[liberationtech] Concept for takedown-resistant publishing

Fabio Pietrosanti (naif) lists at infosecurity.ch
Wed Feb 1 23:44:20 PST 2012 

On 2/1/12 11:11 PM, Bill Woodcock wrote:
> 
> On Feb 1, 2012, at 12:49 PM, Fabio Pietrosanti (naif) wrote:
>> d) Which is the most known/used information distribution/mirroring
>> system used nowday?
>> Bittorrent P2P system.
> 
> Nope, anycast is.
> 
> And it doesn't require new browser code or any special handling.  You do have to protect your DNS resolution, though.

Yes, but this is a "centralized" architectural approach that require you
to protect the "root of something":
- root of your authoritative DNS
- root of your BGP announcement

So takedown is easy as you can attack the root of your hierarchical
architecture.

You would need to have "strong-resiliency" trough a strong distribution
techniques.
Ie: 10.000 easy to setup  mirrors without the need of centralization
elements (domain/ip address).

Think if "the client" is a single "javascript application" that  can
downloaded and run into the browser.

The client could download this "javascript" access client from anywhere
on the internet, as an access-client software.

If "the web server" would not be a domain name or a single IP address,
but a widely distributed set of bittorrents it would be possible to
achieve in shorter time a very important resiliency.

That way we would achieve an extremely easy way for end-user to
participate to mirroring actions (maximum distribution in short time)
and an domain-name agnostic way to access the website (avoid
centralization).

The "sensitive elements" to provide "easy accessibility" for end-user
would be "from where i download the javascript access client", that will
enable the end-user to access a website with remote data storage on a
bittorrent infrastructure.

For such kind of "model" the @unhosted ( http://unhosted.org) project
provide a nice vision, strictly separating the "access and visualization
logic" from the "remote data storage", in order to implement efficient
distribution methods and keep intelligence (javascript) on the client
rather than on the server network.

-naif

More information about the liberationtech mailing list