12th

Blacklisted

May 2011

By

Updated, see bottom of post.

Information Dissemination, my home blog, is currently unavailable due to “maintenance” according to Google. From what I understand by this report, every Blogger blog is currently unavailable. According to news reports, this is related to a bug in code migrated last night – which did happen because I was awake at the time and remember getting locked out.

I have filed a complaint with Blogger asking a few questions, which reveals why the discussion is appropriate for the USNI Blog.

USCYBERCOM Blacklisted Blogger Today?

Blog Address: www.informationdissemination.net
Browser(s) Name/Version (ex: Firefox 4, Internet Explorer 8): Firefox 4
Geographical Location (ex: San Francisco / USA): USA
Long description of problem:

I write a milblog hosted on a blogger server. At approximately 3:00pm today USCYBERCOM blacklisted Blogger. At approximately 6:00pm today, my Blogger website went offline.

According to one base operator, “The DNS Site that hosts your domain name is more likely being blocked because of posting malicious traffic or higher level security reasons by advisory of DoD [CYBERCOM/NCDOC].”

The Washington Post is reporting tonight a website for Chinese dissidents hosted by Blogger was claimed to have been hacked by the Chinese government.

So a Blogger website was hacked, all of Blogger is being blacklisted by the Department of Defense for “higher level security reasons,” and now Blogger is down for “maintenance?”

Would appreciate clarification why USCYBERCOM has blacklisted all of Blogger for security reasons. This isn’t good for either of our business.

– Raymond Pritchett

I believe Google when they say Blogger is down due to maintenance problems, and believe what is happening in regard to my lack of blog administrative access tonight is purely coincidence.

What I do not understand is why USCYBERCOM would blacklist all of Blogger, not only blogspot.com but any website running on a blogger host, for no other apparent reason than one Chinese dissident website was hacked. Is USCYBERCOM really so paranoid that if the Chinese government hacks a single website, USCYBERCOM will figuratively cyber nuke access to an entire cloud? If that turns out to be true, the Chinese appear to be deep inside our OODA loop at US Strategic Command, and speaking as a US citizen, I find the DoDs cybernuke reaction quite embarrassing.

Did USCYBERCOM make a mistake when blacklisting all Blogger hosted websites, or was it intentional?

Did USCYBERCOM inform Google of the security problem that led to Blogger being blacklisted? We aren’t talking about some mom and pop hosting shop, this is Google.

I understand and respect the role and responsibility of USCYBERCOM is to defend Department of Defense computer systems from security threats, but I am a little troubled that the DoD would blacklist millions of websites on the internet in what appears to be in response to the Chinese government reportedly hacking a single website on a Google server.

To me, that would seem to be an excessive overreaction by USCYBERCOM.

Update: Some are noting Blogger had a backup restore last night resulting in loss of data. That is a Blogger issue, and has nothing to do with DoD access blocks.

I am hearing that several DoD locations that could not reach Blogger last night can this morning, and the problem was related to a bug in a web content filter policy update for some specific software. That is good to know, if true. It is unclear why USCYBERCOM would be associated with the issue in requests last night, although it may be that as a DoD networks policy shop the organization issues the specific software update alerts, and that somehow added confusion.

I think the bug highlights the dangers of overarching government security on the internet. In this case, a bug in a normal, everyday automatic operation in otherwise stable software made a huge configuration change, and the result was the blocking millions of website. Blogger is social media, not exactly a major economic engine, but the danger comes should a bug accidentally block access to say – the Amazon cloud – for example.

It reminds me of the government internet killswitch debate. It is hard to believe that a network as resilient as the internet would have less risk if there existed a mechanism that completely disrupted the resiliency of the internet. Is the economic risk to the internet higher or lower with a government controlled killswitch, or single point of failure, depending upon how one looks at it?

In many ways I see the challenges of securing networks much like the challenges of security from terrorism, and by that I mean that the solution lies in active and passive defenses, selective offensives, but most critically – resiliency to disruption. It is unfortunate that the resiliency piece does not appear to have the most influence in security policy decisions at the political level.




Posted by galrahn in Uncategorized


You can leave a response, or trackback from your own site.

  • Nicky Chaleunphone

    That’s why I switched from blogger to WordPress. WordPress is way better than blogger and WordPress is a step up from Blogger.

  • Colin

    My admin access for a site that google hosts but I have migrated to its own domain is also down. I am guessing it is global.

  • UltimaRatioReg

    All sorts of troubles with Salamander’s blog for a while last night, too.

    USCYBERCOM and its far-reaching authority needs much closer scrutiny than it has gotten. Was disturbed by DCJCS General Cartwright’s comments a couple of years ago at USNI/AFCEA West, and have been equally disturbed by what DoD has perceived as its legal jurisdiction and reach on many occasions before and since.

    Salamander summed up the concerns with General Cartwright’s speech in 2010 very effectively:

    http://blog.usni.org/2010/02/03/gen-cartwright-meet-ben-franklin/

  • UltimaRatioReg

    Update- It would seem that Salamander’s Diversity Thursday post from yesterday has been wiped away.

    So when does “threat from China” become “threat from ideas DoD does not agree with”?

    Just askin’…

  • Grandpa Bluewater

    As of Friday AM, it looks like it is still wednesday for a lot of places. Purely as speculation, it would appear that someone tread on someone’s toe.

    Who is it who is working off the the motto: “Don’t you dare think, speak, or write.”? If anyone is.

    Maybe Skynet isn’t going to happen because Cybercomnet became self aware on Thursday.

    Going dark. Ciao, you’all.

  • Galrahn

    The issues with blogger posts are related to problems specific to blogger, not USCYBERCOM.

    Based on various bits of data collected, the issue appears inconsistent across different DoD installations, suggesting it may be an issue related to one specific type of web content filter software (I am guessing).

    The way government security software can take a sledgehammer to a toothpick solution is why it is vitally important to keep government out of private sector internet security. Such a system that includes a killswitch, for example, could accidentally cause serious economic damage due to disruption far greater than risks assumed without such overriding government security capacity.

  • UltimaRatioReg

    “The way government security software can take a sledgehammer to a toothpick solution is why it is vitally important to keep government out of private sector internet security. Such a system that includes a killswitch, for example, could accidentally cause serious economic damage due to disruption far greater than risks assumed without such overriding government security capacity.”

    Would you mind yelling that until your voice gives out? The private sector would be very appreciative.

  • http://fredfryinternational.blogspot.com/ Fred Fry

    The latest:

    Friday, May 13, 2011

    We’ve started restoring the posts that were temporarily
    removed and expect Blogger to be back to normal soon.

    Posted by at 06:07 PDT

    I still do not have access to my blog to post, but it is up.

  • http://assolutatranquillita.blogspot.com/ brat

    My site is also down. Last posts visible are Wednesday..but am posting elsewhere – not Blogger…..lol

  • Eagle1

    Many and strange are the ways of the internets.

    In the meantime, I should be storing up deeply meaningful real posts instead of sitting here frustrated because “BlogThis!” is down. Notice the word “should.”

  • SJBill

    G,

    Every Blogger hosted webblog I know was still running this AM, but all posts were dated to Wednesday, 11 May. Some were hometown blogs and even a recipe site for Celiacs.

    r/
    -SJBill sends

  • http://christiaanconover.com Christiaan Conover

    If this was another one of the goverment’s domain seizure screw-ups (they seem to make a mess every time they do it) then that’s why every Blogger site was down. Due to the way DNS is structured, it’s not feasible for the government to take down only certain subdomains (example1.blogspot.com, example2.blogspot.com, etc.) without going to the service provider – in this case, Google. They can however take down an entire domain by going to the registrar and requesting service be interrupted. That affects not only the domain (blogger.com, blogspot.com) but every subdomain attached to it. That’s why every blog would be down if they pulled this crap.

    This just goes to show that cyber warfare and cybersecurity is nothing like traditional warfare and security. It’s a whole new system and way of thinking about things, and there are too many instances of old logic being applied to new methods.

  • GIMP

    An internet kill switch is the quickest way to turn a resilient network into a single point of failure network. We create our own IA vulnerabilities across DoD, then go after them with a sledgehammer.

    Purpose built non-networked mission computers have done remarkable things with ridiculously meager memory, storage, and speed. General purpose networked computers across platforms create more problems than they are worth. In the desire to remove all uncertainty from the decision making process, we have created vulnerability across every network with negative consequences that far outweigh the increased situational awareness we get from our networks. We build networks to reduce uncertainty to allow people who can’t make decisions without perfect knowledge to actually make decisions. In so doing we create vulnerabilities we have to continuously jump through hoops to counter.

    Self licking ice cream cone meet network centric warfare.

  • Grandpa Bluewater

    Gimp:

    Captain Adama apparently agreed.

    Fortunately, it appears John Conner (or perhaps his missus) sent a thumb drive back thru time with a counter worm, which succeeded, so everything is all better now.

    The rebbolooshun in milertary ayfairs promises safety in total situational awareness, thereby wiping away the fog of war. The non success of that silly notion is best illustrated by the expression on the President’s and the Secretary of State’s faces in the war basement photograph taken during the Bin Ladin take down (go Navy, BZ Seals…couldn’t resist).

    John Conner’s Mama, Sarah Conner, had the money quote: “There is no safe place”. Good thing Osama wasn’t any sci-fi fan, and therefore not steeped fully in the classics.

  • Andres Schmand

    Wow, cant wait till next chapter, where Itachi and Sasuke fight together :)And, what happened to the last prediction?

2014 Information Domination Essay Contest
7ads6x98y