Some notes from the infowar
I've been watching with horrified fascination the entire wikileaks thing, and taking notes all week, instead of getting anything done. Rather than just keep accumulating notes I'm just going to post this article as is and if anyone has constructive suggestions or good links to add, please comment.
Weapons of mass distraction, unleashed
As I write, there's over 13000 articles on wikileaks on news.google.com. It's damned difficult to find any that are actually about the leaks!!
Here's some pointers to the actual journalists's series reporting on the actual CONTENTS of the wikileaks cables:
* http://www.guardian.co.uk/world/the-us-embassy-cables
The guardian cables.
* http://www.nytimes.com/interactive/world/statessecrets.html
NY Times "State Secrets"* http://www.spiegel.de/international/topic/wikileaks/
Der Spiegel (in english)
* http://www.elpais.com/documentossecretos/
El Pais (a chance to exercise mí Español or google translate)
And some knowledgeable journals have set up sites to discuss the issues.
http://wikileaks.foreignpolicy.com/
Foreign Policy (I found their investigation into the
Zimbabwe diamond racket fascinating.
And then there's the
previous War Logs analysis by the NY times, which I hadn't read before now.
I am delighted that some of the above have RSS feeds, so that I can subscribe to the content, and not the noise. (Getting this blog entry into a web format rather than an RSS format is proving a problem! I've basically had to abandon the web to stay on top of things)
I really miss netnews. Issues were categorized into topics and anyone wanting to read or post something on that topic did. You could implement - on your own machine/account, a filtering mechanism that rated the authors of the posts, so you could filter them up or down for factual-ism or bias. It
was called scoring - and that's difficult to do on the web. The current architecture of twitterers and followers and fans is not as good.
There's also been some very interesting stuff from the horses' mouth:
http://www.commondreams.org/view/2010/12/07-1
Assange's editorial in the Australian, or the interview in Time.
And there has been some truly compelling commentary -
Glenn Greenwald in particular,
here, and
especially here, but also the
Harvard Business review, and
mother jones and
the New American. I freely admit that this paragraph of links conforms to my own biases, however:
I try really hard to read original sources, and not the extracts and analysis repeated by talking heads, I only read newspapers and news-magazines and bloggers that have an open commenting policy (often the comments are better than the news!), and also turn to wikipedia's talk pages to try and gain real insight into the debate inside of presenting an issue.
I also try very hard to compare the news with my direct experience. For example I saw clear signs of a DDoS in Nicaragua at the time of "suicide" of Managua's mayor, and learned yesterday (via the wikileaks cables) that my private opinion of the
Hondouras Coup may have been correct.
Lastly, I try to avoid groupthink myself by going to sites that I know hold opposing philosophies, such as redstate. I always come back from that pretty shaken, with a need both to recheck my facts, and take a shower, and sometimes, comment myself - but usually that's in such a poisonous atmosphere that sustained participation proves impossible. I'm still nerving myself up to make a comment about how good current cryptography is, over there.
Even with all those critical methods in place, I find it really hard to separate fact from opinion! I owe a big thanks to my reliable commenters to straighten me out when I go off half cocked.
These methods don't help those that still read paper, or watch TV news, they are all victimized by what I call the meme war: the quest, by all media, for a simple, convincing phrase that jams a complex issue into a pre-biased word-bucket.
The meme war has been going on, and escalating, ever since the invention of mass media.
99% of modern “journalism”, via mass media, seems to involves capitalizing on a key phrase and then endless repetition thereof.
Conventional media - particularly broadcast media - only has a fixed amount of words to fit any issue into - and no feedback mechanism exists besides the long, slow process of a letter to the editor, and the occasional printed retraction.
So we see, over time, various sides of an issue testing new phrases out on the public, and seeing what sticks, then repeating it endlessly as a substitute for refer-ing to original sources or a quest for the truth. So far I've seen "whistleblowing web site" mostly replaced and “hactivist” now competing with “terrorist”, and numerous other examples of a loaded word in nearly every article I read about the controversies.
As soon as you tag a noun with a loaded phrase, pre-thinking happens. The weapons of mass distraction still work, really, really well, and I hate that.
Simultaneously with all this nonsense going on is a giant budget deal with congress, huge revelations about the Federal Reserve, and no doubt other news that has been buried by the WMDs in play this week.
Keeping score on the infowar
Netcraft
is tracking uptimes for afflicted sites.
Leakylinks reports, as I write this, that there are over 1411 sites successfully mirroring wikileaks, and over 14 DNS mirrors.
Paypal released wikileaks funds.
EasyDNS - after being mistakenly targeted by a DDos attack, decided to
supply DNS to wikileaks, when asked. They say their customers love it.
2600 has come out with a well defined position.
On the Mass replication of wikileaks
Massive replication of network links and data was part of the Internet's original design - it's the only way to be nuclear war-proof - and as a side effect of that we got freedom of speech. And spam. And DDoses. It's not a perfect world!!, but I note that it is possible to build up your organizations infrastructure - whether you are a small or large business, to where you can serve your customers better in the general case. If you host your own DNS - have many copies - distribute your data regionally - and internationally - you can serve up more data, faster, with less latency, and less catastrophic failure modes - whether they be power failures, incompetency, someone with a backhoe in the wrong place, or a DDos,
Replicating services regionally is something that
those afflicted by Anonymous - OR those that fear government sanction - or simply want to build a better service, would do well to emulate.
Other news organizations should explore the benefits of torrents and tor to see if they reach new markets, for example, beyond the great firewall.
One of the grave difficulties in doing data replication is that web content today is difficult with the complexity of the presentation stack - you need a database, a web server, some sort of dynamic content language, javascript, and and a horde of other specific tools.
Serving static content requires 1/1000th the resources a modern web site requires, for 90% of the functionality. It's why wikileaks is no longer a mediawiki. We'd be burning a lot less electrons and buying a lot less servers with more static content.
Cloud computing
I've
been really critical of the cloud in the weeks prior to this, long before I ever heard of wikileaks. Now it sounds like a few others are "getting it", talking about the
privacy of medical records, for example. There was a good piece that I can't find right now about localizing records like this.
I was unaware, until now, that the HITECH Act gives doctors $44,000 over five years to establish electronic health records.
I'm a strong advocate of privacy and security for everyone - and technologies like pgp and otr and distributed databases are some of the means to get that.
The DDoses
One overwhelming early narrative is that "wikileaks was under attack by hackers". That narrative was started by wikileaks themselves and picked up, without question, by every piece of news media out there.
What hackers? Whose hackers?
For over a decade now, I've figured any government worth its salt
has been participating in a covert cyber-war, with multiple levels of plausible deniability. I can also imagine
useful idiots, criminals, and cannon fodder on all sides with their bot-nets at the ready, ready to participate in whatever crazy idea a charismatic or well funded person or organization or government might come up with.
No hacker organization behind the attacks on wikileaks has come forward with the exception of a poser - So who attacked wikileaks? Is anyone investigating that?
Update: PLEASE NOTE: I am mortally opposed to the use of DDoS attacks for any purpose, by anyone. If technologically feasible I would deny this avenue of attack or protest to everyone -
Unfortunately, botnets remain a fact of life, and will remain so so long as insecure systems like Windows continue to exist, and third party apps like flash contain holes you can drive a truck through, and clouds remain cheap. I've been encouraging users for 20+ years now to be aware of security concerns, to not click on shiny objects, install and keep updated virus checkers, run adblock+ and noscript, and install Linux over their old Windows partition, or to switch to Macs... without much success.
On maintaining secrecy
Gary Warner (a very smart security guy) has one of the more cogent descriptions of
information security lessons learned so far:
We can agree to disagree on whether Manning is a Patriot, an Anarchist, or a Traitor, but the important outcome of any event of this nature is that we document our Lessons Learned.
* Consider your own Information Collection in your workplace.
* What are the "Categories of Information" and how is access to those categories assigned?
* Within each area what are the "Sensitivity Levels" or "Classification" of that data?
* What is a "reasonable volume" for accessing data in each of those categories and classes?
* Perhaps most importantly, who is in charge of monitoring access to those categories of information, and how are "alarms" set when a category, class, or volume condition is reached?
Lastly...
Here's a plug for the often overworked, overtired, and certainly mis-understood security professionals and software engineers that have been working their asses off for decades to protect the computers of their friends, families, companies, organizations and governments from script kiddies, spam, and internet AND political attacks. 99.99999% of them are white hats, neutral - acting to keep the internet open for all.
They defend, rather than attack. They work in an extremely complex, dynamic field.
It's a really high-stress job - it involves high tech skills, and eternal vigilance, with no upside - you get no respect or recognition if you do your job well, and take the rap if you get beat. Getting beat involves high stakes, too.
I used to do that for a living, until it burned me out. Defending against attacks and abuse like the "Ping Of death", etc, has cost me a lot of hair, and a lot of sleep. Instead of being on the front lines of defense, I merely observe them now. I
have been working on new protocols (ipv6, sctp,
hip) that I hope won't have the problems that the current Internet has. I'm not too hopeful about that, but to not try, would be to fail.
I'm very glad there are still people working hard at defending all our systems, technical, and legal. Otherwise, we wouldn't be having this conversation right now.
I'm also glad that, despite all the other weapons of mass distraction deployed this week, that
spacex had a perfect launch and recovery yesterday.
I'm going back to work. (While researching new ways to defend and improve the systems of myself and clients, I discovered that - maybe - maybe- a key argument in the net neutrality problem was technical rather than political. It's called
bufferbloat. I'm fiddling with the idea now)
Lastly (Really!), Laughter
Some outrages are best met with a giant belly laugh and outright ridicule. Here's a hysterical (and TOTALLY NSFW - oh, the irony!)
defense of the first amendment. In response to homeland security doing a deal for an
anti-terrorist campaign inside of wallmart,
here's this response.
Seriously... going back to work now.
well, this presentation on how
good modern humans really have it cheered me up enormously.
Update 2 (friday morning): I just realized I was deploying weapons of mass distraction on
myself. ah, well, sometimes you have to let the world take care of itself for a while. I'm going to TRY to not look at any wikileaks output until tonight.
Labels: meme war, wikileaks