"... Eben Moglen, was putting together a shopping list to rebuild the Internet — this time, without governments and big companies able to watch every twitch of our fingers. ..."
There's a ridiculous amount of a lack of information in that "news" entry.
"Rebuild the Internet"... how? They're evidently not planning on wall-warts to route the Internet. "would decentralize information and power" how, precisely? There's absolutely squat in the article about wtf the thing would do.
But what is it? What does it do? How does it work? I skimmed the article, maybe I missed the answers to these, but seemed precious thin on actual information.
> what stops the government from just getting the ISPs to turn off traffic?
Something like Xnet in Cory Doctorow's Little Brother. A mesh network where you send your requests into the 'mesh' and it encrypts the information and sends it out to the wider internet through exit nodes that are hooked up to ISPs. Were such a network to exist, then the mesh would extend across borders, so E.g. the US government would also have to convince Canada and Mexico to shut down their ISPs as well. The parts of the mesh that connected to Canada and Mexico wouldn't be able to route all casual internet traffic for the entire US, but it would be enough just to get information into (or out of) the country and onto the mesh network. Once on the US portion of the mesh network, the external information could be distributed amongst the nodes since the mesh network is independent of government control. The mesh network would also easily be able to allow people within the country to coordinate things like protests, etc. Shutting down the internet in instances like Egypt isn't necessarily about cutting off access to the outside, it's also about cutting off the ability of the people easily organize themselves en masse.
Mesh networks have never been practical on that scale and a number of recent DS papers (c.f. ACM digital archives) provide no support that it will ever be practical on that scale. Even if all the protocols are rewritten (as they will have to be), it will cost way too much money to switch. I personally believe the entire thing is a giant pipe dream, but whatever keeps people warm at night, I guess.
They don't necessarily need to be at the level of the entire internet. They could just be a series of 'dark-nets,' with some people belonging to more than one. It just needs to: 1) allow people to coordinate on a large/massive scale; 2) allow for information to leak into and out of the country with ease; and 3) be outside of government control (as in no central choke-points; obviously the authorities could bust down your down and forcibly take down your node).
Yes it's pretty simple. If enough people are committed to it, it will work. Which can only be driven by neccesity.
This might not be the case in western countries, right now, but once governments start to mess with communications infrastructure really badly (like happened in Egypt), people will use other, non-centralized ways to communciate.
Also, don't underestimate innovation, back in the 80's many people would think a global computer network that could be used by everyone, and is a big part of daily life, was a pipe dream.
Assuming the goal here is to have the Free Exchange of Information:
Step 1 is to own the hardware that serves up your information.
Step 2 is to own the path that your information travels upon.
You are correct, Step 2 is a significantly more difficult problem to solve, but this does not mean that we should not try to solve Step 1 while we have an opportunity to do so.
I believe IPv6 provides a start for what is necessary to solve Step 2.
IPSec is part of the protocol so these connections can be trusted. Also no NAT issues so connecting directly between trusted 'plugs' may be simpler than with IPv4. May need to start with a mesh network over a mix of paths that you own and paths that you may not.
I have no real world experience implementing IPv6, just been looking into it lately.
I would start thinking about decentralization from the software end, because it's much simpler to change. My #1 item would be decentralized alternative to DNS. Once you decentralize names, the state of a particular physical server stops to matter that much, because you can always point your name to another server Without that you will always have a single choke-point - the server's name.
What you've said doesn't add anything to the conversation. It's roughly equivalent to standing up in the middle of a lecture, yelling "You suck!" and then walking out without any explanation of your own ideas.
Why is his idea flawed? What would it require to succeed? Are there other similar ideas that you think are good? Answering these questions would be interesting. Doing what you did is not.
It's a fantastic idea. What is missing from it is how the infrastructure is and probably always will be under the domain (pun intended) of corporations.
For example, how do we provide "internet access" with these servers? We don't own the fiber; it it gets shut down we're dead in the water. ISPs run the networks and therefore control the content and charge for it as much as they want.
An alternative is state-controlled ISPs--but we all can guess how fun that would be.
I'm trying to think of yet other alternatives, but I'm drawing a blank.
I'm not entirely sure it's possible. We've seen examples of other governments taking down sites because of the way internet protocols work, specifically BGP [1]. I believe some number of the DNS root servers are directly or nearly-directly controlled by the government. Service providers have legal obligations to allow access into their facilities. We're not as bad off as others - some governments do run the ISPs.
I don't see the difference between having encrypted data on a mini-server at your house vs. housed at a provider. If the data was stored centrally and there were few options, it would make the legal process of getting the data easier. With the existing options for hosting data in many different countries, this doesn't seem to be a problem. Even then, you could probably stripe this data across centrally stored hosting solutions and still have a more efficient and secure process than hosting off of a 'Freedom Box'.
Options seem to be:
1. Distributed storage. The storage is striped across these boxes all over, and no single box has any data. Nobody can subpoena the data because of the process involved in getting the information from so many people at once. I think using distributed storage would be very, very difficult with data redundancy, latency, and maintaining security with such high availability and access.
2. Each box is self operating, but managed centrally. Data storage is contained to a single (or few) boxes to simplify data access and speed. This still allows centralized access to the data, and fewer people would be involved in collecting the data. Higher levels of security could be maintained, but legally easier to access.
3. Self managed secure boxes that have a 'cloud' or 'bot' organization of peer-to-peer relationships. Again, these types of systems work today, but there are still centralized servers and most of the workload is still carried by large servers/organizations.
It seems easier to simply make Tor more secure, which is a different debate if that's even possible. The article reads like a lawyer who has some tech experience thinks he has created a magic Internet v2.0 because he's found a way to get around the legal ramifications of privacy without regard to technical ramifications.
The key idea behind the "Freedom box" is to own your logs and not let anyone else infer without your express permission. The idea was discussed in full in his speech, "Freedom In the Cloud" at the NY Internet society, 2010FEB05. You can read speech ~ http://www.softwarefreedom.org/events/2010/isoc-ny/FreedomIn... or listen/watch here ~ http://www.isoc-ny.org/?p=1338