Rapid information dissemination in hostile environment

Thu Apr 24 17:37:49 PDT 2003

Sipping from a cup of tea, reading newspapers, and enjoying my favorite
pastime - idle musing. I am possibly stating the obvious and already
known, though, but someone may find something I forgot about...

Time to time, the situation arises an information has to be let out in the
fastest possible way. It may be a whistleblowing, it may be the
"liberation" of some discovered or "acquired" closed technological detail,
it doesn't matter what it is as long as there are The Powers That Be that
aren't too happy about it getting out.

The less amount of copies Out There, the more vulnerable the information
is. Web is excellent as persistent data source, but a website is way too
easy to be taken down. FreeNet is better in this regard, as it is fairly
impossible to find the physical location of the data source, but the
weakness is the Freenet key that has to be published somewhere, the lack
of content search engine ("Freenetoogle"?) and the abysmally low
utilization by the General Public. For initial distribution of an
information in a hostile environment, populated by factors aiming for
elimination of the information, Web is rather unusable; sooner than a
reasonable number of people get the chance to retrieve the information,
the site gets taken down. (Consider the most pessimistic situation with an
immediately aware adversary and fully complying ISPs.)

The Rapid Information Dissemination (RID) (or maybe Rapid Information
Proliferation, RIP?) system has to achieve the widest reasonably possible
distribution within first couple seconds, or at most minutes. Two good
examples of robust systems providing this feature are Usenet and
unmoderated mailing lists. Cypherpunks could be an excellent example for a
list especially suitable for RID; spanning several continents, the core
list is unmoderated and distributed by automated means (which ensures that
even in the case of forced compliance of the moderators they won't have
any practical chance of intercepting a mail before it being sent to the
unmoderated-list subscribers), and populated by the people whose profiles
make them unlikely to comply en-masse with every whim of The Authorities,
whoever tries to be that at the moment. One post, matter of few seconds,
can then achieve the rapid seed distribution, necessary for ensuring the
information can't be entirely eliminated from the world anymore (and then
possibly making it even to Web archives - being it the List web archives
themselves, or cryptome.org, or Politechbot, or any of the numerous
others, depending on the type of the information). The adversary's only
possibilities then are "data poisoning", publishing versions of the data
with intentional inaccuracies (eg, the way British Secret Service(?)
(MI6?) reacted to the leak of their agents list onto the Net), and/or
finding the author and unleash the havoc of Exemplary Punishment onto him.

The author has the choice of protecting his identity by using eg. an
anonymous remailer chain, further limiting the adversary's options, or
playing rough and taking the risk in the cases the situation warrants it
(though it's always better to keep the awareness that a free guerrilla is
better than a hero in prison).

Finished the tea, back to work.

Opinions, comments, peer review? :)