-
Best Defense
Robots: Killing Our Warrior Spirit?
-
The Cable
Whistleblower: I'm Being Bullied By State Dept.
-
Passport
Syria: Is It the Sunnis' or Shiites' Fault?
Posted By Evgeny Morozov
Thursday, December 9, 2010 - 8:30 AM
Share
The current chapter in the WikiLeaks saga has finally forced me to come out of my blogging semi-retirement! While I'm still trying to make sense of everything that has happened in the last ten days, here are some analytical notes on Anonymous and the challenges facing the Obama administration as it mulls an appropriate response to WikiLeaks.
The impact of the recent wave of cyber-attacks launched by Anonymous on a handful of companies that dropped WikiLeaks as their client -- Amazon, EveryDNS, MasterCard, Visa and others -- is hard to gauge. I'm certain these attacks won't make any of these firms to reconsider, strike peace with WikiLeaks, and offer them some vouchers in compensation. But could the attacks serve as a deterrent to other firms that have been considering dropping WikiLeaks?
Perhaps -- but I don't know how many such companies there are. Right now, WikiLeaks is heavily dependent on Twitter and Facebook as their primary channels for external communications; it's these two firms that need to be watched most closely. (I don't expect many people to call on Google to remove WikiLeaks from its search results -- but let's wait and see...) So far, both Twitter and Facebook have been taking rather bold steps: they declined to stop doing business with WikiLeaks and actually removed the accounts of Anonymous (alas with little success, as new accounts were created within minutes). It's clear that should these two companies succumb to pressure and part with WikiLeaks this would result in a major online backlash.
Now, the fact that Anonymous chose to go after Visa and MasterCard has created all sorts of other challenging issues. While the attacks targeted only the public web-sites of these companies -- rather than the underlying infrastructure that allows card transactions to be processed -- such subtleties are likely to get lost in the public debate. As far as policymakers are concerned, these attacks would be viewed as striking at the very of the global economy (even if they obviously aren't in reality). It's still not clear to me whether any credit card data has been leaked or compromised as a result of such attacks, even though Anonymous posted some links to such data on their Twitter feed. This too won't matter, as most people would assume that data has, in fact, been stolen.
I seriously doubt that U.S. authorities would be able to effectively go after Anonymous, in part because there are too many people involved, they are scattered all over the globe, and attributing cyber-attacks to them would be impossible (and would surely require reading a lot of chat transcripts from IRC). The only other possible policy response at their disposal is to make it easier to trace such attacks in the future -- most likely by empowering the likes of NSA/Cyber Command. I would imagine that after the current cyber-attacks on credit card companies -- even if they didn't cause much damage -- this would enjoy bipartisan support in the United States.
As far as long-term developments are concerned, I think that much depends on whether the WikiLeaks saga would continue being a debate about freedom of expression, government transparency or whistle-blowing or whether it would become a nearly-paranoid debate about the risks to national security. Anonymous is playing with fire, for they risk tipping the balance towards the latter interpretation -- and all the policy levers that come with it.
That said, I don't think that their attacks are necessarily illegal or immoral. As long as they don't break into other people's computers, launching DDoS should not be treated as a crime by default; we have to think about the particular circumstances in which such attacks are launched and their targets. I like to think of DDoS as equivalents of sit-ins: both aim at briefly disrupting a service or an institution in order to make a point. As long as we don't criminalize all sit-ins, I don't think we should aim at criminalizing all DDoS.
I can spend hours debating this subject but, in short, while Anonymous' actions may result in greater government oversight of the Internet, they are not necessarily illegal or immoral just because they involve DDoS attacks. The danger here is obviously that if the narrative suddenly becomes dominated by national security concerns, we can forget about DDoS as legitimate means of expression dissent -- that possibility would be closed, as they would be criminalized.
What is the impact of these attacks on WikiLeaks? The organization has been silent about its own relationship to Anonymous -- I didn't see any tweets, let alone press-releases, that either spoke out against or in favor of cyber-attacks. As far as strategy is concerned, I think it's a big mistake for WikiLeaks to stay silent on the issue. In the absence of any statements from their end, most people -- especially those who have never heard of Anonymous before -- would assume that they are part of the same hacker gang. (Sarah Palin seem to have implied as much when she accused WikiLeaks about attacking her site).
That WikiLeaks chose not to address this issue publicly suggests that the organization is either overstretched or has not yet reached a level of maturity that some of us expect from it before expressing our unqualified support for what they do. As long as most people link WikiLeaks to the cyber-attacks on credit card companies, it's a net loss for WikiLeaks. It would also make it easier for certain cyber-hawks in Washington to justify classifying them as a "terrorist" organization -- at least whenever they appear on Fox News. Arguably, this is not a battle they can win with facts anyway -- but they should at least be leaving some public record of their stance on such issues. I'm also not sure about the overstretching argument: I'm sure plenty of smart people would volunteer to do PR for WikiLeaks for free...
All in all, if the public continues to associate WikiLeaks with hacking and cyber-attacks -- rather than, say, providing a safe platform for whistleblowers -- this will greatly erode the goodwill that WikiLeaks has built over the course of the last few months by increasing their cooperation with media organizations and NGOs. That "normalization by third parties" allayed the concerns of many -- but cyber-attacks may once again seed doubt in many people's minds.
Looking beyond Anonymous, I'd like to note that when it comes to crafting an appropriate response to WikiLeaks, the Obama administration is in a very delicate position. On the one hand, the domestic pressure to do something about WikiLeaks is growing -- and it will get even worse, as Anonymous continues its attacks and adds more political targets to their list (and I'm sure they will as there is some vicious circle at play here: the more attacks they launch, the more people condemn WikiLeaks, the more new targets Anonymous has). On the other hand, it's obvious that going after WikiLeaks would put the final nails in the coffin of the State Department's Internet Freedom Agenda, which is the most obvious victim of the last ten days.
I have always had mixed feelings about this Internet Freedom drive. While I think it's misguided and led by highfalutin techno-boosters unaware of the geopolitical background to their own actions, it's also obvious to me that there is some good that may come out of the U.S. government's interest in such matters -- for example, the support they offered to tools like Tor has been most appreciated. (That support, however, predated the formation of the Internet Freedom Agenda as articulated by Clinton in January 2010).
The real question here is whether, as the public attitudes towards tools like Tor -- which provide the very anonymity that benefits leakers -- quickly turn negative, the State Department and agencies like the National Endowment for Democracy would lose the ability to fund anything in this space. It's also not clear to me whether many of the geeks associated with the "Internet freedom" movement would feel comfortable taking money from the U.S. government, given that the latter are actively pursuing people like Assange.
I think this partly explains why the U.S. government has been so slow/low I key in lashing out against WikiLeaks, leaving the rhetorical heavy-lifting to populists like Sarah Palin, Rush Limbaugh and Joe Lieberman. Leaving in their hands also means abandoning control of the conversation; so far, it seems to me that such approach has been quite detrimental.
For example, many foreign politicians are already calling on Washington's duplicity and lack of media freedoms and disrespect of human rights -- all because Glenn Beck and Sarah Palin said something radical. As far as most foreign audiences are concerned, few draw distinctions between the elected officials, those in the opposition, and the punditry -- they are all part of "Washington"; so whatever the radicals says would, of course, eventually be associated with the White House and the State Department. I don't know how long the administration can afford to stay on the sidelines of this debate.
Another possible unfortunate consequence of the current backlash is that more U.S. government funding would go to tools that don't provide full anonymity but that still allow to circumvent censorship in authoritarian states. These are the tools developed by the Falun Gong technologists who already enjoy vast support from various neocon interest groups in Washington.
This would be most unfortunate and would further alienate geeks from policymakers, as Falun Gong tools are less effective and, well, they don't provide much security at all. This would only further reveal the duplicitous nature of Washington's Internet Freedom Agenda: it will seem as if all they want to promote is the ability to break through China's firewall -- but not the ability to say and publish what one wants without attribution. Many people in the State Department are not very keen on the Falun Gong crowd either, so I can't imagine that they would be interested in highlighting such issues (and yes, I know that State Dept is not monolithic but getting into internal squabbling inside Foggy Bottom would add another page or two to this post!).
I hope to post more analysis soon! In the meantime, make sure to check my Twitter feed, where I do post occasional observations and share links about WikiLeaks.
Update #1: There is now a statement on Anonymous/DDoS posted on WikiLeaks' site. They distance themselves from the attack -- which is good -- but don't really say what they feel about it (which is not so good...)
You're not sure whether Aunonymous [sic] leaked credit card data? In a DOS attack? How would that work?
You also seem to have missed that SecureCode support was affected (in terms of server response), whether this was deliberate or not.
http://www.guardian.co.uk/news/blog/2010/dec/08/wikileaks-us-embassy-cables-live-updates
Sadly Ev i think your right, people will start to miss the details and just see 'Anonymous attacked X bank', symptom of humanity.
Your media needs to distinguish between Anon and wikieaks
The BBC managed to make it fairly clear - the two groups are unconnected in any way, as Anonymous had repeatedly stated.
It's like asking you to distance yourself from Sarah Palin's comments.
It's not 'the internet' any more, it's the 'internets', and I'm not making a bad joke, ICANN and the USG won't control squat for much longer...the only thing they can do is isolate the United States of America, imagine the sight of 'The Great Firewall of America'!
America's high minded shining city on a hill, leader of the free world, exceptional blah blah blah brought down by a little bit of truth, and worst of all, self inflicted... hilarious...
Julian Assange shouldn't win the Nobel Peace Prize he should win a comedy award!
Wikileaks has distanced itself from Anonymous...
http://www.guardian.co.uk/news/blog/2010/dec/09/wikileaks-us-embassy-cables-live-updates
2.57pm: Wikileaks is trying to distance itself from Anonymous, sort of:
WikiLeaks is aware that several government agencies and corporations, including the Swedish prosecutor, Mastercard, PayPal and State.gov have come under cyber-attack in recent days, and have often been driven offline as a result.
The attacks are of a similar nature to those received – and endured – by the Wikileaks website over the past week, since the publication of the first of 250,000 US Embassy Cables.
These denial of service attacks are believed to have originated from an internet gathering known as Anonymous. This group is not affiliated with Wikileaks. There has been no contact between any Wikileaks staffer and anyone at Anonymous. Wikileaks has not received any prior notice of any of Anonymous' actions.
Wikileaks spokesman Kristinn Hrafnsson said: "We neither condemn nor applaud these attacks. We believe they are a reflection of public opinion on the actions of the targets."
I'm surprised that this article does not mention 4chan even once. As far as I'm aware, they're the main ones behind the denial of service attacks. People on their /b/ board are all "anonymous", thus the name of the "group". I don't think it's so much them caring about foreign policy as it is them hating The Man.
I bet half of Anonymous will get bored by this in a week or two, a month maximum, like they always do. Let's remember, its members come mainly from 4chan's very own /b/ board, not exactly the most centralized and committed force on the Internet. They are good at handling targets on a short term basis, but their commitment to long term attacks should be put into question, specially as the mainstream media starts noticing that Denial of Service attacks aren't really that dangerous to global institutions.
But I do have a feeling NSA and several other intelligence agencies across the globe are gonna be paying more attention to everything that goes on in the "chan" image boards, if they haven't started already, mainly because said boards have been a clear gathering spot for individuals promoting a wide range of criminal activities, actual "hacking", identity theft, privacy concerns,child porn distribution, and others .
Sadly Ev i think your right, people will start to miss the details and just see 'Anonymous attacked X bank', symptom of humanity.
www.dokunbana.com
"Assange Calls For Obama's Resignation If Confirmed President Approved UN Spy Ring"
This is like a foot soldier calling for Ulysses S. Grant to resign during the Appomattox campaign of 1865. President Obama is keeping a steady hand on the tiller of world affairs. Julian Assange is acting like an anarchist gossip merchant.
I repeat...
Some things must remain private and confidential. In any organisation whether it be a corporation, government, defence force or charity there is a hierarchy of awareness and responsibility. Certain people are invested with executive decision making. Obviously these people should be employed on merit. Pure anarchic openness of all information sources leads to mass confusion, as people are unable to prioritise and process the data. A happy child trusts his parents to make good decisions on his/her behalf. That is why we need command and control structures in place around the world. When people feel that their confidences can be betrayed at the click of a mouse they are loathe risking authentic connections with others. We actually need more respect for intellectual property and healthy boundaries everywhere right now, not less.
P.S. What does it say about Mr.Assange's respect for healthy boundaries and the concept of sovereignty that he so recently had casual, unprotected sex ?
As you can see by the reaction of the left to the Wikileaks take down, the youth of today are very adept at using the Internet and their considerable computer skills to disrupt and even shut down a major company via cyberspace.
Not only should major companies be very concerned about this trend, governments around the world should be aware of the ability and determination these radiclas have to disrupt commerce and even daily life.
"A cyber attack on America's financial and economic nervous system will be the next Pearl Harbor." - K.T. McFarlane, former Bush National Security Advisor
“There is now a statement on Anonymous/DDoS posted on WikiLeaks' site. They distance themselves from the attack -- which is good -- but don't really say what they feel about it (which is not so good...)”.
The idea of Wikileaks expressing feelings is bizarrely anthropomorphic.
I find it amusing that the hacker group attacking on behalf of transparency is called "Anonymous".
Also,
"I don't think that their attacks are necessarily illegal or immoral. As long as they don't break into other people's computers, launching DDoS should not be treated as a crime by default"
Correct me if I'm wrong, but don't DDOS attacks usually harness botnets (hundreds or thousands of unwitting, usually home computers) to do the attacking? The implication being that they have already broken into other people's computers
You download it voluntarily. http://www.networkworld.com/news/2010/121010-wikileaks-ddos-tool-downloads-grow.html
Let's remember, its members come mainly from 4chan's very own /b/ board, not katalog firmexactly the most centralized and committed force on the Internet. They are good at handling targets on a short term basis, but their commitment to long term attacks should be put into question, specially as the mainstream media starts noticing that Denial of Service attacks aren't really that dangerous to global institutions.
Morozov joins the other major media whitewashing Anon.
http://3dblogger.typepad.com/wired_state/2010/12/major-media-white-washing-4chan-anonglobalpr-agitprop.html
This article is morally disgraceful in every regard. The sly and even sinister diminishing of the actual immorality and criminality of both WikiLeaks and the Anonymous b/tards are outrageous. The attacks these technocommunists made -- and that is precisely the term to use about them, their ideology, and their methods -- are indeed meant to assault capitalism and the institutions of free society. These people even attacked the "progressive" Electronic Frontier Foundation which champions freedom of expression (albeit usually in the forum of attacking copyright) merely because the EFF expressed its unhappiness with Anon's vigilante methods. Morozov left that bit out.
Parsing their attacks as "not really" attacking infrastructure is facetious. In fact they do damages, and we don't always know the extent of them, and the attacks aren't over.
The leftist Guardian reported that trading was down for the days of these attacks and indeed attributed to them -- that's not good enough for evidence of harm for Morozov? And Paypal's payment mechanism *was* attacked.
Minimizing this coercion and violence as merely a "civil disobedience" as if these people were Gandhi does a disservice to the noble traditions of civil disobedience for reasons of *conscience*. These people don't have a conscience; they are morally void and legally nihilist.
The real question is why someone who blogs on the establishment Foreign Policy and enjoys a visiting scholarship position at Stanford and other institutions of the establishment feels the need to join the underminers of these institutions and make common cause with them -- continously. Have a look at Morozov's Twitter feed to see the unseemly enthusiasm he's showing for these vandals.
The utopianist way in which Morozov keeps giving these people directives -- they need to get better PR, they need to switch tactics -- on Twitter and his NYT piece advocating a giant monopolist platform for leaking -- a Ministry of Truth -- let's us know his vision: it's an awful one.
To pretend that WikiLeaks has no relationship with Anonymous -- when one Anon member has already been sentenced to jail for Sarah Palin's e-mail hack -- is to imagine we are all as clueless as the mainstream media just hearing about these Leninist groups for the first time. Just look at the overlap between all the people who downloaded insurance.aes256 and who launched the LOIC attack. It's the MO of both these mendacious covert anarchist cooperatives to lie about the nature of what they do, and pretend they are unrelated. And old story in the annals of conspiracies. Keep looking.
Unfortunately for Morozov, he cannot move fast enough to sanitize the already black reputation of WikiLeaks and Anon-- their Bolshevik methods do that for them thoroughly. The Pentagon Papers involved high-placed government officials who gave their files willingly and knowingly and worked with professional journalists and lawyers on a matter of conscience where they already had a record of concern. The sullen uneducated goons of WikiLeaks and Anon don't even know what they are dumping on to the Internet, and they have obtained it by force and without authorization, not with consent.
The cyberattacks are likely to continue because the establishment will not yield to bullying by thugs. The public will never be convinced that people who steal files without CONSENT are to be trusted. The U.S. will likely find some means of prosecuting, or more likely sanctioning Assange and WikiLeaks which is their right, and there will be more circling of the wagons and closure of information portals. And that's what Assange sought all along, "the worse, the better" as he openly explained, to destroy the U.S.
Washington's Internet Freedom Agenda isn't so much duplicitious as it is superficial. But Morozov's agenda is no better - it's a frank, beligerent call to arms by thugs in the name of undermining civil society, and it is only thinly cloaked in scholarly rhetoric.
Evgeny Morozov, originally from Belarus, is a visiting scholar at Stanford and a Schwartz Fellow at the New America Foundation.
Read More
Follow us on Twitter | Visit us on Facebook | Follow us on RSS | Subscribe to Foreign Policy
About FP | Meet the Staff | Foreign Editions | Reprint Permissions | Advertising | Writers’ Guidelines | Press Room | Work at FP
Services:Subscription Services | Academic Program | FP Archive | Reprint Permissions | FP Reports and Merchandise | Special Reports | Buy Back Issues
Privacy Policy | Disclaimer | Contact Us
11 DUPONT CIRCLE NW, SUITE 600 | WASHINGTON, DC 20036 | Phone: 202-728-7300 | Fax: 202-728-7342
FOREIGN POLICY is published by the FP Group, a division of The Washington Post Company
All contents ©2013 The Foreign Policy Group, LLC. All rights reserved.
(16)
HIDE COMMENTS LOGIN OR REGISTER REPORT ABUSE