As I assume is the case for most people present here, a primary reason why I’m interested in a decentralized internet is the hope of a new web replacing the old one which is slowly going down in flames: An internet that can no longer be censored by either governments or corporations, one we have the certainty will not go the way of Facebook and Twitter and Youtube in terms of moderation and community control.
As a technologist and casual programmer, I have a good idea of how software works and the classic means of censorship authority can employ: Governments will either threaten site owners into censoring their websites, either bully ISP’s into filtering offending pages, and ultimately go after viewers for accessing forbidden sites… some not even stopping at mere content, but attacking computer technology as a whole if its existence contradicts their censorship (Tor, VPN, etc). Projects like Substratum and IPFS make the job much harder through decentralization, which doesn’t allow spies or internet providers to easily tell who is receiving what from whom, nor do much about it even if they can see it… at the same time they don’t promote themselves as an anti-censorship tool but a hosting technology, which makes it hard even for rogue regimes to have a pretext for blocking the entire system with all legitimate websites on it. Yet still: Are such projects without holes that permit interference, and if not then how many of those holes can we close?
For the purpose of this thread, I want us to put ourselves in the shoes of the bad guys: Groups who want to censor the internet. Imagine you’re a technologist working for a repressive government, being paid thousands of dollars to show the government a way of stopping citizens from accessing IPFS sites that subvert the authority. You analyze the system and how it works for hours on end, looking for any weak point which you can take advantage of. Once you find it, switch back to our side and ask: How can we prevent the bad guys from using this approach to stop us?
Mind you, I’m well aware that the developers have surely done this by now. I’m mostly asking for my own curiosity, as well as leaving such threads up to educate others: I wish to know every thinkable and unthinkable way in which the system can be technologically censored. Of course this doesn’t include the government arresting people if they identify viewers or nodes or site owners, as that’s not a technological approach the system can do much about (other than good anonymization)… I’d also exclude simple and obvious ways from the discussion, such as banning the official website so you don’t download the setup.exe or outlawing all encryption.
I’ll start off by sharing a few ways I can think of, as well as the solutions I’m aware of for each one. Let me know if any point is wrong or there’s anything that can be added to it:
- Demanding a modified version of the software: If governments won’t be able to block the entire network, they will most certainly go the alternate route of saying “you can use this service, but only via modified clients that enforce our website block list”. Thankfully this falls flat on its face quite easily, considering the software is open-source so anyone can remove the blacklist and recompile it: They’d have to allow modified binaries but criminalize the source code, which would be outright laughable. Integrity of the software is further enforced by standardization in other products (embedding into web browsers, Linux distributions, etc) meaning they’d have to block all of those products too if they don’t include the modified program in their country.
- Blocking traffic in the network: If authority decides to go the blocking route, they can attempt to detect encrypted traffic belonging to the program through means such as deep packet inspection. Despite some technologists claiming that is doable, I fail to see how it would be practical: Even if an ISP can see the IP addresses and public keys and dates of encrypted packets, instances of the program can create new public / private key pairs on the run whenever they please, whereas thanks to community hosting any IP can start or stop transmitting specific content at any point in time (often unknowingly). As such it’s impossible to associate random numbers or those dynamic factors with a conclusion you can act upon in time, without randomly blocking traffic throughout the entire internet.
- Censorship using other processes or device firmware: There is unfortunately one alternative that would do the trick, though enforcing it would be so Orwellian not even China has considered it yet (South Korea tried something similar on teens still). That is forcing every device manufacturer (desktop, laptop, smartphone) to include irremovable censorship software on devices before selling them, virtually making it a crime to own an open-source device on which you choose what you can install. In this dark scenario, our software would have to combat other processes on the system or builtin chips routing the data to / from the memory and CPU. There’s probably not much we could do in this case, but I figured I’d still add this to the list as well.