Feeds

Wikileaks taunts Pentagon with server mirrors in USA

Iraq War Logs hosted by...Amazon

Recommendations for simplifying OS migration

WikiLeaks is using US-based servers run by Amazon.com to mirror its controversial data stash, including the classified "Iraq War Logs" released on Friday afternoon, according to internet records.

Since at least Friday night, the famous whistle-blowing site has been hosting data on Amazon's AWS infrastructure cloud, both in the US and Ireland, records collected by UK research outfit NetCraft show. WikiLeaks is also mirroring servers with French service provider Octopuce, according to NetCraft.

WikiLeaks has long maintained its central servers in Sweden with "bulletproof" hosting outfit PRQ. WikiLeaks founder Julian Assange has said that the servers are kept in Sweden because the country provides legal protection for disclosures on the site. To further guard against takedowns, PRQ keeps almost no information about its clientele and maintains few if any of its own logs.

Recently, the Swedish Pirate Party said that it's also hosting servers for WikiLeaks, and according to one report, some WikiLeaks servers are now inside a Cold War–era nuclear bunker that was carved out of a rock hill in downtown Stockholm.

But on Friday, after WikiLeaks defied warnings from the Pentagon and released nearly 400,000 classified US military documents involving the Iraq War, NetCraft showed that the site was mirroring these and other documents in the US, Ireland, and France, countries that don't offer the sort of protection provided by Sweden.

Wikileaks on Amazon

According to Santa Clara University law professor and tech law blogger Eric Goldman, Amazon may not be legally required to remove the content, but he says the company could be persuaded to do so.

"[Federal law] 47 USC 230 protects Amazon from being liable for WikiLeaks' content in most circumstances. The only relevant exception is that 230 does not protect Amazon if republishing the content constitutes a federal crime. I'm uncertain what crimes could apply to the content publication," Goldman told The Reg.

"However, even if Amazon is insulated from liability, I suspect Amazon will choose to remove the content 'voluntarily' (motivated by a little persuasion from the government), presumably citing a breach of its terms of service as a pretext.

"A more 'ideological' web host would probably fight more vigorously for its users' publishing rights than Amazon will."

The US, Ireland, and France mirrors were first noticed by technology consultant Alex Norcliffe. It's unclear why WikiLeaks is mirroring its servers in such unprotected locations. The move could be part of an effort to accommodate the added traffic expected following the release of the Iraq documents, and the organization may be trying to decentralize its data stash. But it's surprising that the whistle-blowers would use servers based in such countries.

We've contacted WikiLeaks through email addresses it has used in the past, and it has not responded. Presumably, the site's content is still hosted on "bulletproof" servers in Sweden, but these no longer show up in NetCraft's records.

We've also contacted Amazon, and it has yet to respond. Nor has the US Department of Defense, which condemned the release of the Iraq War Logs. The US government has long said that releasing such documents will endanger the lives of soldiers and civilians alike. "We deplore WikiLeaks for inducing individuals to break the law, leak classified documents and then cavalierly share that secret information with the world, including our enemies," the Defense Department press secretary said in a statement on Friday.

Some have speculated that WikiLeaks is now running US-based mirrors as some sort of publicity stunt. "They are waiting for the US to shut down those servers so that they can say 'Oh, look at the information the US doesn’t want you to know!'" said one commenter on Norcliffe's blog.

Norcliffe is less sure. "WikiLeaks has set a confusing new precedent for its approach to hosting; in the past much has been made of its reputation for putting its servers in bunkers in Sweden for apparent legal protection, and yet for this launch the primary websites are being served in some cases from US datacenters.

"I can't believe this is incompetence on WikiLeaks' part, but whatever their reason it also seems unlikely a US company like Amazon won't be under pressure soon from US authorities."

As Norcliffe points out, WikiLeaks doesn't appear to be using a CDN for global caching which might have otherwise accounted for an accidental or automatic mirror, but instead seems to be using "round-robin DNS" resolution targeted at definitive IP addresses chosen by the organization. This method is used on WikiLeaks.org, and WarLogs.wikileaks.org gives you a random IP from France, Ireland, or the US.

As recently as October 10, NetCraft records showed PRQ as WikiLeaks' hosting providers. But now, the only providers returned by the research outfit are Amazon and Octopuce. ®

Boost IT visibility and business value

More from The Register

next story
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Speak your brains on SIGNAL-FREE mobile comms
Readers chat to the pair who flog the tech
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?