[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fighting the cybercensor.
-----BEGIN PGP SIGNED MESSAGE-----
"Phillip M. Hallam-Baker" <[email protected]> writes:
> Mission:
>
> Singapore and China are blocking certain net groups. I think
> this is a bad thing, question is how can we stop it? The Web
> was conceived as offering despots and dictators a choice
> between remaining in the dark ages and allowing freedom of
> speech. Blocking and filtering schemes threaten this ideal.
>
>
> Requirements:
>
> A scheme which makes blocking of individual IP addresses
> impractical.
<snip>
> Considerations:
> [i.e. areas needing brainstorming]
>
> 1) Copyright. Clearly copyright holders such as CNN etc would
> need to be involved. Although proxies have long been a part of
> the Web and the scheme does not threaten their interests it would
> be as well to get them on board at an early stage.
I believe that the new copyright regs explicitly allow web surfing.
Copyright should not be an issue, I think. IANAL.
> 2) How can one prevent the proxies themselves being blocked? Some
> ideas that come to mind:
>
> 2a) Only issue new sites gradually so that blocking requires
> continuous updates.
>
> 2b) Use DHCP to change network addresses regularly.
>
> 2c) Some crypto hack I can't quite work out (hence the post to
> cypher punks). I can phrase the challenge more compactly though.
> We have two sets of opposed groups A and M. The A group wish to
> establish a continued conversation with groups B and C. M is
> willing to permit communication with group B but not C. Whenever
> M discovers that a member of group B is willing to act on behalf
> of group C, M transfers that member to the C group.
>
> The problem is to keep A's channels of communication open despite
> the efforts of M for very large group sizes.
>
> I'm not sure if this is a pure crypto challenge or a game theory
> problem.
Secure connections from proxy to client would eliminate driftnet
scanning. That's probably about all the crypto.
One idea would to put /cgi-bin/redirect in all the distributions of
apache, apache-SSL, etc. That way, anyone who cared at all about
privacy or was clueless would have an anonymizer on their web server.
People who really cared could run web spiders that looked for sites
with the redirect, and have cgi-bins that returned a randomized list
of 10 or so. They could periodically post the list to semi-relavent
newsgroups.
The idea here is to reduce the chance of a denial of service attack
against the anonymizer pool. The points of attack that I can think of
are:
1) Filter out out anonymized connections.
Crypto helps solves this one. Of course, then the evil empire
filters out crypto, but that's bad for business.
2) Make the list of anonymizers dissappear
This is a bit easier for the bad guys. Stego could help solve
the problem, especially if combined with crypto. (i.e stego
the list, encrypted with a few key underground folks public
keys, into a pic of the great wall of china or something.
3) Make it illegal to use anonymizers and enforec randomly.
FUD. I dunno how to solve this one. Put anphetamines in the
water supply?
> Comments? If people are willing to work on this I can provide
> some facilities and act as a media contact.
Distribution wins.
(BTW, look at www.anonymizer.com)
Jer
"standing on top of the world/ never knew how you never could/ never knew
why you never could live/ innocent life that everyone did" -Wormhole
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQB1AwUBMuZwuMkz/YzIV3P5AQEb5gL/aOgddVJ91jtZUPrDcsnqdhOFpKLx1IAH
UMZi+HkdB+ZUsRhLxCSy0enpqxikwyFVOMINSr3uLRtYSIcuPK2JFdSACI79yISk
7oZWxwTO5TDMYtbBRAAZv/d9VyCT/EVE
=OIEP
-----END PGP SIGNATURE-----