Cayman bank Julius Baer Bank and Trust has convinced a federal judge
to
shut
down DNS service for
wikileaks.org.
On Friday, Judge Jeffrey S. White of Federal District Court in San
Francisco granted a permanent injunction ordering Dynadot, the site's
domain name registrar, to disable the Wikileaks.org domain name. The
order had the effect of locking the front door to the site -- a largely
ineffectual action that kept back doors to the site, and several
copies of it, available to sophisticated Web users who knew where to
look.
Domain registrars like Dynadot, Register.com and GoDaddy .com provide
domain names -- the Web addresses users type into browsers -- to Web
site operators for a monthly fee. Judge White ordered Dynadot to
disable the Wikileaks.org address and "lock" it to prevent the
organization from transferring the name to another registrar.
The feebleness of the action suggests that the bank, and the judge,
did not understand how the domain system works, or how quickly Web
communities will move to counter actions they see as hostile to free
speech online.
The site itself could still be accessed at its Internet Protocol
address (http://88.80.13.160/) -- the unique number that specifies a
Web site's location on the Internet. Wikileaks also maintained "mirror
sites," or copies usually produced to ensure against failures and this
kind of legal action. Some sites were registered in Belgium
(http://wikileaks.be/), Germany (http://wikileaks.de) and the
Christmas Islands (http://wikileaks.cx) through domain registrars
other than Dynadot, and so were not affected by the injunction.
There's also a mirror at cryptome.
For those of you who don't know how this all works, there's registries, who actually
run the domain name (.org in this case) and
then there are registrars, who actually deal with the customers. Any given top level
domain typically has multiple registrars that service it, all of
whom populate the same database, operated by the registry.
So, the locking thing stops Wikileaks from transferring their
domain to another registrar who would then reactivate it.
OK, so this order controls the registrar. But can Wikileaks just
go to the registry and get them to move it to some other registrar,
locking notwithstanding? In this case,
Wikileaks is under .org, which is run by the Public Interest Registry. Operationally,
the PIR is run by Afilias. Both of these are based in the US, so presumably the injunction
could be expanded to include them as well. On the other hand, as the
article notes, there are plenty of registries with no US connection
and the only way for a US judge to take down them domains under them
would be to
go after ICANN, which, despite complaints about the US running the DNS
seems pretty unlikely.
As you may be gathering at this point, this is all pretty pointless.
It's basically impossible to censor stuff like this once it gets out.
We're seeing the first level of countermeasure here, but even if by
some miracle the judge managed to shut down every domain name
serving the contraband material (and since the decision loop
for spreading those domain names is a lot faster than your
average judge's decision making process), people can just move
to IP addresses published by some other means (like other
people's web sites). And there are about three levels of escalation
up from there, all of which are progressively harder to censor.
It will be interesting to see if JBBT goes after
cryptome.org, though.
