Was 4chan block about censorship, security or net neutrality?

Was 4chan block about censorship, security or net neutrality?

Summary: For cloud computing to succeed we need national and international policies that define when companies can act, and how they can act, so those who are acted upon have legal recourse.

SHARE:

AT&T insists its temporary block of 4chan was about security, that the site was hosting a Dedicated Denial of Service (DDoS) attack aimed at one of its customers.

Others aren't so sure.

The Inquisitor calls it censorship. Writers at The Daily Kos call it an attack on net neutrality and predict it will backfire before the FCC.

Tristan Louis combines it with the Kindle "1984" erasure and Apple's control of iPhone apps, writing "a dark cloud" puts all technology trends into question.

It's clear this is not a one-off. It is part of a growing trend, corporate attempts to enforce law remotely against property people consider their own.

This is especially relevant as we move into an era of cloud computing, where resources we consider our property are, in fact, dependent upon computing environments owned by others.

It doesn't matter in this case whether the software in question is open source or closed source. What matters is the remote control of that software exercised by a service vendor, and the legitimacy of that control.

Can people trust clouds, or devices dependent upon clouds, if cloud owners act as judge, jury and executioner, zapping what we consider our own? Wouldn't a book be more ours, or a simpler, voice-only phone? Should we perhaps only use modems to reach the Internet, and shut the connection when we're not behind the keyboard?

In the case of 4chan, AT&T's story is fishy. DDoS attacks come from botnets, not specific sites. While sites may control botnets, and users may launch botnet attacks from sites, those are almost always throwaway URLs today, not popular, well-known sites like 4chan.

Moreover if 4chan were hosting malware then all security professionals should have been made aware of it, and the block should have been universal, backed perhaps by a government warrant.

Corporations are individuals under U.S. law, and subject to legal authority, but they are not law itself. They are not law enforcement agencies. They should not act as such without clear legal authority.

For cloud computing to succeed we need national and international policies that define when companies can act, and how they can act, so those who are acted upon have legal recourse.

Private law enforcement without legal recourse just won't cut it.  The opposite of government is not freedom, but anarchy.

Topics: Government US, Browser, Government, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

20 comments
Log in or register to join the discussion
  • tens of thousands of DoS attacks are blocked every day

    Dana, you need to get your facts straight. DailyKos isn't exactly an authority figure on
    this and he even admitted to jumping the gun on
    the story like so many other people.

    The owner of 4chan admitted that their
    equipment unfortuantely attacked AT&T
    customers. Because 4chan failed to lock down
    their own equipment, and because 4chan is notorious for organizing DoS attacks against
    other websites which makes them a top site for
    retribution, 4chan caused harm to AT&T
    customers. Yet when AT&T does their job to
    protect the network from 4chan, you glorify the
    villain 4chan as the hero against censorship.

    There are tens of thousands of DoS attacks
    whose IP addresses are blocked every day by
    ISPs and not a peep from anyone. Millions of
    emails are blocked by ISPs every day. Is that
    censorship too Dana? Are you proposing a whole
    new government agency to inspect every piece of
    spam to verify that censorship wasn't
    committed? Let's get real Dana.
    georgeou
    • 4Chan wasn't the source

      [i]The owner of 4chan admitted that their
      equipment unfortuantely attacked AT&T
      customers. Because 4chan failed to lock down
      their own equipment, and because 4chan is notorious for organizing DoS attacks against
      other websites which makes them a top site for
      retribution, 4chan caused harm to AT&T
      customers. Yet when AT&T does their job to
      protect the network from 4chan, you glorify the
      villain 4chan as the hero against censorship.[/i]

      You're implying that 4Chan's network was the source of the DDoS attack. While they're not saints, in this case it was their security appliance which was responding to what was forged source addresses of the DDoS traffic. That was the appliance's default behavior, which 4Chan later rectified. Chris Poole said he believed it was the overreaction of a single engineer at AT&T that led to the blocking of 4Chan's entire address space. He also contended that the amount of traffic "was a few megabits", not the hundreds of megabits per second you're implying.

      Based on that revelation (since the "source" of the DDoS response traffic was a single or a small pool of addresses), I'd say that AT&T over-reacted. It looks like, in this case, 4Chan was only guilty of not fully testing the implementation of the security appliance(s?).

      Similar to the case about 25 years ago when an AT&T SS7 node "flooded" other nodes in the telephone network, bringing down voice service to the D/FW metro area. It was a mis-configuration in its routing code. The end result was the flooding of the control channel, paralyzing the network. Something similar happened later on the East Coast. In both cases, the network over-reacted (automatically, in this case).
      NetArch.
      • Not implying, I'm telling you what happened

        I'm not implying, I'm telling you 4chan was attacking other networks including AT&T. The mere fact that it was ACCIDENTAL doesn't change a thing just like if 4chan was hacked and spewing malware, Google search is going to censor the whole site with a very scary warning about viruses.

        It doesn't matter if 4chan was acting as the attack proxy. It is their equipment which they failed to secure which reflected a DoS attack. If you fail to lock down your DNS or SMTP mail server and you're spewing DNS attacks or spam, you're going to be blacklisted and blocked. Stupidity and incompetence is not a free pass.

        Lastly, the reason 4chan was being attacked is because they make it a sport to organize and attack other websites.
        georgeou
        • George Ou - ALWAYS Standing Up For The Big Guys Who Sign His Checks!

          And we're to trust you WHY, Ballmer's Biggest Fanboi...?
          drprodny
      • RE: Was 4chan block about censorship, security or net neutrality?

        They are not law enforcement agencies. They should not act as such without clear legal authority.<a href="http://ipadbagblog.com/"><font color="LightGrey"> k</font></a>
        zakkiromi
  • Here's what really happened

    http://www.digitalsociety.org/isps-have-a-duty-to-block-
    malicious-traffic/
    georgeou
  • I'm not implying, I'm telling you 4chan was attacking other networks

    I'm not implying, I'm telling you 4chan was attacking other networks including AT&T. The mere fact that it was ACCIDENTAL doesn't change a thing just like if 4chan was hacked and spewing malware, Google search is going to censor the whole site with a very scary warning about viruses.

    It doesn't matter if 4chan was acting as the attack proxy. It is their equipment which they failed to secure which reflected a DoS attack. If you fail to lock down your DNS or SMTP mail server and you're spewing DNS attacks or spam, you're going to be blacklisted and blocked. Stupidity and incompetence is not a free pass.

    Lastly, the reason 4chan was being attacked is because they make it a sport to organize and attack other websites.
    georgeou
    • George Ou

      All: George is a former ZDNet blogger who now works at DigitalSociety, a site dedicated to security and "making it everyone's priority."

      You can find his own feature on the 4chan controversy at http://www.digitalsociety.org/isps-have-a-duty-to-block-malicious-traffic/.

      Thanks for all your help in the past and present George. And keep up your good work in the future. As I said in my e-mail, you are missed here at ZDNet.
      DanaBlankenhorn
      • No, He's Not, Dana

        He's a self-righteous M$FT and anti-OSS scumbag - and good riddance to him!
        drprodny
    • Interesting That You Mention Google's Domain Crippling Service

      I especially like the way they'll block access to an ENTIRE DOMAIN, including access to pictures, and other file formats that aren't capable of even distributing malware, when it is only a *SINGLE* HTML page that's infected with something.

      What's even better of course is when you're the owner of the domain, you have well over 22,000 HTML files and the only information you can get out of Google is "we blocked your site for suspicious activity". I mean, they don't even tell you *WHERE* the "suspicious activity" is coming from. So then you're forced to manually check through THOUSANDS of fawckin HTML files trying to find the damn script that's tripping off their domain crippling service.

      I would have sued them myself over it when they did it to my domain, was going to actually, but then we settled out of court over the matter for a small sum of money...in hindsight, I probably should have asked for moar. I'm sure it won't take too much longer though before they piss off somebody who can't be bought, at that point their stock is gonna take a real good nose dive.
      Onideus_Mad_Hatter
  • No, It's AT&T SUCKING

    End of story. I don't even have to post facts because it's true.
    itanalyst2@...
  • Someone needs to post a list of the other ISPs

    That blocked 4chan.org during these DoS attacks. If there were in fact other ISPs that blocked it, I'd venture to say, the censorship claim is bogus and this should be dropped at the least. If 4chan.org is truely known for active support of this type of thing on the net, perhapse they should be looked into a bit more cloesly by law enforcement. Vandalism for entertainment is still a crime.

    On the issue of the actual story, this incident points out why cloud computing (at least based on interent connection) will never be accepted by IT organizations within large organizations (or any entity with a lick of sense). Passing laws to make it appear the internet has some garanteed QoS is laughable.
    DCMann
    • See this story here

      http://www.digitalsociety.org/isps-have-a-duty-to-block-malicious-traffic/

      It's been known since Sunday that other ISPs were blocking too. Unwired was one of them.
      http://www.merit.edu/mail.archives/nanog/msg19609.html
      georgeou
      • I'll put you down for security then...

        As opposed to it being about censorship or net
        neutrality.
        DanaBlankenhorn
        • I hate censorship as much as the next guy, but DoS is the ultimate form of

          I hate censorship as much as the next guy, but
          DoS is the ultimate form of censorship.
          Remember that 4chan formally organizes DoS
          attacks to censor other websites they don't
          agree with such as Scientology. Other websites
          in return try to censor 4chan back with DoS
          attacks which harms other companies who use the
          same hosting service as 4chan. 4chan's
          negligence in locking down their equipment also
          censored other websites on other networks
          through DoS attacks.

          So you can't think of this as censorship
          against 4chan because AT&T and the other ISPs
          were trying to prevent 4chan from censoring
          others on the Internet. 4chan is the
          perpetrator of censorship you you're confusing
          them for the victim.
          georgeou
  • It's about Basic Common sense - check out the link to George's article

    It's about Basic Common sense

    I checked out the link to George's article- big eye opener

    If you run a site like 4chan..
    If you do the sorts of things that they do...
    the sort's of things you don't write home about...
    - on the Internet - on a Public site- or a public place
    ( I guess there-in lies the controversy for some)

    Then you have to accept the one basic rule
    They are no rules
    - and what happens to you is your own stupid fault

    For the rest of us who want to engage in the world
    with out the smelly drunks wondering in and
    slobbering all over us at the cafe. library or newsdesk...

    Security and Censorship to date is the only way
    we have so far to keep the internet somewhat safe and neutral

    Unfortunately, these tools are also often misused
    - Oh well - we don't live in a perfect world
    daniel.pereznet
  • RE: Was 4chan block about censorship, security or net neutrality?

    I think its a companies right to do whatever they want
    with the information streaming through their severs.
    All this BS about lets MAKE a company do this or that
    REALLY pisses me off. Why don't we just skip ahead and
    tell all companies exactly how to operate.

    Just let a company do their thing and them rate them.
    (know them for false advertising *cough*Apple, I
    mean... er)
    its the publics resposibility to be, well,
    responsible. Give them the information about companies
    and let them decide. If they make a bad decision... so
    what... it happens, the price you pay for freedom.

    (forcing a company to not block any content is NOT
    freedom, calling it anti-censorship, letting the
    company be FREE to run it's business as it wishes,
    within anti-trust guidelines, and letting people
    choose the companies they want to associate with is
    freedom. YOU CAN'T RESTRICT SOMEONE AND CALL IT RIGHTS
    OR FREEDOM! If thats what you want go live in one of
    the many countries that already do.)

    Of course if their blocking of a cite violated a
    contract they may have had, well, then thats
    different.
    shadfurman
  • "You will never find a more wretched hive of scum and villany..."

    4Chan, Motherless, Anonib... need better internal policing, when that fails external forces should handle it. AT&T and other ISPs have potential liability risk allowing unfettered access to such sites, especially given the content and their history of hosting malware and/or links thereof.
    klockheed
    • Don't forget child pr0n on 4chan

      http://answers.yahoo.com/question/index?
      qid=20090128185112AAdcH0x
      georgeou
      • Not Exactly

        If it's being posted in parody, mockingly, or for any other reason that's not meant to be used in any sexual manner, nor intended for any sexual manner...then it's not actually child pornography. If it were, every major clothing and retail outlet in the United States would be guilty of peddling "child pornography". And no, the kid doesn't need to be naked for it to be pornographic. Problem is, the line is ~real~ fuzzy, to the point where innocent people all over are effectively having their lives all ripped apart, mostly because some jackasses don't have enough sense to know when to back off and admit that they were wrong in their accusations. And then on the flip side, we don't do enough in this country to track and prevent "repeat offenders". The rate of which is just insanely fawcking high for those who raped/molested a child. But then of course we wind up skewing those statistic every time we go after an innocent person, or when some 18 year old kid winds up labeled as a "sex offender" cause he knocked up some fully willing 17 year old and then her parents found out about it.

        On 4chan, at least as far as I've seen, it's only DRAWINGS and art of pedophilia that have been posted, and pretty much all of it is done in the "Rule 34" arena, where they're basically using them as "shock images", not to get off on them, but for the comedy of using them to upset the "norms" and "mundanes". And I'm sorry, but DRAWINGS of pedophilia will *NEVER* be child pornography, at least not in the mind of any *SANE*, *REASONABLE* person.
        Onideus_Mad_Hatter