one way blogs - OWB - Re: git based dark web (Tor) "one way" blog/ document dump/ wordpress?

Zenaan Harkness zen at freedbms.net
Thu Feb 13 14:52:58 PST 2020 

One way blogs - OWBs:

Important points:

  - OWBs are, due to present tech, not anonymous.

  - They simply provide the possibility that something you write or
    some document (say an Affidavit) that you upload, cannot be
    easily attacked by a non-state actor, primarily by virtue of
    being replicated into a few 'foreign' statutory jurisdictions,
    and due to the contract, and default tech policies in place in
    the infrastructure of OWBs.

  - During normal operation of an OWB node, the only pages or
    documents that would ever be removed (for THAT node) would be
    those under an injunction to be removed by a $LOCAL_JURISDICTION
    court.

  - Which gives the thought that a blog creator might be provided an
    option to self-assess the nature of his blog as to its content,
    in particular so that nodes in other jurisdictions can choose to
    only auto-mirror content which is lawful in their own local
    jurisdiction - this might even be needed for (no tech) folks to
    be comfortable with deploying an OWB node.

  - Arguably it could be considered implicit that any OWB blog page
    could potentially come under court injunction to be removed (in
    local jurisdiction) - and this is the foundation cause of the OWB
    concept - however this doesn't really add much since this is
    true of all media published everywhere anyway, although naming
    this concept AS a foundation cause, might help steer folk's'
    thoughts in this direction, which might be useful to their
    conscientiousness around their speech and their rights in
    relation to speech.


Notes: 

Most folks these days use FaceBook or Twitter as their blog platform
to "talk to the world", e.g. by creating a FaceBook "Group", and also
YouTube.

The problem with these legacy platforms is that they censor, ban, and
shut it down if you get a little too popular or some "lefty" complains.

Could an auto-mirrored multi-jurisdictional platform be more
censorship resistant "for Joe Bloggs"?

Is it worth creating?  Depends on the effort I guess...

The infrastructure is probably something like:

  - a VM/VPS
  - ssh
  - git
  - user db
  - sync scripts, push and/or pull depending on peer conf
  - OWB software/platform
  - tor
  - web server to deploy blog as .onion html site

and the only parts to develop are the sync scripts, user db and
OWB stuff.


Sync:

  - rsync

  - git push/pull

  - custom jobs or bundles, say each new blog entry (or update)
    becomes a bundle (possibly with a separate descriptor/meta file
    if that's useful to assist sync rules) which can be pushed or
    pulled
    - multiple bundles can be streamed
    - this sounds an aweful lot like a deficient git, most custom
      such things needs to really need to have a clearly defined
      benefit over the status quo (git) to be worth doing at all


Scalability:

  - If it becomes a popular "media/blog" platform, say when the first
    "one way blog" goes viral in the face of a $LOCAL_JURISDICTION
    failed shut it down attempt, potentially 10s or thousands of
    bloggers might find themselves inclined to deploy/use it.

  - Anything on such a scale (not wikipedia scale, but certainly not
    small) wants to be not bound into a single git repo.
    - So per-blog or per-user "blog sync repos".
    - This also facilitates "archival" of older/ inactive blogs - we
      only want to sync active blogs, i.e. those with updates.

  - I'm familiar with the git remotes rules for bidirectional sync,
    which can also be made to work for more than 2 peers.

  - I'm not yet particularly familiar with git subrepo/ submodule/
    subtree.
    https://github.com/ingydotnet/git-subrepo

    Let's say this gets to say 500,000 OWBs after a few years of
    popularity - how do we minimize the pain of getting to that
    point?  What technical/ design choices do we need to make today
    to make such a target reasonable?


One way blogs:

  - provide ready links to earlier versions of a page (like a wiki,
    but make sure it's impossible to "bury" old pages)

  - provide ready access to mirrors, say an entry page which does
    nothing but link to say a random mirror

  - should be mutually supportive - if the peer I normally use to add
    a blog entry is down, any other node should allow me to log in
    and add an entry to my blog, which should then turn up on other
    nodes

  - permalinks?

  - clearnet links can be provided with ".ws" onion extension - i.e.
    MyOnionblgwhe309sda.onion.ws

    But does this just delay pain in a not useful way - i.e. is it
    better to just push all users and readers to use TBB from the
    start?

    Also, for example, last night I did a dark web search and found
    four links to dark web hosting of one or another sort - the 2 I
    clicked on (within TBB) each went to the .ws site;
    as a brief test I deleted the ".ws" and neither site came up -
    tried this a few times then tried "new circuit" - nothing!

    So those 2 sites came up on the ".ws" version of the onion, but
    not on the onion version of the onion site.

    Such inconsistent experience is effectively an attack vector -
    sort of like a crypto algorithm downgrade attack, but it's an
    "access visibility attack" (to reduce the relative privacy/
    plausible deniability when reading or adding to a blog).

More information about the cypherpunks mailing list