(I've forwarded this to the Freenet chat mailing list, because I feel it's
relevant to the Freenet community).
Hi Bart,
Thanks for your emails advocating the use of an underground/alternative DNS,
such as www.namespace.org.
I feel the need to reply to you in detail, so you may understand the
problems and limitations of such a service.
In short, there will always be a problem when a host address resolves to a
physical IP address, as is the case with the government-controlled DNS, and
with this namespace.org company.
When a physical IP address can be identified as the server for a domain,
anonymity and absolute freedom of expression no longer exists. Your IP
address as good as gives your home address, name, phone number etc.
For example - you have recently escaped from the Church of Scientology, and
uncovered some human rights abuses and even serious criminal practices in
your time there. You want to blow the whistle, but know if it's traced to
you, you could be in serious danger.
First, you try hosting a website in the namespace offered by your ISP. At
least one of two things happens:
1) Church of Scientology (call it CoS) sends legal threat to ISP, alleging
your site infringes copyright. ISP shuts down the site, or
2) Church of Scientology issues a subpoena to your ISP forcing them to
disclose your name and address.
Failure.
Next, you try a 3rd-party free host, like GeoCities or Hypermart. CoS sends
letter to host, who pulls your site almost instantly.
Next, you decide to host the site yourself, and use some kind of name
service - namespace.org, or a hostname-dynamic-IP redirector. CoS traces
the site to your machine, gains your IP address, and legally threatens your
ISP. Your ISP pulls the plug, and possibly exposes you to CoS.
Next, you open a web redirector account, such as www.da.ru, which creates a
fixed URL which can be quickly redirected to point anywhere. You are happy
to create physical accounts as fast as they get taken down. CoS simply
threatens the web redirector service provider, which pulls the plug. Goodbye
fixed URL.
Then, you try Gnutella. Same problem - your physical IP address is revealed.
Last resort? Freenet, possibly using FreeWeb over the top for convenience.
Problem solved. Every time CoS tries to pinpoint your site, it keeps turning
up at different IPs.
Automatically.
CoS are told by the hosting ISPs that CoS's searching for the documents
actually causes the documents to proliferate. CoS tries legal attack on
Freenet developers, and embarasses itself terribly.
Church of Scientology loses.
Freedom of Information wins.
Regards
David
- Original Message -
From: Bart Burkhardt [EMAIL PROTECTED]
To: David McNab [EMAIL PROTECTED]
Sent: Wednesday, May 16, 2001 3:10 AM
Subject: Re: underground dns
Hi Dave,
wow, i have found this ...http://www.namespace.org, this is exactly my,
and
I think also your idea, (because i read some of your postings about a
underground DNS)
I just had a quick look at the site, and they indeed use a DNS switcher
program that checks the URL, if it is not a regular Top Domain Level (.com
.net .org etc.) then resolv the name from a non gov controlled DNS
server..
hmm, but the bad thing is that it is really commercial, they ask $30,- per
year ,
I think this i a very good idea but it should not be in hands of a
commercial organization...
but its interesting, let me know what you think, i just changed my DNS
information and it works just as I expected, just change the first dns
server to one of them and you can resolv this namespace. and also the
regular namespace.
http://namespace.org/admin/ IP addresses list for the alternate
name.space servers
I really would like to know your reaction.
Bart
Original Message -
From: David McNab [EMAIL PROTECTED]
To: bart [EMAIL PROTECTED]
Sent: Tuesday, May 15, 2001 1:15 AM
Subject: Re: underground dns
Hi Bart,
Thanks for your email.
IMO, for an underground DNS to work, you need a network which provides
encrypted, anonymous communication. It must be possible for someone to
create DNS records in such a way that it cannot be traced to such
person,
or
else the person becomes a possible target for legal action or otherwise.
A year ago, I saw ideas to implement an underground DNS through a
Gnutella-type system.
This would be viable, but it would allow servers and their human
operators
to be pinpointed every time via their IP addresses.
I know what I'm talking about here. Some time ago, I was hosting a file
which someone else really didn't want me to host. I used every web trick
in
the book. I even found a dynamic DNS host who refused to terminate
service.
I used web redirectors etc. But every time, my opponent was able to find
the
final IP address of my machine, and legally bluffed my ISP. The irony
was
that the file's copyright status had been successfully challenged in
several
court hearings. But my ISPs weren't interested
