Protecting Free Speech... Anonymously (and geekily)
Shortcut URL: http://t.conquent.com/FC00
I've been reading more about political DDoS attacks. DDoS, for those who don't memorize acronyms, stands for Distributed Denial of Service attack -- computers with viruses gang up and crank call a website so no one else can connect. You can get thousands of computers trying to take down a poor little box and drive it to a nervous breakdown.
The disturbing thing is that people are now using these attacks against small, non-profits to shut them up. I find most of the online political speech annoying as the next guy (or as annoying as the offline political speech) but I believe anyone should be able post their views about labor conditions in China or discrimination against pansexuals without having to worry about someone throwing a digital brick through their virtual front window.
It doesn't even take a lot of effort on the part of these DDoSers. They just have to do it long enough to annoy the tech company where the Shroom Liberation Front website is hosted. If I had a client who pays me 20 bucks a month suddenly attracting enough attention to take down my network, I'd shut them down, no question. The fact they're a bunch of strung out weirdoes doesn't even have to enter the equation.
And when that little tech company shuts down that little non-profit, the bad guys win. Many political organizations are purely online these days. All their communication is via bulletin boards and email, all their literature is on the web -- their entire existence is on 20MB of web storage and when it gets shut down, the organization is effectively dead.
I had thought that with the advent of cloud hosting that this wouldn't be a big deal. You pay 20 bucks a month to someone like Amazon, and there's practically unlimited bandwidth available. Except even a big tech company is going to shut down a disruptive website -- like the kid getting in trouble because the bullies tried to throw him off the bus, it doesn't matter who's fault it is, the kid loses either way.
Weav and I brainstormed a little yesterday and we came up with an idea. We don't really have the resources to do this alone, so I'm going to outline it and see if we can start putting together an open source team to make this happen.
Basically, the Internet was designed to be almost self-healing -- if one part of the network goes down, your data can still go from Point A to Point B, it just takes a different route. Problem is you still need a Point B -- all your data lives in one place, even if the network is a global spider web of ever changing routes.
So, the idea is that we don't need web servers, any more than movie and music pirates need web servers to swap Christina Aguilera videos. We keep copies of the Manifesto (or the much more boring annual report) on lots of personal computers -- if the DDoS is caused by lots of PCs attacking one place, turn that around and make it impossible to find all the locations of the web content.
To do this we have three different things that need to be developed:
People have been trying to stay anonymous online for a long time, and they've developed tools to hand data off to each other in sort of like an underground rebellion where you only know the members of your cell. There are ways to find other computers and exchange data, without actually letting the computers know about each other -- check out Tor (anonymity network) on wiki if you're curious and geeky.
Once the computers can find each other, there still needs to be a way to do the basic web serving we're used to. I'm thinking permission from your fans who say, "Yeah, marmots are cool, I think I'll donate 100MB and some bandwidth to The Cause." That means that the fan has to install a bit of software on their computer. Doesn't have to be really complicated, just serve up some web pages and let people make a few comments. Maybe support a basic bulletin board...
Say we get that onion routing thing figured out, then we need a way to let you, Mr./Ms./Mrs./Etc. Political Publisher, actually publish to this network. With a combination of security keys and rsync, it should be doable, but it would need messaging to let publishers know that something went wrong and give them a way to fix it.
I know, this is all pretty overwhelming sounding and really techie. And the fact that my main goal here is to create a truly free and open web will probably get me in trouble, but it's a good idea, now if anyone is interested, let's see if we can turn the idea into something people could actually use.
Share this article:
Be sure to see my blog over at Cloudenity. This week's topic:
Identity Isn't Just for Users Anymore