Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Blogs

Google's Project Shield May Actually Be A Double-Edged Sword

Chris Brenton

Google has received a lot of press regarding their Project Shield announcement at the Google Ideas Summit. The effort is being applauded as a milestone in social consciousness. While on the surface the endeavor appears admirable, the long-term impact of the service may manifest more than Google had hoped for.

Project Shield is an invite-only service that combines Google's DDoS mitigation technology and Page Speed service. The intent is to offer the service to (quoting from their site) "websites serving news, human rights or elections-related content." The concept is to provide a voice to those that may be silenced via DDoS attacks.

The Possible Moral Dilemmas

As an example of a potential Project Shield user, Google spotlighted Aymta, a site that alerts Syrians to scud missile launches. In the past the site has been targeted by DDoS attacks, reportedly by the Syrian government.

So what happens when the Israeli and Palestinian conflict heats up again and a similar service is spun up on both sides of the border? Should Google choose who they feel is more "right" in the situation and worthy of their protection?
This is a huge moral question as people could literally live or die based on how they choose. Selecting either side in the conflict potentially draws fanatical anger from supporters on the other side. Doing nothing or supporting both potentially draws ire from both sides.

At the end of the day, Google is still a company looking to generate a profit. Certain choices could potentially impact their business model in large portions of the world. While Google's mantra is "don't be evil," sometimes you are faced with no-win choices. Adding to the complexity is that Google also has a responsibility to their investors. Is it impossible to consider that profit margins will never factor into their selection for inclusion into this service?
If they do choose to throw caution to the wind, could that not affect their bottom line, thus negatively impacting their investors and their ability to perform this philanthropic work in the first place? To draw on a Star Trek moral dilemma, do the needs of the few outweigh the needs of the many, or is it the other way around?

Protecting The Rest Of Us

There is another more subtle issue here. By protecting sites that are drawing a passionate response, Google is effectively raising the bar on what is required to perform a successful DDoS attack. Further, they are doing so to people who are highly motivated to reach that bar and may have the financial means to do so. In the past, whenever we've developed technology or processes to thwart large scale DDoS attacks, the bad guys have upped their game to meet the challenge.

Unfortunately, leasing time on botnets to perform DDoS attacks is a thriving business. This offering may provide financial incentives to the bad guys to again scale up their operations. This may leave the rest of us, who are not invited into Google's protected circle, that much more likely to be knocked offline.

Don't get me wrong, I honestly think this Google endeavor is an effort to make the world a better place. I think Google is truly attempting to give a voice to "the little guy," and should be applauded for the effort. However, philanthropy can sometimes be a double-edged sword. I'm really hoping someone at Google who is smarter than myself has plotted a clear path through the potential moral minefield that may lie before them.

By Chris Brenton, Director of Security at Dyn
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

I don't see the same issue Phillip Hallam-Baker  –  Oct 28, 2013 6:31 PM PST

Google could end up picking sides but by and large DDoS attacks are rarely the work of state actors and even more rarely state actors who are on the NATO forces side.

GCHQ and the NSA don't spend their tim DDoSing Al Qaeda Web sites, they infiltrate them. Folk Who try to DDoS the sites are causing more problems for our side than theirs.

They might get into some difficulty if they offer the service to US political campaigns due to the rules on donations in kind. But I am pretty sure they would have the sense to offer the same service to all parties.

Google has fat enough pipes and servers to soak up the entire DDoS attack volume. Perhaps what they are planning is not to make a business stopping DDoS but just looking to strike a knock out blow.

To post comments, please login or create an account.

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.