloud route, using Amazon Web Services, presumably with an expectation that AWS would scale to deal with the load upon it. AWS service was withdrawn, so it moved to a standard hosting service with a hosting provider in France. Then DNS Service was withdrawn (and re-instated in a different geography). Payment services have also been withdrawn or suspended.

Wikileaks and it’s supporters response has been to move to a number of technologies and to host the data:

  • Bullet-proof hosting. There are a number of hosting providers who tend not to respond to pressure from external authorities. Whether or not they have carrier status is still relevant.
  • Torrent. Distribution of packetized data streams in a peer-to-peer manner
  • Mirroring. Use of servers belonging to volunteers to distribute data if the primary site is unavailable. There are over 2000 such mirrors.

The characteristics of these technologies is that they are typically Open Source and/or run on the extensive internet-installed base of Open Source technology – Linux (predominantly in the case of Wikileaks Supporters, Ubuntu Server) and Apache, allowing deployment across very large networks at no licensing cost and without breaking the license agreement. Indeed the GPL specifically precludes usage prohibitions being imposed on users of Open Source software. Those who have come to the aid of Wikileaks using these technologies have generally done so by agreement

Furthermore, supporters of Wikileaks have launched retaliatory Denial of Service Attacks from Botnets. Illegal activities not sponsored by Wikileaks but in support (or protest) of the treatment of Wikileaks. Within most countries, these activities are illegal. The question is whether or not we will see a rash of criminal cases brought to court over such retaliation given how it impacted the cloud services.  Are DoS attacks now  the future marches and placards that make up protests? What is the repercussions of such protests if such attacks bring down major aspects of the payment card industry and the ability for people to participate in the global economy? How will this impact the cloud in the future?

Enterprises and Internet companies have generally built large expensive server farms to deliver services. There have been very few attempts to use distributed peer-to-peer computing resource, for example, in their customer base. Wikileaks has succeeded in doing this and

  1. They have been very resilient (interestingly the DNS is also a peer-to-peer system, made hierarchical only by agreement not by anything inherent in its technology).
  2. They are extremely cheap to run. Just as a Web 2.0 company outsources the creation of content to its consumers, a peer-to-peer network takes it one stage further and outsources the hosting of that content to its users.

Enterprises are naturally resistant to allowing their data to be distributed in this way, but it is also quite interesting that Wikileaks has apparently released an entire database in encrypted form into the Cloud, and still have retained control over which pieces of that database are being published.

Many enterprises are already used to manipulating the territorial location of the services they provide to reflect the regulatory and taxation framework. Skype is based in Luxembourg for a reason. Wikileaks has effectively done the same thing with both DNS and hosting service provider to retain its ability to publish. There’s nothing really new here.

Then, there is the dependency on Cloud Services from external services providers (including both IaaS and specialist payment services). These are potential points of failure in a Cloud application, being subject to the terms and conditions of that Service Provider, and may be withdrawn under a number of foreseeable circumstances. The suspension of payment service is actually fairly common for small enterprises. It causes these enterprises great difficulties, but rarely makes the news. In terms of whether Amazon had the right to withdraw IaaS service, it is certainly not a Common Carrier in US terms (Common Carriers would likely be expected to provide service to all). However, given the services are provided in Europe, the legal framework is less well-defined. We are most familiar with the UK context, but most of it is based on EU law.

The UK actually tried to use an archaic voluntary agreement amongst newspaper editors known as the DA-Notice to lock-down communication about Wikileaks. This worked with the King’s abdication in the 1930s, but not with Wikileaks. Under the 2010 Digital Economy Act the UK government appears to be about to gain the right to force ISPs to take down content and even block certain sites, but this is all fairly new, ultimately it will be determined by the European Court of Human Rights, and there seems no appetite to force the issue at this stage. There also may be a mechanism under UK and EU Competition Law to force Cloud Service providers (particularly dominant players like Amazon) to provide services, however again this hasn’t been tested.

There is a very wide range of points of view expressed about Wikileaks on the Internet. The affair has the potential to significantly influence and impact the development of the Cloud:

  1. The position on Cloud Service providers obligations/rights to provide services are clarified by legislation and/or the courts.
  2. The resiliency of the cloud. The DoS attacks perpetrated by the supporters of WikiLeaks has brought down for short periods of time critical components the global economy that reside in the cloud but could not significantly impact AWS.
  3. The impacts on decisions to enter the cloud.

The biggest impact will be within the legal realm of the cloud as the courts struggle with who is responsible for the data within the cloud. The second largest impact will be the increased need to audit the cloud to ensure that the SaaS, PaaS, or IaaS is resilient, abides required territorial laws, compliance, and business practices.