Hacking Politics--Lieberman/Lamont Edition
BY Micah L. Sifry | Tuesday, August 8 2006
Joe Lieberman's campaign is charging that supporters of his opponent, Ned Lamont, hacked his campaign website and email system, and his campaign manager is asking for a criminal investigation. The Lamont campaign denies the charges, and has even offered to send their tech guru to Lieberman HQ to help them fix their problem. The Lamont blog even includes a link to a Google cache of Lieberman's website.
A lot of charges are being thrown around with little proof offered, and this story is taking a life of its own on the cable news shows ("We decide, then we report later...maybe"). The Lieberman campaign says this was a denial-of-service attack. The Lamont campaign posted a screenshot from the Lieberman site suggesting that its ISP might have suspended service due to non-payment of its bills. In the comments thread from that post you can find a statement from Lieberman's ISP saying their bills are paid up. Now various people around the Lamont campaign are saying the Lieberman people didn't plan for the amount of traffic their site would attract.
Here's what Dan Geary, the Lieberman webmaster, says in their complaint to the authorities (dated August 7, 10:12pm)
Here's what we know at this point:
--Mid-morning eastern time; the domain, www.joe2006.com and its accompanying email server experienced a massive increase in queries; effectively preventing display of the site and cutting-off critical Email communication to over 80 Lieberman campaign staff in the campaign's various offices and in the field. A server query, more or less, is a request to read the files that make up and display a website and its functions and to find an email address to deliver to.
--Re-starting the server would result in a short period of stable traffic followed by a
rapid increase to redlining the system.
--There has been no major changes to the content of the site, nor any measurable increase in staff communications via Email between yesterday and today that
would account for the massive load to the server.
--After a day of continuous clearing and re-starting the server, six or seven times I
think, we performed a test to see if the overload was simply a very large number of site visitors using the various features, including the video sections which use a large
amount of bandwidth. The test was to simply place a blank white page as the home page and make the site live again. With this, no site visitor going to www.joe2006.com would have been able to use the features of the site, including the video players. The load on the server from the website still immediately redlined.
--So, for the site to overload naturally by a large number of people looking at a blank,
white page (about a 16k size file on the web server) it would have to be visited
simultaneously by so many visitors. it seems improbable.
--We then disabled every file of the website including the content-management system, leaving a maintenance message. That stabilized the system so that the
campaign's volunteers and staff could communicate with each other and the campaign could respond to emails from Connecticut residents, inquiries by the press, etc.
That's the case, such as it is, for a deliberate hacking attack. It's also possible the site crashed due to increased traffic due to the intense national interest in the race, and bad planning on the part of the Lieberman team, which appears to have had a very low-cost ISP and perhaps hit a 10MB bandwith cap as the race heated up. Here's what one knowledgeable source--Clay Johnson of Blue State Digital, whose firm has been hosting part of the Lamont website, says about that:
I'll gladly pay Lieberman's monthly rate. Heck, I'd offer to pay it for the year if it'd do any good and get his site back up. His hosting plans are dirt cheap:
Joe's been paying for the top tier $15 a month plan from a reseller called Myhostcamp, which itself is a reseller of ThePlanet.com which is a middle tier web host. I think what we have here folks is not a DoS attack, but a case of "picking a bad web host" or, if I might be so bold "why DIY hosting for your website may be cheap but a really bad idea."
At the end of the day, if you're paying $15 for your web hosting and have a 10GB hosting limit, one shouldn't expect to have their website up and operational when traffic spikes. Bandwidth alone just costs more than that, plain and simple. In contrast, I don't want to go into any specific numbers, but if Lamont had a 10GB cap on his bandwidth, he'd have been down at the first of the month. Plain and simple.
The Lieberman campaign says it increased its bandwith ceiling several times, but it didn't make a difference.
Obviously, if someone hacked the Lieberman site, they should be prosecuted. But the Lieberman people should fully document the charge as soon as they can.
Meanwhile, it strikes me that there are lots of loose ends to this story to tug on. (And the folks at MyDD.com, who are big supporters of Lamont, are doing a good job of digging into the story.) For example, the Lieberman people say they couldn't send out any emails since late Monday--clearly a blow to their GOTV operation. Did anyone get an email from Lieberman yesterday or today?