Progress has been made...
Gov't crackdown spurs initiatives to route around DNS
The Net interprets censorship as damage and routes around it
December 7, 2010, 12:57 PM — —
Over the Thanksgiving holiday weekend, US Immigration and Customs Enforcement (ICE), the principal investigative arm of the Department of Homeland Security (DHS), led an alphabet soup of government agencies in seizing the domain names of 82 Web sites (PDF) that ICE said were "engaged in the illegal sale and distribution of counterfeit goods and copyrighted works" (See: Operation In Our Sites v. 2.0). The seizures were accomplished by getting the VeriSign registry, owner of the .com and .net top-level domains, to change the authoritative domain-name servers for the seized domains to servers controlled by DHS.
(More recently, the uproar caused by the WikiLeaks publication of US diplomatic cables — and subsequent attempts to censor the site and/or to hound it off the Internet — have resulted in what developer Dave Winer calls "a human DNS" implemented "in a weird sneaker-net sort of way," via Twitter and ad hoc bulletin-board sites.)
Within days of the ICE/DHS seizures, at least three separate initiatives to work around the DNS had been announced, and several existing alternatives were highlighted in the ensuing discussion. Let's take a look at some of these proposals — two to route around and one to supplant the DNS — and some of the obstacles they face.
1. 4LW: 4 Little Words
This new alt-DNS project got a quick boost from the developer communities at Hacker News and Reddit. The idea is to map each of the four numbers in an IPv4 address to one of 256 "little words," in the Mad Libs-inspired pattern adjective noun verb noun. For example, using an online 4LW generator, 18.104.22.168 (the IP address of the seized domain name torrent-finder.com) becomes simple hair climbs cup. Reddit user armooo created an open source DNS server that returns "A" records using the 4LW protocol. For the example above, visiting http://simple.hair.climbs.cup.4lw.org takes you straight to the site formerly pointed to by the seized domain name. This scheme should continue to work unless 4lw.org itself is compromised, in which case others could copy the source code and put up their own servers; meta-servers could emerge to distribute requests among known 4LW servers; and so on.
2. P2P DNS: Peering Around It
This project has gotten the lion's share of press attention, because it was initially suggested by Peter Sunde, co-founder of The Pirate Bay. The idea is to create a peer-to-peer alternative to the DNS, and beyond that nothing has been announced. Sunde's blog post has garnered over 100 comments, most pledging help and some offering concrete suggestions or pointing out similar efforts across the Net. There are active brainstorms in various media and a code repository, which is currently empty. Sunde has promised a press release soon.
3. Project IDONS: Internet Distributed Open Name System
This proposal is by Lauren Weinstein, one of the early developers of what became the Internet and the long-time moderator of the PRIVACY forum (which predates even the widespread existence of email). Weinstein's vision is of "an alternative Internet name to address mapping system — fully distributed, open source, fault-tolerant, secure, flexible, and not subject to centralized constraints, meddling, and censorship." Other high-level goals include "no central registries, no registrars, no fees nor charges necessary for any name or address operations across IDONS."
Weinstein adds in his introduction to IDONS: "Ad hoc attempts to bypass the existing system (such as those newly proposed by Pirate Bay) are likely to create fragmentation and confusion, and therefore ironically tend to further entrench the existing system… ad hoc won't fly for this."
In an interview, Weinstein told me he has had a "couple of thousand" responses to the IDONS proposal, ranging from substantive technical suggestions to "Yes I'd like to help." Weinstein said, "The point is not just to replace the DNS with another DNS. It's to get out from under a completely limiting condition. Technology is full of these kinds of situations in which we have to get out from under bad early decisions. In the case of DNS, the mistake was centralization. That enables not only censorship, but also the whole gigantic mess that has grown up around domain registrations" — what Weinstein has taken to calling the "domain industrial complex." He continued, "This is not just a technical project, it's an attempt to change the underlying mechanisms we use for names on the Internet. It involves policy and politics as well as technology." And it's likely to be a 10-year effort or longer.
At this point the project does not have a website or a mailing list. Interested parties can contact Weinstein via his blog.
WikiLeaks nearly immune to takedown, says researcher
After DDOS attacks and the loss of its domain name, the WikiLeaks whistleblower site is as potent as ever
By Jaikumar Vijayan
December 8, 2010 07:12 AM ET
Computerworld - Massive network attacks and other punitive actions taken against WikiLeaks over the past few days only appear to have made the site and its contents far more resilient to takedown attempts, a security researcher said.In the 10 days since WikiLeaks began releasing classified cables from the U.S Department of State, wikileaks.org was hit with massive denial of service attacks, the termination of its its domain hosting service, the loss of Amazon.com as a host, and the loss of PayPal, MasterCard and Visa Europe services.
Yet, in what's becoming an interesting case study in Internet resilience, WikiLeaks not only continues to serve up its controversial content, it appears to have bolstered its ability to do so, said James Cowie, chief technology officer at Renesys, an Internet monitoring firm.
Cowie has been tracking the WikiLeaks saga over the past few days and yesterday detailed the whistleblower Website's efforts to stay afloat in the face of growing adversity in a blog post.
After Amazon's actions, WikiLeaks began hosting the wikileaks.org domain with two different ISPs one in France, and another in Sweden, Cowie said. Then a couple of days later, WikiLeaks' DNS provider, EveryDNS, terminated its domain name service.
In response, WikiLeaks established several new country-level domains, such as wikileaks.ch in Switzerland, wikileaks.at in Austria and wikileaks.cc in Cocos Islands. It then pointed the new domains back to existing IP addresses, or began having the new domains hosted with service providers in different countries.
The Swiss site (wikileaks.ch) itself has been heavily reinforced to avoid a repeat of what happened with EveryDNS, Cowie said. To mitigate the possibility of one DNS provider once again shutting off the domain as EveryDNS did, WikiLeaks this time has signed up with separate DNS service providers in eight different countries, including Switzerland, Canada and Malaysia.
rest at link: http://www.computerworld.com/s/article/9200481/WikiLeaks_nearly_immune_to_takedown_says_researcher?taxonomyId=17
Diaspora is an initiative to achieve a internet free of government control:
The internet group Anonymous, having taken on the 'church' of Scientology is coming to the aid of Assange and Wikileaks.org:
Everyone must get on board and support these initiatives. If we can keep our internet we can keep our communications, we can coordinate and that will aid in keeping our food, and our freedom.