one way blogs - OWB - Re: git based dark web (Tor) "one way" blog/ document dump/ wordpress?
Zenaan Harkness
zen at freedbms.net
Thu Feb 13 14:52:58 PST 2020
One way blogs - OWBs:
Important points:
- OWBs are, due to present tech, not anonymous.
- They simply provide the possibility that something you write or
some document (say an Affidavit) that you upload, cannot be
easily attacked by a non-state actor, primarily by virtue of
being replicated into a few 'foreign' statutory jurisdictions,
and due to the contract, and default tech policies in place in
the infrastructure of OWBs.
- During normal operation of an OWB node, the only pages or
documents that would ever be removed (for THAT node) would be
those under an injunction to be removed by a $LOCAL_JURISDICTION
court.
- Which gives the thought that a blog creator might be provided an
option to self-assess the nature of his blog as to its content,
in particular so that nodes in other jurisdictions can choose to
only auto-mirror content which is lawful in their own local
jurisdiction - this might even be needed for (no tech) folks to
be comfortable with deploying an OWB node.
- Arguably it could be considered implicit that any OWB blog page
could potentially come under court injunction to be removed (in
local jurisdiction) - and this is the foundation cause of the OWB
concept - however this doesn't really add much since this is
true of all media published everywhere anyway, although naming
this concept AS a foundation cause, might help steer folk's'
thoughts in this direction, which might be useful to their
conscientiousness around their speech and their rights in
relation to speech.
Notes:
Most folks these days use FaceBook or Twitter as their blog platform
to "talk to the world", e.g. by creating a FaceBook "Group", and also
YouTube.
The problem with these legacy platforms is that they censor, ban, and
shut it down if you get a little too popular or some "lefty" complains.
Could an auto-mirrored multi-jurisdictional platform be more
censorship resistant "for Joe Bloggs"?
Is it worth creating? Depends on the effort I guess...
The infrastructure is probably something like:
- a VM/VPS
- ssh
- git
- user db
- sync scripts, push and/or pull depending on peer conf
- OWB software/platform
- tor
- web server to deploy blog as .onion html site
and the only parts to develop are the sync scripts, user db and
OWB stuff.
Sync:
- rsync
- git push/pull
- custom jobs or bundles, say each new blog entry (or update)
becomes a bundle (possibly with a separate descriptor/meta file
if that's useful to assist sync rules) which can be pushed or
pulled
- multiple bundles can be streamed
- this sounds an aweful lot like a deficient git, most custom
such things needs to really need to have a clearly defined
benefit over the status quo (git) to be worth doing at all
Scalability:
- If it becomes a popular "media/blog" platform, say when the first
"one way blog" goes viral in the face of a $LOCAL_JURISDICTION
failed shut it down attempt, potentially 10s or thousands of
bloggers might find themselves inclined to deploy/use it.
- Anything on such a scale (not wikipedia scale, but certainly not
small) wants to be not bound into a single git repo.
- So per-blog or per-user "blog sync repos".
- This also facilitates "archival" of older/ inactive blogs - we
only want to sync active blogs, i.e. those with updates.
- I'm familiar with the git remotes rules for bidirectional sync,
which can also be made to work for more than 2 peers.
- I'm not yet particularly familiar with git subrepo/ submodule/
subtree.
https://github.com/ingydotnet/git-subrepo
Let's say this gets to say 500,000 OWBs after a few years of
popularity - how do we minimize the pain of getting to that
point? What technical/ design choices do we need to make today
to make such a target reasonable?
One way blogs:
- provide ready links to earlier versions of a page (like a wiki,
but make sure it's impossible to "bury" old pages)
- provide ready access to mirrors, say an entry page which does
nothing but link to say a random mirror
- should be mutually supportive - if the peer I normally use to add
a blog entry is down, any other node should allow me to log in
and add an entry to my blog, which should then turn up on other
nodes
- permalinks?
- clearnet links can be provided with ".ws" onion extension - i.e.
MyOnionblgwhe309sda.onion.ws
But does this just delay pain in a not useful way - i.e. is it
better to just push all users and readers to use TBB from the
start?
Also, for example, last night I did a dark web search and found
four links to dark web hosting of one or another sort - the 2 I
clicked on (within TBB) each went to the .ws site;
as a brief test I deleted the ".ws" and neither site came up -
tried this a few times then tried "new circuit" - nothing!
So those 2 sites came up on the ".ws" version of the onion, but
not on the onion version of the onion site.
Such inconsistent experience is effectively an attack vector -
sort of like a crypto algorithm downgrade attack, but it's an
"access visibility attack" (to reduce the relative privacy/
plausible deniability when reading or adding to a blog).
More information about the cypherpunks
mailing list