Journalist Sues FCC For Hiding Details About Its Alleged, Phantom DDOS Attack

from the calling-your-bluff dept

You might recall that when John Oliver did his latest piece on net neutrality, the FCC’s comment system ground to a halt under the load of viewers pissed to realize that the FCC is trying to kill popular consumer protections protecting them from buffoonery by the likes of Comcast. But the FCC then did something odd: it claimed that a DDOS attack, not HBO’s hit show, resulted in the website’s issues. A statement issued by the FCC proclaimed that extensive “analysis” by the FCC had led the agency to conclude that it had suffered the attack at roughly the same time Oliver’s program had ended:

“Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”

The problem: security experts saw no evidence that claim was true in publicly available logs, and saw none of the usual indicators preceding such an attack. And the FCC ever since has been bizarrely cagey, refusing to provide any evidence whatsoever supporting its claim. The FCC was subsequently prodded by several Senators as to the nature of the attack, but the FCC still refused to share any real data, despite agency boss Ajit Pai repeatedly, breathlessly insisting he would be a stalwart defender of transparency at the agency.

And when Gizmodo recently filed a FOIA request for anything regarding the nature of the attack, the FCC first released seventeen pages of nonsense, before admitting it had no documented “analysis” proving an attack as previously claimed. When additional websites began to point out that the FCC’s behavior here was a little odd, the agency sent out a strangely-punchy press release lambasting news outlets for being “irresponsible.”

So what’s really happening here? The unsubstantiated journalist guess du jour is that the FCC bizarrely made up a DDOS attack in a feeble attempt to downplay the “John Oliver effect” in the media. “We weren’t inundated by millions of people angry that we’re killing popular consumer protections solely to the benefit of Comcast,” this narrative suggests, “we were unfairly attacked!” The fact that there never actually was a DDOS attack would go a long way toward explaining the Trump FCC’s subsequent inability to provide any evidence supporting the claim, even under pressure from Congress.

Hoping to flesh this theory out a bit, journalist Kevin Collier last week filed a lawsuit against the FCC (pdf) not only demanding more data on the agency’s supposed DDOS attack, but also urging the FCC to provide some insight on what it’s doing to address the wave of bogus, bot-produced anti-net neutrality comments flooding the agency’s website in recent months:

“Collier said his records request was prompted by the FCC’s “weird and cagey” inclination to obscure details about the incident. “The fact that they gave Gizmodo such a runaround in its own request for internal ‘analysis’ of the attack just goes to show this,” he said. “I want to know the full story.”
Sen. Ron Wyden, Democrat of Oregon, told Gizmodo last week the FCC’s actions raised “legitimate questions about whether the agency is being truthful when it claims a DDoS attack knocked its commenting system offline.”

Again, the refusal to address fraudulent anti-net neutrality comments being made at the FCC website (like the one made in my name), combined with the FCC’s bizarre, phantom DDOS attack, has many believing the FCC is actively engaged in an intentional, amateurish attempt to downplay the massive backlash to their assault on net neutrality. And while it’s entirely possible the FCC is just being non-transparent and generically stupid here, if it can be proved the agency actively lied about a DDOS attack then covered it up simply to downplay the immense unpopularity of its policies, the inevitable lawsuits against the agency in the wake of its final vote to kill the rules could get very interesting.



Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Journalist Sues FCC For Hiding Details About Its Alleged, Phantom DDOS Attack”

Subscribe: RSS Leave a comment
42 Comments
Nathan Fsays:

If you look at it from their point of view, they were indeed hit by a DDoS. They just neglect to mention the fact that instead of it being bot controlled, it was done by all the people watching John Oliver’s show. So it was a DDoS attack at in its most basic form, caused by to many people trying to go there at the same time. Reminds of the old Slashdot effect. Sometimes when an interesting article would appear on this site for a time afterward the site would be overloaded with page requests and not respond.

So basically the FCC website got Slashdoted.

PaulTsays:

Re: Re: Re: Re:

“robust cloud service company”

Just how robust? A quick host lookup on fcc.gov shows Akamai, but they may only serve static content depending on the level of service you pay for. If they only use it for static content and they have centralised DB or other vulnerable infrastructure design. In fact, “cloud” doesn’t mean invulnerable to DDOS, it just means that a well designed site is less likely to have problems with a decent provider.

Mesays:

Re: Re: Re: Re:

The website may be hosted by Akami, but a few years ago, their entire site was down for several days while they physically moved their server infrastructure to a new building. They obviously haven’t put the backend servers into a scalable cloud yet. That tells me they have a very limited backend to support requests from the frontend. DDoS via normal heavy user requests without overloading the front end possible? Check.

Christensonsays:

Re: Re: DDOS versus legitimate overload requires human judgement

I’m with Nathan F and others — whether a heavy traffic load is a DDOS or the slashdot effect is very much a human opinion, and a value judgement, too.

That is, if John Oliver cared to talk up techdirt, techdirt can expect an unprecedented load on the site functionality. If there’s enough broken browsers or packet loss out there, or techdirt’s ISP (or maybe just comcast) is full of something besides good stuff, it looks just like a DDOS attack.

We call “good” traffic the traffic eventually sourced by human beings on an individual basis, but really good AI can generate something that is hard to distinguish, and it gets really complicated when you remember that Russia had a paid army of people putting the russian slant on things and generally fanning the flames of discord.

PaulTsays:

The amusing thing is that in purely technical terms, there’s no difference between a DDOS attack and an unusually high level of legitimate traffic. The only difference is the number of independent actors involved and their intent. Believe me, both as a sys admin and a customer, there’s nothing more annoying than a marketing campaign that leaves servers unprepared for the traffic that gets to them, and for all intents and purposes it might as well be a DDOS when that happens.

The question is merely how they quantify the following:

“These actors were not attempting to file comments themselves”

In order to honestly make that claim, they should have evidence in support of it, so show us your log files.

Anonymoussays:

Re: Re:

The amusing thing is that in purely technical terms, there’s no difference between a DDOS attack and an unusually high level of legitimate traffic.

While the effects may be similar, there certainly is a difference. Just as there is a difference between, say, self defense and murder.

The only difference is the number of independent actors involved and their intent.

Ahh, so there is a difference. My point, exactly.

Hahnsays:

Re: Re: FCC liar...

.

…step back from the minutiae here and observe the much larger picture …. if the FCC leadership is demonstrably dishonest & actively working against the public interest — then the government-regulatory-model of economic/social improvement is fundamentally flawed.

This type of “independent” behavior by government regulatory personnel is very common. So consider the overall implications for average citizens in relation to their government.

Ninjasays:

“if it can be proved the agency actively lied about a DDOS attack then covered it up simply to downplay the immense unpopularity of its policies, the inevitable lawsuits against the agency in the wake of its final vote to kill the rules could get very interesting.”

There is plenty of evidence that they lied and you don’t need any documentation that’s not already public anyway to prove they lied. Pai is the one who will have to “produce” documents proving public knowledge wrong. And that’s pretty much impossible.

If I may suggest, you (Techdirt or at least Mike) should join the party and at the very least fill an amicus brief calling attention to your own name being used fraudulently and the total lack of will to fix it displayed by the FCC.

And if it’s proven the FCC lied then sue Pai himself for his actions.

If Pai wants to ignore the people and screw them at the very least lets make his life legally miserable.

Anonymoussays:

Re: Re:

I’m waiting for people who had their names fraudulently used to file a class action “Right to be forgotten” lawsuit. Sure, there’s no US law regarding that, but as TD has reported, it hasn’t stopped others….

And at that point, where would TD fall on this? A government website is hosting known false information tying thousands of people to views they do not hold. Is it free speech? Fraud? Something else?

Anonymoussays:

You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.

You admit that Oliver flooded the system with specific urging, which is essentially same as other attempts to manipulate: artificial. Ginned up “grassroots” is ginned up, not “grassroots”.

You state those other attempts, and therefore state that the comments are tainted.

You keep whining that FCC ignores your own snowflake butthurt, because you’re highly important among millions. After all, you’ve been “prattling”, your word from profile, for decades now.

You keep insisting that the FCC ignore all “false” anti-neutrality comments, which is simply trying end-around to what you want, “neutrality”, though have never defined specifics that will definitely have desired effects without drawbacks. — You seem to want the Wild West phase to continue, or so I gather from your prattling. If wrong here, it’s your fault for not having bullet* points.

You don’t admit possibility that the FCC may not know, be able to determine, or may not care about cause of the comment flood: again, those comments are NOT binding!

NOW you’re ecstatic over start of drawn-out and quite likely failing attempt to pry out meaningless data, not even knowing if available or clear.

Last and best, you ignore that even if got ALL data including internal memos and other items available in the surveillance state, proved beyond doubt that Oliver caused the crash not some DDOS, and everyone in the FCC lied up and down about that fact, is STILL irrelevant for the decision, which is NOT based on comments, but entirely on other factors! No court will ever bother digging into it.

And then pushed out this text plunk in the middle of exactly NO important topics.

Going to be another Classic Techdirt day.


* I can only hope that 2nd Amendment-hating Stephen T Stone doesn’t assert that “bullet” is more hidden “dog whistle” code threatening violence!

Commenting at FCC is EXACTLY like my comments here, just a way to have feeling of input. But at least I know better! Enjoy your rant for itself, kids, but don’t expect any results! It’s just a mild vice, wasting time!

PaulTsays:

Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.

“Going to be another Classic Techdirt day.”

Nah, I’m bored now, work week’s over and I’m off to the pub in the sun. If you weren’t so familiar, I’d say you got started waaay before me, but sadly I know your poor state of mental health.

Ninjasays:

Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.

And yet it’s amusing how he keeps feeding on those Classic Techdirt Days he hates so much.

There are many places in the internet that I could criticize like the trolls here but I simply don’t bother because it won’t be constructive commentary. I still read them because it’s good to be in touch with different points of view even when you know they are flawed. But seriously, if I ever bother to write my critic it will have plenty of evidence and explaining in it, not factless rants like this one.

Re: Re: Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.

it’s good to be in touch with different points of view even when you know they are flawed.

Yes, but you’re not getting any more "in touch" with those different points of view the 700th time the same guy expresses them in the same way than the 699th.

Ninjasays:

Re: Re: Re:2 Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.

True, and that’s why I don’t read daily like an obsessive maniac like this troll.

Re: Re: Re:3 Re: Re: Re: Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't three lullabies in an ancient tongue for the Court of the Crimson King.

I do read daily (or, usually, 5 days a week); I like most of the articles, and there’s good discussion in the comments, aside from the trolls repeating the same nonsense ad nauseam. I probably do spend too much time here, but I’ve increased the overall quality of the experience by blocking the anons.

Ninjasays:

Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.

“You admit that Oliver flooded the system with specific urging, which is essentially same as other attempts to manipulate: artificial.”

So a bot posting automated fraudulent comments is the same as Oliver airing a very informative piece leading to his viewers actively commenting not even using boilerplate text. Right.

Your comment is full of defeatism. I feel sad for you. Sure a ton of comments may pale in terms of ‘power’ compared to the fat paychecks he was promised or is already receiving but at the very least they show there is plenty of opposition and this can be used in other channels. It’s a good thing that most people still fight instead of declaring defeat like you do. That’s wht helped repeal SOPA for instance. And there are plenty of examples of where even the smallest activism being effective when reaching critical mass.

And it has its regular dose of bullshit. The definition of NN is pretty clear. You just don’t like it. Among others I won’t bother to address.

“** Commenting at FCC is EXACTLY like my comments here, just a way to have feeling of input. But at least I know better! Enjoy your rant for itself, kids, but don’t expect any results! It’s just a mild vice, wasting time!”

Then please employ your defeatism to this as well and go away, you are annoying.

Anonymoussays:

Re: Re: You've been told that those comments are in no degree or way binding on the FCC: you are NOT voting, the numbers aren't actually important.

There’s a guy round here that likes to eat paint. I think you two would really get along. You could go out for a Ttianium White milkshake, get to know each other. Maybe fall in love,and have a couple of children with an odd number of chromosomes. Finally find the happiness you seek in his pale anemic arms.

Joel Coehoornsays:

Doesn't Help FCC's Narrative

The funny thing is, even if the DDoS attacks were real, it doesn’t help the FFC’s narrative at all.

If the attacks were real, what that would really signify is that a malicious and well-funded interest saw the John Oliver piece, and was afraid that real people might make their voice heard following his segment.

In other words, the best case for the FCC is to take this as admission that someone is trying to manipulate the normal democratic process in favor of the telcos.

Mike Shoresays:

“These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”

Ok then. Release the stats for how many comments were filed leading up to and during the attack. If it’s a flat line, then the claim of a DDOS attack sounds slightly more believable. If there was a steady increase, chances are it was the flood of comments that took the system offline.

Anonymoussays:

Re: Re:

Some are trying to be polite by not publicly calling names and instead just pointing out the inconsistencies and letting people draw their own very obvious conclusions. Of course, if the shoe were were on the other foot you can bet things would be quite different with all sorts of accusations and name calling even if the evidence showed otherwise.

Lifesays:

FCC's goin slow?

Here’s the funny thing,

I NEVER WANTED THE FCC TO CONTROL THE INTERNET. EVER.
I CONSISTENTLY SAID THIS.

POWER AND FREQUENCY mismanaged the day they ripped up their original mission statement.

NETWORK mismanaged the day they stole authority. (sic)

YOU ALL LOVE THIS.
YOU ALL SAID YOU WANTED IT.

YOUR GOING TO HALT WORK TO STOP IT? NATIONAL STRIKE? NO? then shut up.

Chipsays:

Re: I TOLD YOU SO!!!

I TOLD YOU SO that I wanted to not the Department of Transportation to control the Distribution of Paint Chips!

The Department of Transportation is regulation Pain chips! because it regulates ROads and you use Roads to get Paint Chips. Just “like” how the FCC “controls” th e Internet by controlling the isps!!! Because of you “Control” a “thing” that is used to get to a different Thing, then you are controlling the Thing! It’s So Simple! Don’t you Sycophantic “idiots” understand how very Simple the things I say are! They make “sense”! So much sense!

Because I am so very “smart”. You can tell that I am Smart becaus I spend so much time saying I am Smart, which is what “smart” people do.

Every Nation eatst the Paint chips it Deserves!

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow