Berkman event on DDOS for independent media and human rights orgs
At the Berkman Center for Internet and Society, about 40 people attended from independent media, human rights orgs, top level Facebook, Akamai, Team Cymru, etc reps. I was there because of my association with equalit.ie.
Berkman is conducting democracy projects in Nigeria and Russia. Russia is an interesting case because there's no censorship/filtering.
Chris Seguion spoke about modern ISP level security. Apparently ISPs bill for police requests, some include client IP address in webmail.
An approach was suggested to "sell" security to the public/policy makers by framing it as identity theft rather than human rights
Usually filtering is politically rather than technically managed, so there tend to be many holes in the approach.
Apparently most small organization's greatest problem isn't massive DDOS, but rather services that aren't set up to withstand even modest attacks. For example, a search function that ties a server up. Interestingly their main suggestion is that small organizations host on services like Blogger, but I can see many problems with that approach, among them sovereign legal issues, a collapsing of services and available hosting, a reduction in those included in detailed support, along with the simple corporate realities that they may just cut organizations off that are too much trouble.
Akamai's suggestions were somewhat strange, saying that it's best just to shut a host down during an extreme attack. But these may be the times when their message most needs to be spread.
Setting up on cloud servers like EC2 is an option to allow scaling up, but costs can quickly go through the roof.
One individual adamantly insisted if an organization doesn't have the technical prowess or money to do things properly, they don't deserve to be online. I think he was missing the point. Berkman suggested an insurance like approach, where many organizations pool at $10, $100, $1000 price points, but I can still see many problems for an individual organization that needs individual support or custom services.
I did like their idea of a fallback to a minimized hosted service in the event of attack, but this still calls for technical support that can pay attention to individual needs. And in fact my feeling overall was the idea of content was somewhat outdated, based on 15 year old blogging and news sites. Today people cutting and pasting stories on Facebook or mailing lists may be as important as a "content distribution network" for the organization's purposes, and comments have turned into conversations. These means need to be promoted as well as protected, since there are many inadvertent security risks to a third party widget services that recognize your login when you visit a commodity site.
Blikied on June 11, 2010
Your comments would be appreciated, click on the Discussion tab or add them here.