218 lines
19 KiB
HTML
218 lines
19 KiB
HTML
<!DOCTYPE html>
|
||
<html><head>
|
||
<meta http-equiv="Content-Security-Policy" content="default-src chrome:; img-src data: *; media-src *">
|
||
<meta content="text/html; charset=UTF-8" http-equiv="content-type">
|
||
<meta name="viewport" content="width=device-width; user-scalable=0">
|
||
<link rel="stylesheet" href="chrome://global/skin/aboutReader.css" type="text/css">
|
||
<script src="chrome://global/content/reader/aboutReader.js"></script>
|
||
<link rel="stylesheet" href="chrome://global/skin/narrate.css"><title>The Mission to Decentralize the Internet</title><link rel="shortcut icon" href="https://www.newyorker.com/favicon.ico"></head>
|
||
|
||
<body class="light sans-serif loaded">
|
||
<div class="container content-width3" style="--font-size:20px;">
|
||
<div class="header reader-header reader-show-element">
|
||
<a class="domain reader-domain" href="https://www.newyorker.com/tech/annals-of-technology/the-mission-to-decentralize-the-internet">newyorker.com</a>
|
||
<div class="domain-border"></div>
|
||
<h1 class="reader-title">The Mission to Decentralize the Internet</h1>
|
||
<div class="credits reader-credits">By Janus KopfsteinDecember 12, 2013</div>
|
||
<div class="meta-data">
|
||
<div class="reader-estimated-time">11-13 minutes</div>
|
||
</div>
|
||
</div>
|
||
|
||
<hr>
|
||
|
||
<div class="content">
|
||
<div class="moz-reader-content line-height4 reader-show-element"><div id="readability-page-1" class="page"><div id="articleBody" data-template="two-column"><div><div><p>In
|
||
the nineteen-seventies, the Internet was a small, decentralized
|
||
collective of computers. The personal-computer revolution that followed
|
||
built upon that foundation, stoking optimism encapsulated by John Perry
|
||
Barlow’s 1996 manifesto “<a href="https://projects.eff.org/~barlow/Declaration-Final.html" target="_blank">A Declaration of the Independence of Cyberspace.</a>”
|
||
Barlow described a chaotic digital utopia, where “netizens” self-govern
|
||
and the institutions of old hold no sway. “On behalf of the future, I
|
||
ask you of the past to leave us alone,” he writes. “You are not welcome
|
||
among us. You have no sovereignty where we gather.”</p><p>This is not
|
||
the Internet we know today. Nearly two decades later, a staggering
|
||
percentage of communications flow through a small set of
|
||
corporations—and thus, under the profound influence of those companies
|
||
and other institutions. Google, for instance, now comprises twenty-five
|
||
per cent of all North American Internet traffic; an <a href="http://news.sky.com/story/1129847/google-outage-internet-traffic-plunges-40-percent" target="_blank">outage</a> last August caused worldwide traffic to plummet by around forty per cent.</p><p>Engineers
|
||
anticipated this convergence. As early as 1967, one of the key
|
||
architects of the system for exchanging small packets of data that gave
|
||
birth to the Internet, Paul Baran, <a href="http://www.nationalaffairs.com/public_interest/detail/the-future-computer-utility" target="_blank">predicted</a>
|
||
the rise of a centralized “computer utility” that would offer computing
|
||
much the same way that power companies provide electricity. Today, that
|
||
model is largely embodied by the information empires of Amazon, Google,
|
||
and other cloud-computing companies. Like Baran anticipated, they offer
|
||
us convenience at the expense of privacy.</p><p>Internet users now
|
||
regularly submit to terms-of-service agreements that give companies
|
||
license to share their personal data with other institutions, from
|
||
advertisers to governments. In the U.S., the Electronic Communications
|
||
Privacy Act, a law that predates the Web, allows law enforcement to
|
||
obtain without a warrant <a href="http://www.propublica.org/special/no-warrant-no-problem-how-the-government-can-still-get-your-digital-data" target="_blank">private data</a> that citizens entrust to third parties—including <a href="https://www.aclu.org/technology-and-liberty/modernizing-electronic-communications-privacy-act-ecpa" target="_blank">location data</a>
|
||
passively gathered from cell phones and the contents of e-mails that
|
||
have either been opened or left unattended for a hundred and eighty
|
||
days. As Edward Snowden’s leaks have shown, these vast troves of
|
||
information allow intelligence agencies to focus on just a few key
|
||
targets in order to monitor large portions of the world’s population.</p><p>One of <a href="http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html" target="_blank">those leaks</a>, reported by the Washington <em>Post</em>
|
||
in late October, revealed that the National Security Agency secretly
|
||
wiretapped the connections between data centers owned by Google and
|
||
Yahoo, allowing the agency to collect users’ data as it flowed across
|
||
the companies’ networks. Google engineers <a href="http://www.theverge.com/2013/11/6/5072924/google-engineers-issue-fuck-you-to-nsa-over-surveillance-scandal" target="_blank">bristled</a>
|
||
at the news, and responded by encrypting those connections to prevent
|
||
future intrusions; Yahoo has said it plans to do so by next year. More
|
||
recently, Microsoft <a href="https://blogs.technet.com/b/microsoft_blog/archive/2013/12/04/protecting-customer-data-from-government-snooping.aspx" target="_blank">announced</a>
|
||
it would do the same, as well as open “transparency centers” that will
|
||
allow some of its software’s source code to be inspected for hidden back
|
||
doors. (However, that privilege appears to only extend to “government
|
||
customers.”) On Monday, <a href="http://reformgovernmentsurveillance.com/" target="_blank">eight major tech firms</a>, many of them competitors, united to demand an overhaul of government transparency and surveillance laws.</p><p>Still, an air of distrust surrounds the U.S. cloud industry. The N.S.A. collects data through <a href="http://www.washingtonpost.com/blogs/the-switch/wp/2013/10/30/prism-already-gave-the-nsa-access-to-tech-giants-heres-why-it-wanted-more/" target="_blank">formal arrangements</a> with tech companies; <a href="http://www.theverge.com/2013/8/8/4602104/nsa-searches-contents-of-most-communications-entering-and-leaving-us" target="_blank">ingests Web traffic</a> as it enters and leaves the U.S.; and <a href="http://www.newyorker.com/online/blogs/elements/2013/09/the-nsa-versus-encryption.html">deliberately weakens</a>
|
||
cryptographic standards. A recently revealed
|
||
(http://www.nytimes.com/interactive/2013/11/23/us/politics/23nsa-sigint-strategy-document.html)
|
||
detailing the agency’s strategy specifically notes its mission to
|
||
“influence the global commercial encryption market through commercial
|
||
relationships” with companies developing and deploying security
|
||
products.</p><p>One solution, espoused by some programmers, is to make
|
||
the Internet more like it used to be—less centralized and more
|
||
distributed. Jacob Cook, a twenty-three-year-old student, is the brains
|
||
behind <a href="https://arkos.io/" target="_blank">ArkOS</a>, a
|
||
lightweight version of the free Linux operating system. It runs on the
|
||
credit-card-sized Raspberry Pi, a thirty-five dollar microcomputer
|
||
adored by teachers and tinkerers. It’s designed so that average users
|
||
can create personal clouds to store data that they can access anywhere,
|
||
without relying on a distant data center owned by Dropbox or Amazon.
|
||
It’s sort of like buying and maintaining your own car to get around,
|
||
rather than relying on privately owned taxis. Cook’s mission is to “make
|
||
hosting a server as easy as using a desktop P.C. or a smartphone,” he
|
||
said.</p><p>Like other privacy advocates, Cook’s goal isn’t to end
|
||
surveillance, but to make it harder to do en masse. “When you couple a
|
||
secure, self-hosted platform with properly implemented cryptography, you
|
||
can make N.S.A.-style spying and network intrusion extremely difficult
|
||
and expensive,” he told me in an e-mail.</p><p>Persuading consumers to
|
||
ditch the convenience of the cloud has never been an easy sell, however.
|
||
In 2010, a team of young programmers announced Diaspora, a
|
||
privacy-centric social network, to challenge Facebook’s centralized
|
||
dominance. A year later, Eben Moglen, a law professor and champion of
|
||
the Free Software movement, proposed a similar solution <a href="https://freedomboxfoundation.org/learn/" target="_blank">called the Freedom Box</a>.
|
||
The device he envisioned was to be a small computer that plugs into
|
||
your home network, hosting files, enabling secure communication, and
|
||
connecting to other boxes when needed. It was considered a call to
|
||
arms—you alone would control your data.</p><p>But, while both projects
|
||
met their fund-raising goals and drummed up a good deal of hype, neither
|
||
came to fruition. Diaspora’s team fell into disarray after a
|
||
disappointing beta launch, personal drama, and the appearance of new
|
||
competitors such as Google+; apart from some <a href="http://www.privoxy.org/" target="_blank">privacy software</a> released last year, Moglen’s Freedom Box has yet to materialize at all.</p><p>“There
|
||
is a bigger problem with why so many of these efforts have failed” to
|
||
achieve mass adoption, said Brennan Novak, a user-interface designer who
|
||
works on privacy tools. The challenge, Novak said, is to<span data-page="page_final"></span>
|
||
make decentralized alternatives that are as secure, convenient, and
|
||
seductive as a Google account. “It’s a tricky thing to pin down,” he
|
||
told me in an encrypted online chat. “But I believe the problem exists
|
||
somewhere between the barrier to entry (user-interface design, technical
|
||
difficulty to set up, and over-all user experience) versus the
|
||
perceived value of the tool, as seen by Joe Public and Joe Amateur
|
||
Techie.”</p><p>One of Novak’s projects, Mailpile, is a crowd-funded
|
||
e-mail application with built-in security tools that are normally too
|
||
onerous for average people to set up and use—namely, Phil Zimmermann’s
|
||
revolutionary but never widely adopted <a href="http://www.newyorker.com/online/blogs/elements/2013/11/the-daunting-challenge-of-secure-e-mail.html">Pretty Good Privacy</a>.
|
||
“It’s a hard thing to explain…. A lot of peoples’ eyes glaze over,” he
|
||
said. Instead, Mailpile is being designed in a way that gives users a
|
||
sense of their level of privacy, without knowing about encryption keys
|
||
or other complicated technology. Just as important, the app will allow
|
||
users to self-host their e-mail accounts on a machine they control, so
|
||
it can run on platforms like ArkOS.</p><p>“There already exist deep and
|
||
geeky communities in cryptology or self-hosting or free software, but
|
||
the message is rarely aimed at non-technical people,” said Irina
|
||
Bolychevsky, an organizer for <a href="http://redecentralize.org/" target="_blank">Redecentralize.org</a>, an advocacy group that provides support for projects that aim to make the Web less centralized.</p><p>Several of those projects have been inspired by Bitcoin, <a href="http://www.newyorker.com/online/blogs/elements/2013/04/the-future-of-bitcoin.html">the math-based e-money</a> created by <a href="http://www.newyorker.com/reporting/2011/10/10/111010fa_fact_davis">the mysterious Satoshi Nakamoto</a>. While the peer-to-peer technology that Bitcoin employs isn’t novel, many engineers consider <a href="http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/" target="_blank">its implementation</a>
|
||
an enormous technical achievement. The network’s “nodes”—users running
|
||
the Bitcoin software on their computers—collectively check the integrity
|
||
of other nodes to ensure that no one spends the same coins twice. All
|
||
transactions are published on a shared public ledger, called the “block
|
||
chain,” and verified by “miners,” users whose powerful computers solve
|
||
difficult math problems in exchange for freshly minted bitcoins. The
|
||
system’s elegance has led some to wonder: if money can be decentralized
|
||
and, to some extent, anonymized, can’t the same model be applied to
|
||
other things, like e-mail?</p><p><a href="http://bitmessage.org/" target="_blank">Bitmessage</a>
|
||
is an e-mail replacement proposed last year that has been called the
|
||
“the Bitcoin of online communication.” Instead of talking to a central
|
||
mail server, Bitmessage distributes messages across a network of peers
|
||
running the Bitmessage software. Unlike both Bitcoin and e-mail,
|
||
Bitmessage “addresses” are cryptographically derived sequences that help
|
||
encrypt a message’s contents automatically. That means that many
|
||
parties help store and deliver the message, but only the intended
|
||
recipient can read it. Another option obscures the sender’s identity; an
|
||
alternate address sends the message on her behalf, similar to the
|
||
anonymous “re-mailers” that arose from the cypherpunk movement of the
|
||
nineteen-nineties.</p><p>Another ambitious project, Namecoin, is a P2P
|
||
system almost identical to Bitcoin. But instead of currency, it
|
||
functions as a decentralized replacement for the Internet’s Domain Name
|
||
System. The D.N.S. is the essential “phone book” that translates a Web
|
||
site’s typed address (<a href="http://www.newyorker.com/">www.newyorker.com</a>)
|
||
to the corresponding computer’s numerical I.P. address (192.168.1.1).
|
||
The directory is decentralized by design, but it still has central
|
||
points of authority: domain registrars, which buy and lease Web
|
||
addresses to site owners, and the U.S.-based <a href="http://www.icann.org/" target="_blank">Internet Corporation for Assigned Names and Numbers</a>, or I.C.A.N.N., which controls the distribution of domains.</p><p>The
|
||
infrastructure does allow for large-scale takedowns, like in 2010, when
|
||
the Department of Justice tried to seize ten domains it believed to be
|
||
hosting child pornography, but <a href="http://arstechnica.com/tech-policy/2011/03/ars-interviews-rep-zoe-lofgren/" target="_blank">accidentally took down eighty-four thousand innocent Web sites in the process</a>.
|
||
Instead of centralized registrars, Namecoin uses cryptographic tokens
|
||
similar to bitcoins to authenticate ownership of “.bit” domains. In
|
||
theory, these domain names can’t be hijacked by criminals or blocked by
|
||
governments; no one except the owner can surrender them.</p><p>Solutions
|
||
like these follow a path different from Mailpile and ArkOS. Their
|
||
peer-to-peer architecture holds the potential for greatly improved
|
||
privacy and security on the Internet. But existing apart from commonly
|
||
used protocols and standards can also preclude any possibility of
|
||
widespread adoption. Still, Novak said, the transition to an Internet
|
||
that relies more extensively on decentralized, P2P technology is “an
|
||
absolutely essential development,” since it would make many attacks by
|
||
malicious actors—criminals and intelligence agencies alike—impractical.</p><p>Though
|
||
Snowden has raised the profile of privacy technology, it will be up to
|
||
engineers and their allies to make that technology viable for the
|
||
masses. “Decentralization must become a viable alternative,” said Cook,
|
||
the ArkOS developer, “not just to give options to users that can
|
||
self-host, but also to put pressure on the political and corporate
|
||
institutions.”</p><p>“Discussions about innovation, resilience, open
|
||
protocols, data ownership and the numerous surrounding issues,” said
|
||
Redecentralize’s Bolychevsky, “need to become mainstream if we want the
|
||
Internet to stay free, democratic, and engaging.”</p><p><em>Illustration by Maximilian Bode.</em></p></div></div></div></div></div>
|
||
</div>
|
||
|
||
<div>
|
||
<div class="reader-message"></div>
|
||
</div>
|
||
</div>
|
||
|
||
<ul class="toolbar reader-toolbar">
|
||
<li><button class="button close-button" title="Close Reader View"></button></li>
|
||
<ul class="dropdown style-dropdown">
|
||
<li><button class="dropdown-toggle button style-button" title="Type controls"></button></li>
|
||
<li class="dropdown-popup">
|
||
<div class="font-type-buttons"><button class="sans-serif-button selected"><div class="name">Aa</div><div class="description">Sans-serif</div></button><button class="serif-button"><div class="name">Aa</div><div class="description">Serif</div></button></div>
|
||
<hr>
|
||
<div class="font-size-buttons">
|
||
<button class="minus-button" title="Decrease Font Size">
|
||
</button><button class="font-size-sample">Aa</button><button class="plus-button" title="Increase Font Size">
|
||
</button></div>
|
||
<hr>
|
||
<div class="content-width-buttons">
|
||
<button class="content-width-minus-button" title="Decrease Content Width">
|
||
</button><button class="content-width-plus-button" title="Increase Content Width">
|
||
</button></div>
|
||
<hr>
|
||
<div class="line-height-buttons">
|
||
<button class="line-height-minus-button" title="Decrease Line Height">
|
||
</button><button class="line-height-plus-button" title="Increase Line Height">
|
||
</button></div>
|
||
<hr>
|
||
<div class="color-scheme-buttons"><button class="light-button selected" title="Color Scheme Light"><div class="name">Light</div></button><button class="dark-button" title="Color Scheme Dark"><div class="name">Dark</div></button><button class="sepia-button" title="Color Scheme Sepia"><div class="name">Sepia</div></button></div>
|
||
<div class="dropdown-arrow">
|
||
</div></li>
|
||
</ul>
|
||
<ul class="dropdown narrate-dropdown"><li><button class="dropdown-toggle button narrate-toggle" title="Narrate"></button></li><li class="dropdown-popup"><div class="narrate-row narrate-control"><button class="narrate-skip-previous" disabled="disabled" title="Back"></button><button class="narrate-start-stop" title="Start"></button><button class="narrate-skip-next" disabled="disabled" title="Forward"></button></div><div class="narrate-row narrate-rate"><input class="narrate-rate-input" value="0" step="5" max="100" min="-100" type="range" title="Speed"></div><div class="narrate-row narrate-voices"><div class="voiceselect voice-select"><button class="select-toggle" aria-controls="voice-options">
|
||
<span class="label">Voice:</span> <span class="current-voice">Default</span>
|
||
</button>
|
||
<div class="options" id="voice-options" role="listbox"><button data-value="automatic" class="option selected" tabindex="-1" role="option" aria-selected="true">Default</button><button data-value="urn:moz-tts:speechd:English_(Caribbean)?en-029" class="option" tabindex="-1" role="option">en (en-029)</button><button data-value="urn:moz-tts:speechd:English_(Lancaster)?en-GB" class="option" tabindex="-1" role="option">en (en-GB)</button><button data-value="urn:moz-tts:speechd:English_(Received_Pronunciation)?en-GB" class="option" tabindex="-1" role="option">en (en-GB)</button><button data-value="urn:moz-tts:speechd:English_(West_Midlands)?en-GB" class="option" tabindex="-1" role="option">en (en-GB)</button><button data-value="urn:moz-tts:speechd:English_(Great_Britain)?en-GB" class="option" tabindex="-1" role="option">en (en-GB)</button><button data-value="urn:moz-tts:speechd:English_(Scotland)?en-GB" class="option" tabindex="-1" role="option">en (en-GB)</button><button data-value="urn:moz-tts:speechd:English_(America)?en-US" class="option" tabindex="-1" role="option">en (en-US)</button></div></div></div><div class="dropdown-arrow"></div></li></ul><button data-buttonid="pocket-button" class="button pocket-button" style="background-image: url("chrome://pocket/content/panels/img/pocket-outline.svg"); background-size: 20px 20px;" title="Save to Pocket"></button></ul>
|
||
|
||
|
||
|
||
|
||
</body></html> |