What Does WikiLeaks Mean For Cloud Service Providers?
While MSPmentor has been watching the convergence of managed services and cloud computing, the rest of the world has been watching the news unfold around controversial governmental whistle-blowing website WikiLeaks and their recent ejection from Amazon EC2 following a string of DDOS attacks. But the two concepts meet in a short, but thoughtful, essay by Parallels’ Joshua Beil on what the WikiLeaks story means for cloud and hosted service providers. Here are some highlights.
A quick, simplified recap for those not in the know: WikiLeaks is a site headed by one Julian Assange which recently made headlines across the globe when it released the text of cables that revealed more about United States diplomats than the federal government would have anyone know.
Afterwards, WikiLeaks was the target of distributed denial-of-service (DDOS) attacks that prompted them to move their hosting to the Amazon EC2 cloud. But it wasn’t to last more than 24 hours – on Wednesday, Amazon ejected WikiLeaks from its service under pressure from the US government.
That’s where Parallels Director of Market Strategy and Research Joshua Beil comes in. In his blog post, he points out that Amazon Web Services didn’t actively solicit WikiLeaks.org as a client, and since they only provide infrastructure, they had no way of knowing that they were sitting on such a powderkeg. So is it fair for the feds to put that kind of pressure on Amazon?
Beil wraps up his blog post with three very salient questions for cloud service providers to ask themselves, even as new ethical trails are being forged in cloud computing:
- As a service provider, what would you do if today you discovered you were hosting Wikileaks.org?
- How should you respond when the Feds come knocking on any grounds?
- Is it your patriotic duty to comply or your foremost duty to protect customers that aren’t explicitly breaking the law?
MSPmentor isn’t offering any answers to what’s clearly a sticky situation that’s going to take teams of lawyers to unravel. But as the industry moves towards the cloud, these are the kinds of questions MSPs are going to have to ask themselves – though hopefully, they won’t find themselves with a client that’s as much a target as Assange and WikiLeaks are right now.
Sign up for MSPmentor’s Weekly Enewsletter, Webcasts and Resource Center. Follow us via RSS, Facebook, Identi.ca and Twitter. Check out more MSP voices at www.MSPtweet.com. Read our editorial disclosure here.
You are raising really important questions here. Some kind of “Has your hoster balls” ranking with the history of “shut down” would be interesting. Its the same for a company with moving from own hosted to a facebook fanpage. You are then in their hands and have an additional layer where “authorities” of any kind have another possibility to “unplug the switch”.
Robert: You make an excellent point – there’s always a danger when you let anyone else handle your information, no matter who it is. But in today’s market, it seems like a necessary evil.
As someone who has followed the wikileaks story in the past this is very interesting and thought provoking article and now I will be up late pondering Beil’s questions :p. Weren’t they at one point hosting the website from somewhere in Sweden? Anyone know how they ended up in Amazon’s cloud in the first place?
A very interesting question, although in the case of Wikileaks (which appears to be nothing more than a well orchastrated psychological operation – let’s face it all the leaks fall into one of two categories – 1. They support American foreign policy 2. It is already known information.
@Paul, in order to (successfully) ward off the DDoS attack, Wikileaks moved to a cloud hosting model. Not sure why they chose Amazon over Microsoft or Rackspace or Softlayer, but the move itself was likely done through the AWS control panel in a matter of minutes.
Of note, I tracerouted Wikileaks the morning of 12-1, before they’d been dropped by Amazon, confirming the site was on AWS (http://twitpic.com/3chyra). However, it’s worth noting that the “edge1” suggests it was hitting a CDN cache, Amazon’s CloudFront, which can pull from S3 storage or could pull from any origin server. So Amazon may not have been hosting the origin storage but a cache is still “hosting” any way you slice it.
So 2 updates. First, this morning the domain registration for wikileaks.org was dropped by it’s registrar and Wikileaks moved to http://www.wikileaks.ch. Second, not sure if you saw this story about the Immigrations and Customs Enforcement division of the Department of Homeland Security seized approximately 77 domains for copyright infringement, but you’d think the same action would have been taken against Wikileaks a while ago…
I concede: When Matt first pitched this blog idea to me I wasn’t so sure he could connect the dots between WikiLeaks and the potential implications for MSPs and hosting partners. But Matt certainly was on the mark with this entry…
-jp