Feeds

Wikileaks taunts Pentagon with server mirrors in USA

Iraq War Logs hosted by...Amazon

Beginner's guide to SSL certificates

WikiLeaks is using US-based servers run by Amazon.com to mirror its controversial data stash, including the classified "Iraq War Logs" released on Friday afternoon, according to internet records.

Since at least Friday night, the famous whistle-blowing site has been hosting data on Amazon's AWS infrastructure cloud, both in the US and Ireland, records collected by UK research outfit NetCraft show. WikiLeaks is also mirroring servers with French service provider Octopuce, according to NetCraft.

WikiLeaks has long maintained its central servers in Sweden with "bulletproof" hosting outfit PRQ. WikiLeaks founder Julian Assange has said that the servers are kept in Sweden because the country provides legal protection for disclosures on the site. To further guard against takedowns, PRQ keeps almost no information about its clientele and maintains few if any of its own logs.

Recently, the Swedish Pirate Party said that it's also hosting servers for WikiLeaks, and according to one report, some WikiLeaks servers are now inside a Cold War–era nuclear bunker that was carved out of a rock hill in downtown Stockholm.

But on Friday, after WikiLeaks defied warnings from the Pentagon and released nearly 400,000 classified US military documents involving the Iraq War, NetCraft showed that the site was mirroring these and other documents in the US, Ireland, and France, countries that don't offer the sort of protection provided by Sweden.

Wikileaks on Amazon

According to Santa Clara University law professor and tech law blogger Eric Goldman, Amazon may not be legally required to remove the content, but he says the company could be persuaded to do so.

"[Federal law] 47 USC 230 protects Amazon from being liable for WikiLeaks' content in most circumstances. The only relevant exception is that 230 does not protect Amazon if republishing the content constitutes a federal crime. I'm uncertain what crimes could apply to the content publication," Goldman told The Reg.

"However, even if Amazon is insulated from liability, I suspect Amazon will choose to remove the content 'voluntarily' (motivated by a little persuasion from the government), presumably citing a breach of its terms of service as a pretext.

"A more 'ideological' web host would probably fight more vigorously for its users' publishing rights than Amazon will."

The US, Ireland, and France mirrors were first noticed by technology consultant Alex Norcliffe. It's unclear why WikiLeaks is mirroring its servers in such unprotected locations. The move could be part of an effort to accommodate the added traffic expected following the release of the Iraq documents, and the organization may be trying to decentralize its data stash. But it's surprising that the whistle-blowers would use servers based in such countries.

We've contacted WikiLeaks through email addresses it has used in the past, and it has not responded. Presumably, the site's content is still hosted on "bulletproof" servers in Sweden, but these no longer show up in NetCraft's records.

We've also contacted Amazon, and it has yet to respond. Nor has the US Department of Defense, which condemned the release of the Iraq War Logs. The US government has long said that releasing such documents will endanger the lives of soldiers and civilians alike. "We deplore WikiLeaks for inducing individuals to break the law, leak classified documents and then cavalierly share that secret information with the world, including our enemies," the Defense Department press secretary said in a statement on Friday.

Some have speculated that WikiLeaks is now running US-based mirrors as some sort of publicity stunt. "They are waiting for the US to shut down those servers so that they can say 'Oh, look at the information the US doesn’t want you to know!'" said one commenter on Norcliffe's blog.

Norcliffe is less sure. "WikiLeaks has set a confusing new precedent for its approach to hosting; in the past much has been made of its reputation for putting its servers in bunkers in Sweden for apparent legal protection, and yet for this launch the primary websites are being served in some cases from US datacenters.

"I can't believe this is incompetence on WikiLeaks' part, but whatever their reason it also seems unlikely a US company like Amazon won't be under pressure soon from US authorities."

As Norcliffe points out, WikiLeaks doesn't appear to be using a CDN for global caching which might have otherwise accounted for an accidental or automatic mirror, but instead seems to be using "round-robin DNS" resolution targeted at definitive IP addresses chosen by the organization. This method is used on WikiLeaks.org, and WarLogs.wikileaks.org gives you a random IP from France, Ireland, or the US.

As recently as October 10, NetCraft records showed PRQ as WikiLeaks' hosting providers. But now, the only providers returned by the research outfit are Amazon and Octopuce. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.