Why LulzSec Was Un-Hackable, And Why That's A Good Thing

from the neutrality,-naturally dept

UPDATE: As several people have pointed out, the news broke that several LulzSec members were arrested this morning, and that the leader of the group had been working as an FBI informant. We'll have more commentary on this later.

The question of service provider neutrality is central to every debate about internet policy. From PayPal cutting off Wikileaks to Twitter pushing back against the feds to the new Righthaven's "spineful" hosting, the responsibility of companies to neutrally protect their customers is a contentious topic.

New Scientist has an interview with Matthew Prince, the CEO of CloudFlare, a network security/performance service for websites. One of their recent high-profile customers was LulzSec, the controversial hacker group that executed a string of takedowns and data breaches last year, but whose own website proved impervious to constant hacking attempts because of CloudFlare. Prince talks about their decision to treat LulzSec the same as any other client:

Internally, we had a debate about the right thing to do. It's important to note that because of the way CloudFlare works, no hacking activity was launched from our network – it was simply a matter of publishing information. So hacking happened in other places and then when they published the information about their exploits it would pass through the CloudFlare network.

So in that sense we're more akin to network provider than a hosting provider. If we were to terminate Lulz Security as a client that wouldn't make the content go away, it wouldn't take it off the internet, it would just make it slow and more vulnerable to attacks. Our goal is to power a better internet. There are a lot of things on the internet that I personally find quite troubling and the list of those things is maybe very different from yours, but our role as a company wasn't to play internet censor.

It's good to see companies standing firm on this point. Anyone who understands the internet knows that it runs on fundamental principles of neutrality. Similarly, anyone who understands innovation online knows how vital it is that companies are able to build off the services of others without fear of discrimination. Sometimes this puts service providers in a tough spot, because the pressure placed on them can be intense—but the ones who navigate the situation without betraying their customers send a powerful message about their commitment to internet ideals.

Interestingly, Prince also explains that because of the way CloudFlare security works, the aggression from the white-hat hacker community (Update: a commenter raised the question: is this really white-hat? That's a great point, and also a separate debate, so I'll just call them 'hackers' for now) against LulzSec actually helped improve security online:

... the attacks against their website just went through the roof. We were actually able to track what those attacks were and provide better and better security over time to help everyone who was on our network.

CloudFlare's core value comes from the fact that every website that is part of our system helps contribute data in order to better protect other websites. As one website gets attacked, the knowledge about that attack is immediately shared with the rest of the websites, so that the system gets smarter and smarter over time.

Stories like this also show that while net neutrality is an important concept, regulating it is ultimately less than ideal. When permitted to function without interference, the nature of the internet already encourages and rewards neutrality, with everyone benefiting the most when nobody discriminates.

Filed Under: security, service
Companies: cloudflare, lulzsec

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 6 Mar 2012 @ 7:25am

    Umm, you guys are so transparent, it hurts. Nice friendly piece about Cloudflare. What you failed to mention is that Techdirt is hosted there as well now.

    So here is the question: How much of a discount or kick back does Techdirt get for writing happy and nice pieces about Cloudflare?

    Also, why not address the issues that Cloudflare appears to have some outages anyway, and being that they take all the sites likely to get DDoS attacks and other nasty things happening, that the risk that an innocent site is taken down when their network gets attacked is higher.

    It's a nice piece their Marcus, I bet Mike didn't have the gall to write it himself.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.