Darkness at Noon 04 - SHAREDTAFFY

The network AS3900 leads to AS3817, also known as Dreamhost. How is this Los Angeles based hosting provider connected to Data Foundry and the Chinese government?

The posts that lead up to this one can be found below:

Also recommend reading:

DataFoundry and the DHS Fusion Centers were part of ASN AS3900. There was another ASN downstream from this one though that was missed when we were writing our first posts.

ASN AS3817, which peers with nothing except its upstream at AS3900, used to belong to Freeside Communications. This company, which was acquired in 1999 to later become part of Data Foundry still has a few sites left on it. That includes freesides.com or fc.net:

By looking at the DNS registration data for those domains, we are lead to a corporation called Dreamhost. It has the ASN AS26347 also known as  "DREAMHOST-AS - New Dream Network".

Pretty quickly one can determine that this is an organization aligned with the Chinese government.

We want to emphasize though, like almost everything else, it likely became controlled by the CCP rather than was started sui generis by the Chinese government. That being said we still won't rule out that latter possibility.

Interesting things about DreamHost:

  • They heavily support OpenStack
  • They've spun off several companies, one of which was acquired by RedHat
  • They were involved in a bizarre lawsuit with the Trump administration two years ago

What does this mean?

  1. DataFoundry and DreamHost are part of a bulk intelligence gathering operation
  2. We know #1 is true because all we really did was connect IP addresses from the original Snowden leak to present day organizations and ASNs.
  3. The OpenStack support almost immediately confirms their connection to Chinese aligned interests. The RedHat acquisition of their spinoff is also interesting, but we will cover that at a later date.

The Main Question We Have:

We never would have looked into any of this had these data centers, ASNs, and web hosting companies been run professionally. In other words, like a real technology company.

But  various slip ups and faux paus suggested something more insidious than a simple US mass surveillance operation. We are not saying that is insignificant, but it has been covered at enormous length the last decade.

It is at this point we would like to bring up a possible suggestion as to what is going on. The phenomenon of Regulatory Capture is well documented in political science. Essentially a government organization, funded, supported, and operated by the State, can overtime, in everything but name, come to be run by the very entities it was supposed to guard against.

What if the United States designed a massive bulk intel spying system that operated in the continental US in order to process data collections from around the world? What if this network, in the chaos that domestic politics became after 2012, slowly slipped away from it? What if subtly, merger after merger, buyout after buyout, retirement after retirement, this system, indeed the very internet itself, came to be run by the Chinese Communist Party?