1) ICANN has nothing to do with ICE seizing domains.
2) wikileaks.org was NOT seized by ICE, in case you didn't know (their nameserver operator, everydns, terminated service due to alleged AUP breach). They should probably just run their own nameservers if it's too much for a free provider to handle.
3) DNS is hierarchical in structure, but very decentralised from a technical point of view. In fact, you might call it "P2P", since anybody can join the network and run their own resolver.
4) #dnsissexy - the average user doesn't even know it exists.
5) Not happy with something? ICANN is a community. (I'm not saying it's perfect - nothing is!).
6) Really really pissed about something? Free speech, courts, democracy.
7) Really pissed AND lazy? Use a ccTLD. I hear .ly is cool.
What are people like Sunde proposing? The PR is sensationalist and contradictory, with talk of an alternative root (where would it be located? who would control it?), and a new bittorrent-like protocol (no idea how this could even work).
Anyway, I'm standing up for the status quo. It works phenomenally well.
> You might call DNS "P2P", since anybody can join the network and run their own resolver.
Single point of attack. They shut down your custom resolver, and they shut down your custom naming system. Also this proposal fails in terms of availability and resilience.
Also it's hierarchical P2P, so if you control the root servers, you control the naming system. It is decentralized only to aid availability and resilience.
> the average user doesn't even know it exists.
Those who do, understand that it can be controlled.
> Not happy with something? ICANN is a community.
I want free names for 10 websites. ICANN't get that without paying $7 * 10 per year. Some things are not worth lobbying for, because they are obviously not going to happen.
> Really really pissed about something? Free speech, courts, democracy.
Such a naming system would be outside the immediate control of governments, therefore democracy has nothing to do with it. Indeed, the idea is that you could use this in China and Chechnya too.
> Use a ccTLD. I hear .ly is cool.
This still uses DNS, and does not solve anything.
Peer-to-peer networks are easy to overthrow completely even with a relatively small number of malicious nodes.
> Also it's hierarchical P2P, so if you control the root servers, you control the naming system. It is decentralized only to aid availability and resilience.
ICANN only controls delegation to TLDs.
> I want free names for 10 websites.
I want free beer.
> Such a naming system would be outside the immediate control of governments, therefore democracy has nothing to do with it.
In the real world people care about ownership disputes, protecting trademarks, accountability and other legal matters.
> This still uses DNS, and does not solve anything.
Actually, it does. DNS solves everything just fine.
> I want free beer.
A p2p naming system would use free software and shared computing resources. There are numerous examples of both (GNU and BOINC/Gnutella/Bittorrent respectively.) So striving for a free naming system is not the same as striving for free beer.
> Peer-to-peer networks are easy to overthrow completely even with a relatively small number of malicious nodes.
Not if your p2p model uses a web of trust model like PGP. This is what the proposed model uses.
I don't agree with the proposed model, for what its worth. I think they should be looking at leveraging the work done on semantic free referencing at MIT, instead of the existing name to IP model.
it's amazing how many people i see who use google as their primary resolver, by only using the search function even if they're entering a url.
Also, the phrase "we must do _something_" is often used by politicians to justify stupid laws or contracts that don't help to solve the intended problem, but sometimes make things even worse. That's quite a high price to pay for the publicity shows of certain people.
To me entrepreneurship, startups, community open source software etc. is all about trying new things. Sadly I far too rarely get the feeling that people share this view in forums like this one. Even though the barrier to entry of these types of project are so low, people still rather be "right" than join in or start their own.
Politics is very different from these types of projects, in that the amount of responsibility is far greater. I don't think it's a valid comparison.
Feel free to fork and improve.
Child pornography is basically the trump card of the pro-censorship argument. Nobody is in favour of it, everybody thinks it's awful, even really passionate freedom-of-speech types often think an "except for child pornography" clause is an allowable compromise.
But the truth is that anybody who wants child pornography on the Internet can already get it, if they try hard enough. Many of us who've worked for large web companies are aware that one of the first forms of abuse that happens to any service that allows image uploading is that it starts getting used to distribute child porn. Shutting down domain names will do nothing because the people who deal in this stuff have been having their shit seized and shut down for years already.
By the same token, DNS is not essential to preventing censorship. We can send each other IP addresses through social networks, distribute shortlinks to servers that change every hour, or any one of a hundred other methods.
The balance to strike is: is censorship of material we think legitimate happening often enough right now that we want to make it easier to route around, knowing that doing so will make it harder to censor stuff that we find universally objectionable? A month ago I'd have said no, but today I'm not so sure. And that's a dangerous consequence of the actions the US government is taking in response to these leaks. By cracking down, they risk provoking a revolution that will make it impossible to control these things in future.
Let's face it: we mostly upvote posts we agree with. Then the trouble is, that for the symmetrical acction we must have symmetrical meaning. If I press on the gas and it makes a car to go faster I expect it to go slower when pressing less. If I click up-arrow to express agreement, I expect that down-arrow will express disagreemet.
I wish people will continue to vote down to express disagreement and use "flag" to express lack of the value or inapropriate content.
What about people that make their own kids (I hear humans can do that) and then abuse them? Clearly we should have video cameras in every room to ensure that this doesn't happen.
What if someone, right now, is doing something I don't approve of!? Something must me done!
The issue is whether there is speech that is objectionable, and whether free speech has some sort of nearly universal limit if properly considered (yeling fire in a crowded theater, for example) and whether creating a law-free zone might have unintended consequences.
I don't see how a straw man implying that all laws require draconian enforcement really benefits the conversation. So we let child molesters do as they please because somehow any law enforcement would mean total and constant invasion of privacy? Not sure I follow the leap.
I've also heard pedophiles claim that looking at child porn sates their desire to act out those fantasies, so perhaps fewer children are being harmed? That sounds plausible to me since 'normal porn' works, to some degree, as substitute for sex for many non-pedophiles.
Please reread my posts. I am talking about the bits. The only place where I talked about actual child molesters (child abuse) was to point out a specific false-choice that jrockway put up--that we had to put cameras everywhere to enforce child abuse laws, which really was defeating an argument that no one made--ie, jrockway was the person who brought up actual child abuse, not the bits. He has articulated his position better in other posts now.
Child porn isn't speech, it's evidence -- evidence of a crime that has already taken place. This crime, like other crimes, can and should be prosecuted without any sort of totemic obsession with inanimate copies of the evidence.
In general, censorship of kiddie-porn-as-speech is the greatest favor we can do these criminals. We've already taught them to hide in the real world, and hide well. Now we're teaching them to cover their tracks online.
If a search reveals a video of your child being abused at day camp on the internet, would you want censorship of that video?
jrockway's post below is basically my position as well.
Child porn is illegal because its creation damages the child. Its continued distribution is not the primary problem, the fact that it was created in the first place is. So the solution to child porn is to find it, use good-old-fashioned police work to find who made it, and use the legal system to remove that person's access to children.
No need to break the Internet and restrict free speech for this very-special case. Let's spend the money we want to spend on censoring the Internet on more detectives, so that child abuse can be eliminated!
The same goes for "counterfeit goods" or whatever the DHS used as rationale for seizing domain names. Don't break the Internet; just buy one of the fake watches, ask UPS where it was shipped from, get a warrant, and bust the guys! Right?
(I fear that in the US, though, the problem with child porn is not that children were abused, but that people like something in a sexual way. Consider the person who was mailed a box of comic books that depicted "under-age" children in a sexual context. The government wanted to put him in prison for 15 years. For receiving a box of books.
"Sexting" is another example. It's doubtful that one can abuse one's self, but the government still wants to put people in prison for it.
What I find most amusing is that all people look pretty much alike when naked. I don't understand why naked pictures are such a hot-button political issue. It seems like the government just doesn't really want any depictions of sex [children, adults, tentacles, or otherwise] around at all.
But I digress.)
This wasn't good enough for the RIAA, which shut Napster down completely. This caused the programming community to come up with an un-blockable alternative, and now everyone uses un-blockable encrypted BiTorrent with DHT. If you want something gone, there is nothing you can do short of shutting down the entire Internet.
(It wasn't un-blockable initially, but some greedy ISPs tried to block it, so now it's encrypted UDP instead of cleartext TCP. Now the ISPs can't block it reliably, and they waste their own bandwidth because UDP has no concept of a window size.)
So oops... now it's super-easy for people to distribute child porn, all because the music industry got greedy.
It does not, however, provide any encryption or anonymity for your traffic. All packets are sent in the clear, your real IP address is still shown to all connected peers, etc.; do not rely on an "encrypted" BitTorrent connection to save you from a packet-sniffing fiend because the content you're downloading is not given any extra encryption by an encrypted BT connection, because the connection is not really encrypted in the classical sense, it's just obfuscated so that ISPs can't automatically detect BT traffic and disconnect/throttle/filter. "Encryption" was a bad thing to call BT encryption.
Australia learned the trick and started to do the same. Looked at how screwed it is now.
Don't be naive.
It is indeed a problem. The problem of this problem, though, is that some people are using it as an excuse to create even bigger problems. For all of us. Some experienced this before. We are experiencing it now. People making .P2P are trying to undo these problems.
The real problem of child porno is so small that it is basically a non-issue in practice compared to all the problems that are created to fix it. There should be better ways.
As jrockway points out, let's keep this discussion to the specific issue at hand. If we generalize we go to very undesirable consequences.
-- H. L. Mencken
The FBI? ICANN?
There are always going to be bad things in the world. Maybe we should be trying to focus on the problem at the source (mental health, law enforcement, etc.) and not when it's too late online.
Text/turn-based commenting system already ensure that one has to 'wait' for the other to finish their writing. Down-voting only seems like shouting louder and thus seems unnecessary. The only reasonable excuse is SPAM prevention. For that, however, I think that automated flagging system, that won't influence points, would do just fine. I also try to up-vote any opinions that I do not agree with, but that argument their point well.
Long story short, I think down-voting is unnecessary and even potentially harmful. I don't comment often, so it's not going to happen anytime soon, however I plan to not use my down-vote privileges, once I get them, for any reason at all.
(Actually, I think I'll create greasemonkey script to ensure I won't downvote anyone accidentally.)
That is the answer to the question I was going to ask, namely "what does decentralized DNS even mean?" People throw around the word "decentralized" as a presumed solution to centralized control, but at the end of the day someone has to decide who wins if two different people both claim that microsoft.com points to their server.
Also, "visit mybiz.yo after adding altdns.com as a DNS authority" doesn't exactly have the same ring to it as "visit mybiz.com". It also doesn't fit on the side of a truck, nor is it something that you will ever convince 99.9% of the population to do just to visit a website.
This could all be handled through public key encryption and automatic voting. DNSSEC or similar should be complete and enforced for all zones and lookups.
You would need to compromise over half of the trusted organisations running the root in order to break this system.
So what happens if someone attacks/compromises more than half of these trusted nodes at once with bad data? Is the bad data then the good data
This system relies on the fact that it is difficult to take down lots of independent organisations that are spread around the World at the same time easily.
But if something like that did happen, the organisations would be able to roll back the data as long as more than half of them agreed.
If public key cryptography were used, then you could make it so that only change requests signed with the domain owners private key are accepted and distributed too.
I suspect that if this goes anywhere it will end up much like tor, being used as a censorship circumvention tool rather being installed everywhere by the general public.
Top-Level is anti-web, because the web is not meant to be a top-down system. To me, this is a fundamentally flawed implementation. And why not? In terms of mass web, it was the first. When are first iterations ever correct?
Destinations are IP addresses. We all have em. What you want to call yours should be up to you. Ever since there was a postal service, people could be reached at the address they had. Even phone numbers weren't top-down (area codes), so that you could reach a local address, even it was the same as one in another county, without pre-(or post-) fix. I don't have the solution, but it wouldn't hurt for the public to learn and understand their IP address same as they do their home one.
Google alone, or with the help of other major "linkers", could go a long way in changing our DNS structure, by indexing different systems.
Decentralization is every nerd's dream, aint it? Eventually the serving capacity of consumer devices should be adequate to resolve standardized requests.
I think this holds promise: telehash.org
It all is top-down at the core. (And it kind of has to be, because as much as we think of the Internet as "decentralized", it is a communication network, and so centralized administration is often the most efficient and sane way of doing things.)
Null routing IPs would cause collateral damage, but to block illegal content that the hosts refuse to take down? They might go ahead and do it anyway...
I would still love to see a distributed DNS platform. The issue that needs resolving for a distributed platform is trust. We will always need a trusted authority. That could be split over 50 hosts over 50 countries, but we still need one.
Meaning, centralized DNS system will work just fine, we only need a law prohibiting government blocking or removing domain entries. That is, we need similar prohibition that limits government actions like first amendment.
From what I understand from the dotp2p wiki, there's still going to be a registration party, OpenNIC (which is an existing alternative DNS root that runs .geek, .free, etc. I'm guessing it's a DHT but it would use some public key crypto so that each entry needs to be signed by OpenNIC.
But this still leaves OpenNIC as a central point. It wouldn't be a point of failure, but it would prevent scaling if it was taken over.
There were a bunch of other alternative roots that have taken on ICANN at one point or another, although it's been a long time since I've tried any of them.
It strikes me as a doomed effort unless you can get some ISPs somewhere to buy in and point users towards your root rather than ICANN's. Most users aren't going to change their DNS settings (most probably don't know how), so it seems difficult to achieve any sort of critical mass of users.
The corollary to this demands an answer: are nation states that afraid of information (and the truth that may lurk within) ?