1. Home
  2. >
  3. Author: Dmitri
Categories
Uncategorized

Launch your latest product with Genesis Blocks layouts!

Use the professionally-designed sections and layouts to launch your new product site, complete with a Mailchimp email newsletter block.

Beautiful, responsive layouts ready to use.

Add beautiful illustrations from UnDraw, a constantly updated collection of images that you can use completely free in your sections and layouts. Or add your own!

From the Genesis Lab

The new editor comes with a handful of default blocks such as paragraph, image, gallery, and more, to help you create better standard posts and pages.

Rock Solid Standards

The new editor comes with a handful of default blocks such as paragraph, image, gallery, and more, to help you create better standard posts and pages.

Sites Built To Last

The new editor comes with a handful of default blocks such as paragraph, image, gallery, and more, to help you create better standard posts and pages.

See what they’re saying.

Our happy customers have a lot to say about our products and services!

It’s really great how easy your websites are to update and manage. I never have any problem at all!

avatar

Mary Sequoia

Author

My new site is so much faster and easier to work with than my old site. It used to take me an hour or more to update a page.

avatar

Philip Glacier

Publisher

It’s almost like having a designer right here with me. I just choose the page, make the change and click save. It’s so simple.

avatar

Amy Redwood

Consultant
Freelancer
Our essentials package with tools for freelancers.
$
49
/mo
  • Product Feature One
  • Product Feature Two
  • Product Feature Three
Agency
More tools for active agencies with large client bases.
$
89
/mo
  • Product Feature One
  • Product Feature Two
  • Product Feature Three
Enterprise
All the tools, updates, and support you need to get started.
$
129
/mo
  • Product Feature One
  • Product Feature Two
  • Product Feature Three

Ready to join our beta?

We’re working hard on our official product, but we’d love to have your feedback on our beta product, launching soon! Use the Mailchimp form to subscribe for updates!

  1. Home
  2. >
  3. Author: Dmitri
Categories
Blog Deflect Labs News from Deflect Labs

Baskerville – dynamic model updates

The challenge: Design and implement a system to receive and process feedback from clients, to augment and improve the machine learning model. Produce a model that has the flexibility to adapt to clients’ feedback and the changing patterns in request signatures, whilst also allowing for dynamic model deployment, without breaking existing integration.

In other words: we created the Baskerville botnet mitigation system to be able to react to new and constantly changing attack patterns on the Deflect network. Training the machine on past attacks – we have reached a point where Baskerville can identify more malicious actors than what was captured by our static rules. Now, we need to grow this functionality to accept feedback from our clients on prediction accuracy and to be able to regularly deploy new models without any interruption of service.

Model design

There are several approaches for live model updating. You can use simple files, or a cache and an Rest API call, or a pub-sub mechanism, you can use serialized (pickled) models, models stored in a database and many more mechanisms and formats. But the main concept is the same, either check for a new model every X time unit or have a stand by service which is notified whenever a change occurs and takes care of the model reloading – on demand. We are combining approaches for our case.

The model needs to be re-trained regularly in order to follow the constantly changing patterns of traffic. The general design idea is to decouple the feature generation pipeline from the prediction pipeline. As a result, the feature generation pipeline calculates a super-set of features and the prediction pipeline allows different model versions to use any subset of features. In addition, the model supports backward compatibility and uses the default values in case of an outdated feature generation pipeline.

As soon as a new model is available, the prediction pipeline detects this and starts using the new model without any interruption of service. When features need to be changed, the model is deployed the same way but the User Module will need to be updated and re-deployed as well. Clients will be updating this module from our git repository. It’s very important to mention that during this period required for the User Module to be updated, the new model will be able to communicate with the outdated User Model and deliver the predictions in the usual way. The lack of new or modified features in the model’s input will not break the compatibility since the defaults will be used for missing values.

Based on the assumption that it makes sense that all the requests within a time-window should be processed by the same model, the model change should happen either at the end or at the start of the processing period. For the sake of performance, we decided to put the model updating process at the end of the PredictionPipeline, after the predictions were sent to the client via Kafka, so that we can increase the time it takes for the client to get receive predictions. The following figure explains what happens when a new model is stored in the database after a time-window has been processed (during the idle time waiting for a new batch) and during a time-window processing. In the first case, the next time-window will be processed with the old model and at the end the new one will be loaded. In the second case, since the processing of the current time window has not completed yet, we will load the new model at the end of it and the next time-window will have the fresh model to work with. The asynchronous nature of the training and the predicting is the reason behind the design of the reloading. We ran several test runs to make sure the reloading did not affect the performance of the pipeline.

Feedback Dashboard

In order to receive curated feedback from clients (e.g. the prediction was incorrect) we developed and designed a graphical dashboard consisting of two main components: the back-end REST API built using Python Flask with web-socket support via Flask-SocketIO; and the front-end Angular project, relying on node and npm. The feedback process consists of three steps:

  1. Feedback Context: provide some details about the feedback, like reason, period and an optional notes field. The reason can be one of the following: attack, false positive, false negative, true positive, true negative or other. We provide a short description for each reason option.
  2. Filter out the request sets relevant to the feedback using the search filters. The user can also provide a csv files with IPs to use as a filter.
  3. The last step is for the user to submit the feedback results to Baskerville (Clearinghouse). Because labelling and providing feedback is a painstaking process, we designed the process in a way that the user can omit the last step (submit) if they are not ready yet, and can choose to submit later on. The Clearinghouse will receive the feedback at some point (configurable time window of feedback pipeline) and once the feedback is processed, the pipeline will reply to the user feedback reply topic – which by convention is “{organization_uuid}.feedback”.

We also created a Retrain Pipeline as well as a Retrain dashboard page and functionality to make it easier for us to do periodic model updates. This functionality is only available within the Clearinghouse where the model resides.

This work is a result of months of painstaking development, testing and iteration. If you are interested in trying out Baskerville on your own web platforms, please get in touch. Our work is available under an open source licence and is developed with privacy-by-design principles. We encourage third-party adoptions of our tooling, outside of the Deflect ecosystem and will be publishing another blog post in the very near future outlining the launch of the Deflect Labs Clearinghouse. Watch this space!

  • Baskerville: https://github.com/equalitie/baskerville
  • Baskerville User Client: https://github.com/equalitie/baskerville_client
  • Baskerville Dashboard: https://github.com/equalitie/baskerville_dashboard
  • Baskerville Docker components: https://github.com/equalitie/deflect-analytics-ecosystem
  • Pyspark IForest fork: https://github.com/equalitie/spark-iforest
  1. Home
  2. >
  3. Author: Dmitri
Categories
Testimonials

Los Danieles

Thank you to Deflect who has protected us from so many cyber attacks. They have demonstrated that their technology can be used to protect freedom of expression.

Daniel Samper, Los Danieles
  1. Home
  2. >
  3. Author: Dmitri
Categories
Blog Deflect Press Release

Deflect partners with technology and media groups

June 01, 2021 – Deflect partners with technology and media groups

Since 2010, Deflect has specialized in protecting online platforms from cyber attacks. Today, our mission and time-tested tooling reaches further and wider than ever before! We are honoured to announce strategic partnerships with well-known Internet Service Providers and digital media entrepreneurs in the Americas and Europe. Our combined service offering includes all manner of web hosting and online collaboration platforms, technical consultancy and web security services. With over a hundred years of collective technology expertise and a dozen common languages between us, this is a partnership that will serve a global clientele and meet the challenges of shrinking online spaces for expression and self-determination.

Our mission is strengthened through this mutually beneficial partnership. We stand together, stronger and ever more resilient, to protect our clients’ platforms with ethical technology solutions, multilingual human resources and a common belief in principles before profits.

Dmitri Vitaliev, Founder deflect.ca

Find out more about our partners’ individual services and mission from the list below. Check out Deflect’s partnership opportunities and write to us!

@colnodo

Colnodo is a non for profit organization working since 1994 providing Internet infrastructure services to activists and civil society organizations.  Colnodo’s main objective is the access, use and appropriation of information and communication technologies (ICT) for social development, human development and the improvement of people’s living conditions through the strengthening of capacities and competencies, education for work, information and knowledge exchange, increased citizen participation, sustainable development and innovation.

@greenhost

Greenhost (Netherlands) is an established infrastructure provider focusing on digital human rights and sustainability. By providing (infrastructure) services to a wide range of organisations supporting human rights, free press and/or censorship circumvention while preserving privacy guarantees. Greenhost makes sure to keep the internet an open and innovative space.

@greennetisp

GreenNet (UK) have been networking people and activist groups for peace, the environment, equality and human rights since 1986 – providing internet services, web design and hosting. Our hardware and software choices are based on expert technical judgment, our ecological sustainability and ethical business values.

@cloud68hq

(Tirana, Tallinn, Worldwide) Cloud68.co provides reliable open source digital infrastructure to for-purpose small & medium teams, organizations and individuals with responsive and friendly support. As a team of long time contributors to digital privacy and open knowledge projects we are committed to help you migrate from big tech as easy as possible.

@sembramedia

SembraMedia is a nonprofit dedicated to empowering diverse voices in Spanish media to publish news and information with independence, journalistic integrity, and a positive impact on the communities they serve. They conduct research, provide training, consulting, and financial support to help media leaders develop more sustainable business models in Latin America, Spain, and the U.S. Hispanic market.

At MainMicro, our goal is to ensure customer satisfaction by providing ongoing support and cost effective solutions for our partners. We take great pride in having a customer retention rate that is among the highest in the industry. For us, when you become a customer you also become a friend, and we become the one-stop shop for all of your IT related needs.

At Black Crow Labs we construct your brand’s ecosystem and tell your story.  By engaging with prospective customers on targeted platforms we integrate your brand into their lives and conversations.

  1. Home
  2. >
  3. Author: Dmitri
Categories
Inspiration

Andrew Jennings

Deflect saved my journalism and my independent capacity to publish the results of my investigations. I specialise in corruption and the effect of globalisation and organised crime on international sports federations like FIFA and the IOC. My blogging is welcomed by sports fans globally because I reveal corruption scandals that many ‘establishment’ sports correspondents don’t want to touch. Last Autumn my website was overwhelmed by botnets. Many days it was knocked offline and even my ethical ISP was brought down for a while. It was soon clear that a particular disclosure had discomforted some rich and powerful administrators in world sport. They could not sue because the story was documented. So they resorted to dirty tricks. Deflect galloped to my rescue and did a whole lot of things that I, a simple investigative reporter, will never understand. My site was restored and remains so. My thanks – plus those of a world-wide community committed to honesty in reporting.

Andrew Jennings
  1. Home
  2. >
  3. Author: Dmitri
Categories
Uncategorized

Deflect your problems

We reckon cyber offence is a good type of defence. In light of popular demand, we’re releasing a new customer focused feature. Instead of mitigating attacks, we will simply Deflect them to another website – of your choice. Select from your favourite car dealership, online casino or dictator’s blog. Everyone’s a target on Deflect!

  1. Home
  2. >
  3. Author: Dmitri
Categories
Blog Deflect

Updates from Deflect – 2 – 2021

Traffic & Attacks

Since the beginning of this year, we have served over 2 billion website hits to approximately 18 million unique readers the world over! We mitigated over 30 distinct attacks and kept our clients online 100% of the time! The Banjax bot banning technology blocked 291,898 malicious hits originating from 58,181 zombie bots. Our machine lead anomaly prediction system Baskerville was further able to identify and challenge suspiciously behaving IPs 1,182,084 times out of which only 16,755 proved to be legitimate readers and were allowed to access the requested website. This equates to 98.58% precision – which is pretty good for a machine!

Most popular countries reading Deflect protected websites

These attacks have helped us confirm that our prior implementation of the Shapley value estimation in Baskerville had lead to positive results. This is a general way to explain the output from the machine learning model by feature importance ranking – to help us decide which feature works best. We used this algorithm to compare an older machine model with a model that uses only the features Shapley values say are important, on a data set that contained the latest attacks. The model with only the most important features outperformed the older model.

Deflect referral program

Financial survival and independence on today’s Internet is tough. Big Tech permeates and controls virtually every aspect of our digital experience. When it comes to Internet infrastructure and network services, corporate giants such as Akamai, AWS and Cloudflare dominate the space. These handful of companies have managed to create an ecosystem where they profit from virtually every transaction or advertising campaign. While we choose our destiny as consumers, the growing problem is a lack of choices. One way or another, we are being pushed towards a handful of companies.

We want to do things differently. Our goal is to succeed in lockstep with our clients, not simply profit from them. The Deflect referral program creates a mutually beneficial commercial opportunity – by registering for this program and installing a ‘Protected by Deflect’ badge on your website with a unique hyperlink, you will receive 50% of the first full month’s fees charged to every new client that subscribed from this link. Write to partner@deflect.network if you want to participate in this program or read more about this and other collaborative opportunities on the Partner Programs page.

New Website

You are reading this update on our freshly minted website – powered by WordPress and hosted on the secure eQpress platform. We decided to build it using the default 2020 theme. This code is supported by the WordPress team, built according to best practices. That’s important when it comes to running the popular (but often compromised) WordPress platform – the ease of installation for new themes and plugins lowers the barrier for entry and makes it highly functional and customizable. At the same time, custom code developments become outdated, insecure and often lead to website hacking and unintended DDoS attacks. Our set-up configuration comes with the following:

  • Protection from DDoS attacks and password brute-force
  • Daily snapshots and differential backup
  • Long term theme support from WordPress
  • SEO management, chat support, Matomo Analytics, Polylang translations

Over 25% of Deflect clients also host their website on eQpress. The service is detailed on the eQpress page and you can request it from the Dashboard, or contact us with questions. 

  1. Home
  2. >
  3. Author: Dmitri
Categories
Uncategorized

Opsdash

Opsdash provides near realtime storage and querying of the large volume of traffic reaching the Deflect edge (many millions of events per day).

It is composed of:

  • an Elasticsearch cluster for data storage and querying;
  • a Kibana interface to quickly and easily create visualisations of complex data;
  • Logstash to enrich and insert logs into Elasticsearch;
  • Log-courier to ship logs securely and rapidly from the edge to Logstash;
  • nginx to restrict access to the powerful Elasticsearch API.
  1. Home
  2. >
  3. Author: Dmitri
Categories
Uncategorized

Edgemanage

Edgemanage is a tool used to ensure maximum availability of Deflect edges. It observes the health of edges in the Deflect edge pool and selects the best ones to be active (i.e. in DNS) at any given time.

See the Edgemanage documentation on GitHub.

  1. Home
  2. >
  3. Author: Dmitri
Categories
Uncategorized

Swabber

Swabber is responsible for managing the actual banning of IP addresses identified by either Banjax or Learn2ban.

It uses a ZMQ-based pub-sub mechanism for communication and bans the given IP addresses via IPTables to block identified malicious IP addresses at the TCP level. Swabber has been implemented with several configurable parameters for greater flexibility:

  • bantime – describes the amount of time that malicious IP addresses should be banned from further HTTP requests.
  • bindstrings – provides the list of addresses on which to listen for bans.
  • interface – legitimate ban source to interact with
  • backend – Swabber supports the following methods of banning:
    • raw
      • IPTables commands
    • python-iptables library
    • host.deny

Documentation

The vast majority of documentation and detail is available on Github. Swabber can be installed by running pip install swabber

Requirements

Swabber requirements can be installed via pip. The minimum supported version of python is 2.6. The code uses the “as” keyword and other conventions that are only present in 2.6 and onwards.

Operation

Swabber uses a pub/sub based system via ZMQ, whereby Swabber itself will try to connect to (ie subscribe to) a port (usually on localhost) where something will publish a ban by starting to listen (publishing) on the same port.

Swabber takes a ban as an IP address. If the IP address hasn’t been banned, it will be banned. If it is currently banned, the ban will be extended for the predefined ban time. This is defined in the configuration file swabber.yaml, this time defaults to two minutes.

Manual Execution

You can use the init script to run swabber as a daemon as normal:

/etc/init.d/swabberd start

Or if you want to observe more debug info:

swabberd -v