Wikileaks Says Its Site Has Been 'Killed'

from the yeah that'll help dept

This is definitely a “developing” story, but apparently the entire Wikileaks.org site has gone down again and the Wikileaks folks are claiming that the domain was “killed by US everydns.net after claimed mass attacks.” That’s a bit cryptic and Wikileaks has not been above jumping to conclusions at times. It’s unclear, for example, if it was just the company EveryDNS who did something on their own, or if the US government was involved. It could be as simple as the sort of pressure Senator Lieberman is applying on US companies. Update: The EveryDNS website says they made the decision because the DDoS attacks on Wikileaks violated their terms of service in that it could interfere with other websites. I understand the fear that it could cause problems with other websites, but it seems weird to say that getting attacked by a DDoS violates your terms of service. It’s something totally out of the control of the website.

Either way, it is a bit silly to think that taking down Wikileaks’ website would actually do anything in this situation. The data that they’re releasing is out there and plenty of people can easily find it. It won’t take long for them to set up another website if they want to — and while it may be a bit harder for people to find them, to date, the organization hasn’t exactly had any problems getting everyone else to promote what they release for them. Whatever the reason is for taking the domain name offline, it’s difficult to think it would be effective in stopping Wikileaks in any way. If anything, it just calls that much more attention to the organization.

Filed Under: ,
Companies: everydns, wikileaks

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Wikileaks Says Its Site Has Been 'Killed'”

Subscribe: RSS Leave a comment
68 Comments
Adrian Lopezsays:

Re: Re:

You mean it’s possible to shut down any website run by an EveryDNS customer simply by engaging in a denial of service attack against them? That’s pretty fucked up.

Also, can a denial of service attack against a website really affect the DNS system to such a degree that EveryDNS would little choice but to shut them down? I thought DNS requests were cached by ISPs, thus limiting the registrar’s exposure to excessive requests. Isn’t that the case here?

I suspect government pressure is involved and wonder how long until we see one of those Homeland Security notices on the Wikileaks domain.

SJsays:

Re: Re: Re: Re:

You can DoS a dns provider by issuing dns-lookups for a given domain on that provider. It’s not really different from other DoS attacks against a website itself only that dns queries are issued.

Usually your system will cache the dns information according to the TTL specified in the domain – which is for “static ip addresses” usually in the range of 48h. By issuing a custom dns query you can circumvent that cache.

Adrian Lopezsays:

Re: Re: Re: Re: Re: Re:

Makes sense. In that case I can understand EveryDNS’s desire to protect itself against such attacks, but I still think it sucks you can have somebody’s domain name shut down by engaging in a DoS attack against the registrar.

Assuming Wikileaks is able to recover its domain name and transfer it elsewhere, hopefully they can find a registrar who wouldn’t break so easily under the pressure.

SJsays:

Re: Re: Re:2 Re: Re: Re: Re:

EveryDNS does not provide domain registration. All they do is host DNS information.

Basically at your domain registrar you tell that the nameservers of EveryDNS are the master zone files pointing the IPs of your mail, web, what-ever servers.

I actually like EveryDNS because up to a while ago (before they were bought by no-ip.com) the offered to host the DNS for free – also if you are on a dynamic ip. They offered clients to update your dns automagically.

So don’t worry about recovering the domain name.

Anonymoussays:

Am I the only one trying to come up with how they must word letters like this?

‘Dear Customer;

We have been alerted that your website has come under attack by a DDOS attack. We realize this is an illegal attack upon your site in order to remove you from the internet.

As such, we are going to cancel your account, preventing your website from being accessed. This is to counter the crime of DDOS attacks.

We WILL NOT stand for our members coming under attack by criminals, and WILL cancel your account permanently upon being attacked.

Thank you for your support.’

… Actually that was kind of fun to write in a sort of sick and twisted way. I do get where they are coming from, the needs of the many and all, but it still seems like a sort of a… well, disgusting move. ‘You violated the terms of services by being attacked.’ And then of course, the effective ‘it is your fault if you experience any downtime’ there at the end.
(None of the preceeding is accurately quoted, but paraphrased and come from the mind.)

Anonymoussays:

Re: Re: Re: Re:

That was actually an interesting read, but, I do have a question. If I read the article correctly (and I very well may have not) it speaks about dealing with a DOS Attack on the DNS itself, and not a website that goes through the DNS?

I noticed above that SJ mentioned that you can attack the DNS by doing a DNS Lookup, is that the case here, or is it just a possibility? (I assume doing an attack of that nature posts which website is being looked up, so that there is a way to know who drew the ire of the attacker(s)).

And with the above, does the attack do double damage, hitting both the website and DNS provider, or is it basically an attack on just the provider with a link to why?

I also wonder that if it is an attack on the DNS provider itself, how do you track which website drew the ire? Or, does the fact that they do have one website to blame indicate that it was not an attack on the provider directly?

I am admittedly ignorant on how much of this works, and always glad to learn a bit more. Thank you for your time.

Anonymous Cowardsays:

Re: Re: customer letter

Actually it’s not quite like that …
Dear Customer:

Your website has come under a Distributed Denial of Service Attack (DDOS). This is an attack by multiple systems across the Internet against your DNS service, designed to make it impossible for anyone to reach your website.

Unfortunately the attack has the collateral affect of making it impossible for anyone to reach the websites of all our clients, not just you.

We have the unfortunate choice between shutting down your DNS until the attack subsides, or having all our DNS services shut down for all our clients. To avoid loss of service to all our clients, we’ve had to make the choice to shut down your DNS service. Doing this is not something we take lightly, but unfortunately there’s no other choice; ir we don’t take this step your site goes down anyone, and so does everyone else’s.

If this is a random DDOS attack it will subside in time, and we’ll start hosting your DNS again, and of course we’ll let you know. However if you’re suffering a continuous DDOS attack it’s unlikely we’ll be able to continue serving your DNS. In that case we’ll be happy to consult with you in setting up a DNS solution just for you (no other clients sharing the same servers) which could be more robust in the event of such an attack.

However, we should warn you that this solution could be significantly more expensive than shared DNS hosting.

Please feel free to contact me by email or by telephone to discuss the issues involved and how to best remedy them.

Of course we’d include some links to our terms of service, some excellent articles on preserving DNS services in the face of DDOS attacks, and the like.

In response to your last paragraph, I can only admit that yes, our TOS allows us to shut you down for DDOS. If we had to build the kind of infrastructure that would uphold any DDOS attack, and pay for all the traffic in a DDOS attack, then we’d have to charge 100 times more for our DNS services than we do now.

And then we most likely wouldn’t get your business, you’d go elsewhere and risk getting caught up in exactly the DDOS mitigation we do.

Anonymous Cowardsays:

Re: Re: customer letter

Actually it’s not quite like that …
Dear Customer:

Your website has come under a Distributed Denial of Service Attack (DDOS). This is an attack by multiple systems across the Internet against your DNS service, designed to make it impossible for anyone to reach your website.

Unfortunately the attack has the collateral affect of making it impossible for anyone to reach the websites of all our clients, not just you.

We have the unfortunate choice between shutting down your DNS until the attack subsides, or having all our DNS services shut down for all our clients. To avoid loss of service to all our clients, we’ve had to make the choice to shut down your DNS service. Doing this is not something we take lightly, but unfortunately there’s no other choice; ir we don’t take this step your site goes down anyone, and so does everyone else’s.

If this is a random DDOS attack it will subside in time, and we’ll start hosting your DNS again, and of course we’ll let you know. However if you’re suffering a continuous DDOS attack it’s unlikely we’ll be able to continue serving your DNS. In that case we’ll be happy to consult with you in setting up a DNS solution just for you (no other clients sharing the same servers) which could be more robust in the event of such an attack.

However, we should warn you that this solution could be significantly more expensive than shared DNS hosting.

Please feel free to contact me by email or by telephone to discuss the issues involved and how to best remedy them.

Of course we’d include some links to our terms of service, some excellent articles on preserving DNS services in the face of DDOS attacks, and the like.

In response to your last paragraph, I can only admit that yes, our TOS allows us to shut you down for DDOS. If we had to build the kind of infrastructure that would uphold any DDOS attack, and pay for all the traffic in a DDOS attack, then we’d have to charge 100 times more for our DNS services than we do now.

And then we most likely wouldn’t get your business, you’d go elsewhere and risk getting caught up in exactly the DDOS mitigation we do.

Anonymous Cowardsays:

Re: Re: customer letter

Actually it’s not quite like that …
Dear Customer:

Your website has come under a Distributed Denial of Service Attack (DDOS). This is an attack by multiple systems across the Internet against your DNS service, designed to make it impossible for anyone to reach your website.

Unfortunately the attack has the collateral affect of making it impossible for anyone to reach the websites of all our clients, not just you.

We have the unfortunate choice between shutting down your DNS until the attack subsides, or having all our DNS services shut down for all our clients. To avoid loss of service to all our clients, we’ve had to make the choice to shut down your DNS service. Doing this is not something we take lightly, but unfortunately there’s no other choice; ir we don’t take this step your site goes down anyone, and so does everyone else’s.

If this is a random DDOS attack it will subside in time, and we’ll start hosting your DNS again, and of course we’ll let you know. However if you’re suffering a continuous DDOS attack it’s unlikely we’ll be able to continue serving your DNS. In that case we’ll be happy to consult with you in setting up a DNS solution just for you (no other clients sharing the same servers) which could be more robust in the event of such an attack.

However, we should warn you that this solution could be significantly more expensive than shared DNS hosting.

Please feel free to contact me by email or by telephone to discuss the issues involved and how to best remedy them.

Of course we’d include some links to our terms of service, some excellent articles on preserving DNS services in the face of DDOS attacks, and the like.

In response to your last paragraph, I can only admit that yes, our TOS allows us to shut you down for DDOS. If we had to build the kind of infrastructure that would uphold any DDOS attack, and pay for all the traffic in a DDOS attack, then we’d have to charge 100 times more for our DNS services than we do now.

And then we most likely wouldn’t get your business, you’d go elsewhere and risk getting caught up in exactly the DDOS mitigation we do.

Drizztsays:

Re: Re: Hidden Services Wikileaks

The hidden service shouldn’t be affected, they work differently, see http://www.torproject.org/docs/tor-hidden-service.html for details on how a hidden service can be set up.

If you still can resolve wikileaks.org, it just means you have a cached result somewhere in your resolve chain. because EveryDNS’ DNS servers don’t answer if you ask for “wikileaks.org”, check it yourself with “dig @ns1.everydns.net wikileaks.org” (according to the WhoIs entry for wikileaks.org you can also try ns2, ns3 and ns4 but that doesn’t change the result).

Cheers,
Drizzt

Johnnysays:

Just wondering

If someone DDosed EasyDNS.net’s own site, would they take it out too in order to “protect their customers”?

In a tweet on Friday, the owner of EveryDNS, Dynamic Network Services Inc., wrote that “trust is paramount: Our users and customers are our most important asset.”

Doesn’t what these companies say just sound like the kind of propaganda you could have expected from the Soviet Union? I.e. saying exactly the opposite of the truth. In this case clearly EveryDNS’s customers can’t have any trust that EveryDNS will try keep their sites up.

Anonymoussays:

DNS issues

First, to all people who are posting IP addresses: the reason we have DNS is not that it is easier to type, it is that IP addresses change. As soon as the site is moved to a new network, the IP address will change, and given the current situation, this is probably going to happen often with Wikileaks. Posting IP addresses can be very useful for the moment, but they are not a permanent solution.

Second, the root of their DNS is not EveryDNS, it is the .org registry, where they can simply point to another set of DNS servers. They can even host the DNS themselves (it is very easy to do, you just need a couple of servers). Thus, unless the .org registry is involved, that domain name is not permanently down.

Third, to those posting tor addresses (.onion): you can use tor2web to view them without installing tor. However, the site given does not appear to be the official Wikileaks site, but a mirror by someone else, which is probably a bit outdated.

FMHiltonsays:

It’s undoubtedly the government at it’s best. There’s probably a section at the NSA that’s doing nothing but tracking where the domain and website pops up, and launches millions of hits on it to take it down.
Not an easy job, but someone has to do it. Don’t want the sheep to see how stupid our diplomacy has become.
I’m not surprised at all, given that the TSA and Homeland Security have been hard at work taking down sights without notice on the pretext that they were counterfeiting merchandise.
Remember one thing-the internet was based on the governments’ backbone infrastructure. Still is, for the most part, even though we believe otherwise.
The government for the most part owns all of the pipes, and if they don’t like the stuff you give out, they can and will take a site down.

Anonymoussays:

Well, I could understand being arrested for being shot, I mean, its not your bullet and you probably should give it back.

What has happened in the past isn’t what this shutdown is about, media centers already have every document that has been posted. Makes for nice new articles every day.

Why did it get taken down now? What was coming up? It sure wasn’t taken down to close the barn door after the horses got out, so just what was coming up to be released? Answer that and you might answer the question of who took it down.

aldestrawksays:

EveryDNS rationale makes no sense

EveryDNS does not say if there is a DDOS attack on their nameservers or just on the Wikilieaks site. If their response to a DDOS attack on a customer is to delete their listing on the nameserver then this would only encourage DDOS attacks as this makes the attack, essentially, more effective. Also, since EveryDNS does not do domain hosting how are other customers affected by a DDOS attack on one customer? If EveryDNS itself is undergoing a DDOS attack, de-listing Wikileaks.org will not directly stop that attack. They are just hoping that de-listing will placate the attackers who will then gratefully cease their attack. A strategy that, again, makes DDOS attacks more effective and so encourages them. This also assumes that the DDOS attack comprises repeated queries for only the Wikileak domain(s). Their rationale is not believable and stinks of unspoken outside pressures.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop ยป

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow