Strange Doings in Connecticut
Today’s the day of the big Democratic primary in Connecticut, with challenger Ned Lamont looking like he may potentially unseat Fox News’ favorite Democrat, Senator Joe (“Joementum”) Lieberman.
This morning the race took a weird turn when Lieberman’s primary campaign site, http://www.joe2006.com/, went offline, displaying an “Account Suspended” page from their Web host in its place. The Lieberman team’s email addresses (on the same domain, joe2006.com) were non-functional as well.
The Lieberman campaign charged that the site had been knocked offline by a malicious “denial of service” attack coordinated by Lamont:
Sean Smith, Lieberman’s campaign manager, said the site began having problems Monday night and crashed for good at 7 a.m. Lieberman’s staff offered no evidence that Lamont’s supporters were to blame.
Smith said the campaign has contacted the Connecticut attorney general’s office and asked for a criminal investigation by state and federal authorities. A spokesman for the U.S. Attorney’s office declined immediate comment. Calls placed to the FBI and the chief state’s attorney’s office seeking comment were not immediately returned.
“Voters cannot go to our Web site. They cannot access information,” Smith said. “It is a deliberate attempt to disenfranchise voters.”
Lieberman’s spokesman, Dan Gerstein, echoed this charge to Taegan Goddard’s Political Wire, adding that :
They disabled both our website and our email yesterday morning. So we have had almost no ability to use electronic communications over the final two days of the election.
That has severely impeded our ability to communicate with our field offices and internally here at HQ, which in turn has undermined our ability to talk to voters and to coordinate our get out the voter efforts.
This is serious, which is why we have called on the Lamont campaign to aggressive get the word out in the online world that this has got to stop.
Lamont’s staff offered to help Lieberman’s however they could. However, Markos Moulitsas at Daily Kos (an acknowledged Lamont partisan) did some digging and discovered that the culprit might be simple technical ineptitude rather than Evil Hackers:
They are paying $15/month for hosting at a place called MyHostCamp, with a bandwidth limit of 10GB. MyHostCamp is currently down, along with all their clients.
Apparently Joe2006.com is hosted on an el cheapo shared hosting plan. If that’s the case, it’s easy to imagine that the site went down due to a simple spike in usage (it is primary day, and their primary is being closely watched across the country) rather than any malicious action.
That leaves the e-mail outage, though. The only scenario I can figure where the shared-hosting explanation would also account for e-mail outage would be if they were doing DNS off the same box as their Web site, or if they had registered the domain through the hosting company and the company shut down all their services when they blasted through their bandwidth cap.
Personally, the shared-hosting’s-not-enough explanation strikes me as more likely than the we-got-hacked explanation, even factoring in the fact that they lost e-mail as well. Why? They’ve been offline all day, which certainly seems to imply that they do not have any technical people near at hand. That means their services were probably set up by some doorknob who didn’t know how to do it right in the first place…
What do you think? Does it seem more plausible to you that overrunning a shared host’s limitations could knock their site and email offline, or that an organized hack campaign has been aimed at Lieberman?
UPDATE (5:45PM): Lieberman campaign’s online consultant denies relying on shared hosting plan, but can’t say how much he pays for hosting or where his client’s site would be hosted other than MyHostCamp. What do you want to bet he’s been charging the campaign $150/month for hosting, paying the $15 to MyHostCamp, and keeping the change?
Not to mention this choice quote:
[Consultant Dan Geary] didn’t have any more information about the nature of the supposed attack. “I’ve spent 99% of my time speaking [to reporters] about the story,” he said.
Hey, doorknob — if I had hired you as my Internet consultant and my site was down all Election Day, it would not thrill me to find out that you were too busy giving interviews to fix the damn site.
UPDATE (5:54PM): State Attorney General’s office promises investigation.
UPDATE (5:56PM): Lieberman campaign retracts charge that Lamont supporters are behind alleged DoS.
UPDATE (7:13PM): I was wrong. Lieberman’s consultants didn’t charge him $150 for $15 Web hosting. Nope, they charged him $1,500!
UPDATE (6:34AM August 9): Owner of hosting company cited in “charged him $1,500” report has threatened to sue Wonkette for associating them with the outage:
2Dog Media, LLC has not hosted the joe2006.com website for over 3 months. When the site was hosted with us, it was on a dedicated server with unlimited bandwidth and daily server back-ups. The Lieberman Campaign was paying much more than $7 a month for this service. The campaign manager, Sean Smith, came on board and decided he would rather work with a friend of his that he had worked with in the past. Since then, our company has not been in charge of the hosting services.
UPDATE (6:42AM August 9): TPM Muckraker reports that Lieberman’s web host denies the problems were caused by exceeding a bandwidth cap, blaming the outage on an unspecified hack attack:
When I spoke with him at 9 p.m. Tuesday, [MyHostCamp owner Samuel] Hubbell said the site had been hacked, but declined to say what kind of attack he believes had been used.
“We’re still trying to figure out where it came from,” Hubbell said. “That’s what we’re investigating. . . I can’t clearly say at this point.”
Note that (if I’m reading the report correctly), while Hubbell denies the issue was bandwidth, he does not deny that Joe2006.com was hosted on a shared hosting plan.
UPDATE (7:04AM August 9): Consultant Dan Geary denies using shared hosting to the New York Times:
Mr. Geary said that claims by Lamont supporters that the site was being run by a single, inexpensive computer were also inaccurate. He said that he had contracted with a Dallas-based Web company, Server Matrix, as the host of Joe2006.com. Executives at Server Matrix did not return phone calls seeking comment.
UPDATE (2:27PM August 9): Remember when I said Lieberman’s people were backing off the charge that the outage was caused by his opponent?
Well, somebody oughta tell their Web guys, because as of right now the joe2006.com site is still down — we’re coming up on two full days offline now — and still blaming Lamont:
UPDATE (8:53PM August 9): Hey open-source content management fans! Guess who the Lieberteam is blaming for the outage now?
The site uses a software package called Joomla to manage its content, according to both [Geary and Hubbell]. Hubbell insists his company kept the servers up-to-date with all security upgrades and patches. Right now, he theorizes that an as-yet-unreported flaw in Joomla was exploited by a hacker to bring the site down.
“It was potentially various components and modules, we haven’t figured out which one,” Hubbell said. “That’s kind of the guess. . . . The security patches were so fresh that. . . there might have been an additional undocumented loophole that someone got through.”
Considering that Joomla is notorious both for poor scalability and for needing frequent security patches, I’m not sure this tidbit clears anything up. Sure is a rousing endorsement for Joomla, though, eh?
UPDATE (10AM August 10): Well, it’s now been more than two full days since their site got “hacked”. Surely they’ve sorted things out by now…
UPDATE (December 20): Epilogue.