From: Paul Bradley <paul@fatmans.demon.co.uk>
Date: Wed, 14 May 1997 01:22:27 +0800
To: cypherpunks@algebra.com
Subject: Eternity server considerations and musings
Message-ID: <Pine.LNX.3.91.970513165201.835A-100000@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain



I spent some considerable time today thinking about the eternity server
idea proposed, and implemented in alpha stage, by Adam Back.

The main method used by governments around the world so far to attempt to 
censor information has been the use, or proposal of, proxy servers for 
whole countries or jurisdictions.
This method has only thus far been used to censor www connections, and 
has been used to censor specific sites, hence the use of mirroring to 
circumvent government censorship.

To give an overview of the eternity server idea for those who didn`t see 
the original post the idea was that a non existant virtual TLD .eternity 
would be used to access HTML posted to usenet. So to access a site that 
was at say bombmaking.terrorist.com/assasination/killing.html
you would send your browser to:
 
http://bombmaking.terrorist.com.eternity/assasination/killing.html

The assumption being that the distributed nature of usenet would not 
allow censorship.

The proxies idea however can be extended to censor usenet, usenet 
traffic, although pretty huge, is not yet too large to be grep`d for 
keywords (currently around 600mb of traffic a day passes through the 
newsgroups) before being proxied, so a government can run a server which 
first checks to ensure the usenet article is not encrypted (this can be 
done crudely by checking for occurances of common words or by checking 
the redundancy of the text by attempting to compress it) and if it is 
encrypted junks it, if it is plaintext, greps it for keywords like 
"assasination", "anarchy", "porn" etc... then kills the articles that 
have these words in them, the other articles the government does not want 
to censor are put on a main server like news.fourth-reich.de and access 
blocked to all the other news servers.

I know this might seem an unlikely scenario but it is not really when we 
consider the wacky ideas we have seen from governments in recent years, a 
dictatorship like France or Germany might begin implementing this within 
a few years, although the German government has had it`s fingers burnt 
recently with the Radikal fiasco.

What I was considering was the possibility of circumventing proxies 
altogether, this is not an easy question and I could not think of one 
single way to get access, of course one could use and ISP outside of the 
jurisdiction but this incurs internation call charges for dial up users, 
and the gubmint of fascist-regime-N can block telephone access to 
internet POPs outside of their country.

The problem with attempting to prevent censorship of usenet is that we 
cannot mirror it like we can web sites, the web is too huge for a 
government to mirror the whole of the "acceptable" part of it, so 
mirroring sites faster than they can block them is effective, usenet is 
too small to protect in this way, it could be effectively mirrored and 
all other access killed. Of course while we can mirror sites to prevent 
censorship this is almost an academic question, rather than a practical 
one, however, it would be nice to see a more robust system which thwarted 
all attempts to censor without the need for human intervention by 
mirroring sites etc.

I can see no way that a government can censor internal traffic within a 
country, because this need not pass through the proxy, so if we can get a 
copy of a document onto one server within a country all others can access 
it through a virtual URL. However, this is likely to incur the 
displeasure of the authorities in that country and have them knocking at 
the door of the owner of the server holding the document, so we would 
have to have a system for server anonymity. This is all getting very 
complicated ;-)

Anyway, as I have said, I can give no insight here into what is a 
possible solution, I hope that this post might cause someone who does 
have the beginnings of an idea to think about it some more and maybe give 
us a really robust solution to preventing censorship of this kind.
   

        Datacomms Technologies data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: FC76DA85
     "Don`t forget to mount a scratch monkey"