The past few weeks have highlighted the vulnerability of centralized information systems to censorship: online speech is only as strong as the weakest intermediary. Sites hosting legitimate speech were caught up in an anti-counterfeiting raid by the Department of Homeland Security, EveryDNS stopped hosting WikiLeaks.org’s DNS, Amazon refused hosting service to WikiLeaks, and independent protesters conducted denial-of-service attacks on businesses refusing service to WikiLeaks. If the Combating Online Infringements and Counterfeits Act (COICA; the internet censorship bill introduced in the US Senate) or something like it passes, the threat centralization poses to First Amendment-protected speech may be unavoidable. Corrective action — designing, implementing, and deploying robust, fault-tolerant architectures — will improve the security and availability of the internet infrastructure generally, to the benefit of all.
What, then, can digital activists do to protect speech on the internet? Fortunately, there are a bunch of technical projects dedicated to reducing centralization in the internet infrastructure. Some are in the idea stage, some are up and running, and some are in-between. All of them could use help: development, documentation, security review, server infrastructure, testing, and evangelizing. EFF urges technologists of all stripes and skill levels to work on potential solutions to the centralization problem.
In this post I’ll summarize a few interesting projects, but this list is hardly exhaustive.
The Dot-P2P Project, an alternative DNS hierarchy that resists censorship. The project aims to create a new top-level domain, .p2p, and name-resolution software that will hook into the normal client DNS resolver. (However, the new software will not interfere with name resolution for traditional TLDs like .com and .net.) Dot-p2p developers expect the .p2p service infrastructure to be mobile and hence flexible under attack; by contrast, administration is currently expected to be centralized. However, the developers would like to see a design for decentralized administration as well.
The Tahoe Least-Authority File System, a highly fault-tolerant, secure internet filesystem. Historically, network filesystems such as SMB/CIFS and NFS have been both centralized (having a single server) and insecure (lacking any authentication, confidentiality, or integrity for the data). Previous work, such as The Coda Filesystem and Mazières’ SFS, has attempted to address these problems. Tahoe-LAFS is a new effort in this area with an innovative, fine-grained internet-strength security model. Tahoe-LAFS could be used as the basis for a censorship-resistant, confidential, tamper-resistant publishing platform. Transported over Tor, it could also be anonymous.
The Tor Project, an anonymizing overlay network. Although better-known than the other projects described in this post, Tor remains a fruitful project to work on and there is plenty of work left to do. In particular, the use of Tor hidden services lags behind the use of Tor on the client side for many reasons, including performance and the need for more server infrastructure. And to help defeat censorship systems, there is always a need for more people run Tor Bridge Relays.
BitCoin, a decentralized internet currency. Digital cash systems, usually based on cryptographic “proof of work” schemes, have been around since 1990. Some digital cash systems are anonymous or pseudonymous (using e.g. Chaum’s blind signatures), but not all are. Historically, digital cash systems have not succeeded; BitCoin is a new attempt that may be promising. You can download and run the code now, and you can indeed buy things with BitCoins.
It may be that some or all of these projects do not succeed, or succeed only partially. That is to be expected — decentralizing and hardening the internet infrastructure and applications against censorship is an ongoing research and development project. The only way to progress is gradually and with effort, but the payoff could be huge.