UPDATED 12:32 EDT / JUNE 27 2011

CloudFlare Speaks Up on Censorship and LulzSec

cloudflare-lulzsec During their criminal hacking rampage, the hacker celebrity group LulzSec ran a webpage to house links to torrents, Pastebin posts, and the distribution of their ill-gotten booty. To protect this webpage from other hackers and attempts to take it down, they signed it up for the cloud-based web performance and security network service CloudFlare.

For the regular Internet plebian, the basic services of CloudFlare are free—and subscriptions start at $20/mo for the professional package—and act to save bandwidth to hosting providers and speed up load times by caching the website throughout the Internet. Also as a result, the service can keep a webpage available even during the midst of a DDoS or a crash at their hosting provider.

Shortly after LulzSec posted their first leaks from the Sony hacks, CloudFlare started getting requests to remove Lulzsecurity.com from their registration,

To some extent, these requests were borne out of confusion. CloudFlare is a network provider, most closely akin to an ISP, not a hosting provider. Thousands of websites sign up for CloudFlare every day in order to be, on average, twice as fast and be protected from a number of security threats ranging from comment spam to DDoS attacks. Because of the nature of our service, unlike a hosting provider, if we had removed LulzSecurity.com or any other website from CloudFlare it would not have removed the content from the Internet. As I noted to several reporters who asked me, the only difference would have been the site wouldn’t have loaded as fast.

Matthew Prince, the author of the blog post, notes that CloudFlare is not only not in the censorship business, but ceasing the service to Lulzsecurity.com wouldn’t even have censored them. Furthermore, while it seems at first glance that CloudFlare obfuscates the terminal IP address of a website (making it difficult to determine the location of the server) the service isn’t under any obligation to keep it a secret and a legitimate e-mail to their abuse@ address would have probably led them to reveal it.

“CloudFlare is firm in our belief that our role is not that of Internet censor. There are tens of thousands of websites currently using CloudFlare’s network,” Prince said on the matter of censorship and law. “Some of them contain information I find troubling. Such is the nature of a free and open network and, as an organization that aims to make the whole Internet faster and safer, such inherently will be our ongoing struggle.”

He went on, “While we will respect the laws of the jurisdictions in which we operate, we do not believe it is our decision to determine what content may and may not be published.”

The real interesting crux of this matter, however, is also in CloudFlare’s security angle, which is much like that of Akamai Networks. As a large, highly distributed content network they’re receiving a lot of data from numerous endpoints about traffic, attacks, throughput, and data flow dynamics.

Realtime Big Data Analytics Could Rescue Even the Little Guys from Internet Threats

“As hackers tried to take down LulzSec, CloudFlare recorded all the patterns of the attacks. In the last 3 weeks, we’ve generated more than 1 million new rules to better mitigate threats targeted at our users. Those rules were propagated in realtime to benefit the whole CloudFlare community,” writes Prince. “We’ve written about this benefit previously and it was truly awesome to watch as the system rapidly got smarter and smarter as more attacks were launched. While we will never stop every attack, we will also never stop learning.”

There are some very real implications for the use of Big Data analysis here. With highly distributed networks like Akamai, Level 3, and CloudFlare there’s also a lot of data flowing in to be examined, parsed, and re-deployed to the stations around the globe for use. Having become the targets of numerous attacks, CloudFlare found themselves in the position of having a lot of data to use to enhance their entire network.

As a result, they have increased their knowledge of the disposition of probably several DDoS botnets (generally highly amorphous networks of zombie computers) and may be able to recognize their fingerprints in the future. As a result, they can shift visitors away from the likely targets of the DDoS—which would be slowed to a content crawl—to the much faster ones.

Enterprise customers would find this an extremely compelling reason to sign up for a service such as CloudFlare.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU