from sunglocto@lemmy.dbzer0.com to fediverse@lemmy.world on 28 Jul 22:58
https://lemmy.dbzer0.com/post/49982566
I’m sure I’d be preaching to the choir if I told you that it’s time for us to immigrate from übercorp owned social media and services. All of you have done so, so that’s not the point of this post. Even though we are on these new platforms, the fediverse is still sensitive to requests from governmental bodies and organizations. Lemmy.zip has already blocked UK users and Lemmy.world will almost certainly do the same. Due to the size of Matrix’s biggest homeserver matrix.org, the admins of said homeserver are beginning to follow the OSA and have already raised their minimum age to 18+. And instances who don’t follow the Act could be subjected to insurmountable paperwork and even blocked from the UK, Australia and other countries enacting these outrageous laws soon.
Blocking UK users to avoid this is almost a necessity, and as Labour is attempting to get lawmakers to outlaw VPNs, we could be seeing the equivalent of the UK Great Firewall soon. However, it will take significant amounts of time, money and paperwork to outlaw VPNs and to get ISPs to block sites and protocols. This is where federated and open source platforms have an advantage, without being shackled by bureaucracy they are able to quickly adapt. But this is not sustainable, and eventually the UK will become even more overreaching in order to gain more control over people’s Internet usage.
Darknets such as Tor, I2P and Yggdrasil are a potential solution, however they have multiple issues. Tor is slow and has a reputation of being used by pedophiles and drug traffickers. I2P is scattered in implementation and cannot handle high load. Yggdrasil is alpha software and requires IPv6, which in many countries is simply not possible to use. Whilst these darknets are extremely resistant to censorship from other countries, with the only way to fully dismantle them would be to shutoff all access to the Internet, they still are not capable of handling modern Internet usage.
We might need new completely independent mediums seperate from the Internet to avoid this. Physical bluetooth mesh networks or other technology is an example. Maybe even a new version of dial-up. All I know is that governments will not stop here. I might seem like I’m overreacting here, but we need to be prepared for what is coming.
CORRECTION: I was told by a peer that Yggdrasil peers must have IPv6, however one does not need an IPv6 enabled network to use it, they just need an IPv6 operating system/device, which virtually every modern operating system including Windows and Linux does. Yggdrasil is actually Beta software.
threaded - newest
We need to start our own Internet with black Jack and hookers.
You can’t have hookers without copious amounts of cocaine.
Your proposal is acceptable.
I think he said that’s Tor.
you know what, forget the Internet!
I2P is basically this
Yep, the answer to many of these problems is I2P.
TOR was invented by the US Navy, roughly 1/3 of major entry/exit nodes are estimated to be comprimised / run as honeypots by various LE / Intel agencies, and said LE and Intel agencies also know how to, and have deanonimyed various people and groups on TOR that they really wanted to go after.
TOR ain’t it.
I2P is a lot closer to ‘it’.
The other part of the answer is:
Well, now it turns out data hoarders were not just paranoid weirdos, they actually had foresight.
If you can host your own at least several terabyte mini/curated backup of the Internet Archive, and plug that into I2P, then congrats, you now are the backup plan for when, not if, they get massively purged of even more of their content than has already been taken out in the last ~2 years.
The old cyberpunk line holds true in another sense of meaning:
The future is already here, it just isn’t evenly distributed.
Wi-Fi mesh might be possible with neighbors, but mitm is extremely likely. Also, a non-Internet-routing protocol will need to be invented as I do not want possibly liable traffic to run over the clear web without some kind of tunnel.
Mitm isn’t really a concern anymore as almost everything has SSL now.
Who’s gonna control the CAs though? Or root dns? there are alternative p2p versions, but I haven’t seen any good ones yet…
Well that’s the issue with the internet as a whole. How does i2p and tor handle things?
SSL is safe when the initial key exchange happens ahead of time. If the the threat actor can capture the key exchange and substitute their own, then the security is broken.
That’s why we have key authorities
While not secure it could still provide a free and censorship-less alternative to the internet
Get offline. Live local.
Ew
Why not both?
…as in… like… LAN?
Hear me out, what if we take that LAN idea, but make it wider than just a Local thing? It could be of Metropolitan size, even the whole World. And machines there would be interconnected in a very big network. We could distribute our porn there without uploading our ids. We could even make the fediverse work there.
The existence of Wide Area Network implies Narrow Area Network.
You may be looking for The Promised LAN.
There’s no place like 127.0.0.1
This tech we all use is advancing exponentially.
And we must be ready to embrace the dizzying changes in the next few years so that we can improve our lives and have better governments.
Besides being slow I think the issues with darkweb can be overcome simply through general interest growing. Currently I personally have no real motivation to use such technologies beyond the decentralized fediverse on clearnet. But if things keep going the way they are, then I'll have motivation. I'm into digital media archiving so if that gets pushed further underground then I will have reason to bother.
I am paying attention of course, Canada is likely to copy cat EU/UK/AUS. Just as a general rule of thumb, but this stuff is in the works here too specifically.
Another thing to consider: https://handshake.org/
"Decentralized naming and certificate authority. An experimental peer-to-peer root naming system."
meshtastic
Lora is typically 50k max (theoretical 256k). So less than dial up speed.
It is in no way a replacement technology for wifi.
Obviously the solution is to have thousands of nodes per file transfer to increase the bandwidth.
This is a perfect plan which has absolutely no downsides.
Only one node can be transmitting at once, or signals can be lost, so nodes automatic hold back until the channel is clear. Meshtastic seems reliant on having as little traffic as possible, with the way ot works right now, it can easily be overwhelmed.
Meshtastic can’t even keep more than a few hundred nodes in memory…
It sucks that literally using something that should be the default, truly protecting privacy, has such a bad reputation because… well it protects privacy.
This is honestly the best reputation a technology like this could have imo, because it very clearly shows that it does work
Seriously. The reason CSAM merchants and drug dealers use Tor is because it actually protects their privacy successfully. Whereas, if you're using a VPN or whatever cobbled-together solution, the feds just have a hearty laugh about it, send a subpoena by email or use some automated system that's even more streamlined, and then come and find you.
Tor is not bulletproof; they regularly run operations where they take down some big illegal thing on the dark web. But they have to do an operation for it, and if there were any solution that was any better, that thing would be even more infested with illegal material than "the dark web" is. That's just how it works. And listening to the newspapers when they tell you that it's a sign you need to stay away from those actually-effective solutions because "terrorism!" or whatever is a pretty foolish idea.
That tends to be more due to bad opsec than Tor itself, though.
Yeah. As far as I know, there are some theoretical state-actor attacks, but nothing that anyone's ever been able to make work in practice. Compromising something else is just always easier.
It was literally designed by professional spies to be resistant against state intelligence agencies. It was originally made by US intelligence for secret communication with their assets, and only released to the public when they realized they needed a bunch of additional traffic on the network that the US intelligence traffic can blend in with. At least as of the Snowden leaks (which showed NSA compromise of huge amounts of the internet including most HTTPS traffic), they hadn't figured out a way to undo it for their own spying purposes, either.
Not all VPNs store enough user info for feds to be able to find anything useful on their servers.
I've literally never in my life heard of "this person was doing (whatever), but they were behind a VPN, so we had to do (whatever elaborate sting operation) instead of compromising the VPN." I've heard that many times about Tor.
It's possible that no one's ever done something significant enough to make the feds interested from behind a VPN, just always used Tor, but I feel like it is unlikely. I feel like it's more likely that they either have the ability to force the VPN companies to comply with some legal structures that give them the info they need, or else just wiretap the pipes going in and out of the VPN servers and can sort things out pretty straightforwardly if they really start to care about it.
VPNs are certainly useful; they make it a lot more difficult for non-law-enforcement people to know what you're up to, which is a significant gain, and they are faster and generally more convenient than using Tor. But if you're actually concerned about the government, I would use Tor 100% of the time over a VPN.
I dont think most people need a security model that is fed proof. Thats a pretty extreme level of privacy and most people would break it by yappign about their life to much.
Well, but we're talking about how to prepare for the future where it does need to be fed proof. At some point, I think pretty soon from now in some places, it's going to become necessary to either break the rules of the internet in ways that can actually get you in trouble, or accept that you have to do things like upload your ID to all these places, agree not to access certain types of content the government doesn't want you looking at, not say certain political things on social media or else you're going on a list, things like that.
I think option A is probably better and it probably makes sense to start to think about, how are we going to do that and not have the expanded-and-mission-creeped version of ICE showing up at your door for it to give you a citation or worse, a year from now.
Right now, yes, a VPN is fine. But that's only true for as long as the government doesn't strongly dislike anything that you are doing.
That reputation has entirely been created by the media frenzy over busting the worst kinds of criminals.
Oh they’re all using the same technology? Yeah of course they are, because that’s the technology that works the best. It has so many fucking use cases.
Funny that the media frenzy is hitting a fever pitch just as we most desperately need powerful tools for opposing fascism. Almost like that’s not really a coincidence.
Paper money is slow and has a reputation of being used by pedophiles and drug traffickers.
A lot of inert things are used in bad ways.
We need to install fusion rockets on the far-side of the moon and crash it into Earth! All Problems solved!
Frankly, the answer should be for every site to just cut the UK off entirely. Let them have their own little North Korean style micronet. Maybe when the people of the UK can’t visit anything but a bunch of miserable English websites, they will get off their asses and elect competent leaders. If not, well maybe they’re just not the sort of people we should allow access to the global communications network. Let the barbarians stew in their own barbarism.
The EU is following in a not far future.
Maybe we aren’t meant to have things, we just had a lucky period, but the default state is total depravation.
The longer you hold onto things that aren’t yours, the more you will suffer.
If only it was not counter to the very human nature
It does not matter what human nature is, we don’t get a say in what we get.
Tech corporations own most popular and visited websites/services, they are not going to do it. That said you have countries with major websites blocked like russia or china, while it upset many people censored internet is also a strong tool to brainwash people so don’t assume a blockage would lead to a positive outcome.
Maybe things will go back too when the internet was a less decentralized and more for a select few who were interested? Personally that’s when I enjoyed the internet the most. Were message boards reigned supreme and chatrooms were filled with 30 year men pretending to be women. Actually that last part hasn’t changed
Two days from now there’s a seminar happening in the capital city of my country on a technology called mesh/meshtastic(?). They claim to have found a way to send messages in blackout conditions.
I’ts difficult to find resources but here’s a blogpost about it: blog.liamcottle.com/…/getting-started-with-meshta…
Not saying this is our solution, but I think these sorts of ideas and re-imaginings are what we ought to be in the pursuit of right now.
Have you checked out mander.xyz/c/meshtastic ?
I just ordered a couple of meshtastic transceivers. Here’s what it is:
LoRa is a patented radio technique that uses some kind of fancy spread spectrum technique to give very low power sub-GHz UHF radio somewhat impressive range. We’re used to a single Wi-Fi access point being able to cover about the size of a large-ish house with wireless data. I can’t pick up my house Wi-Fi in my workshop at the back of my suburban property. LoRa manages to reach out several miles on the same amount of power as a Wi-Fi signal. The tradeoff is bandwidth. A typical Wi-Fi connection can stream video, LoRa isn’t really practical for much more than text messaging. It is my understanding that it’s designed to do things like industrial telemetry.
On top of this is built Meshtastic, an open source mesh networking protocol. You buy a little circuit board that’s got a microcontroller, a LoRa transceiver and a bluetooth transceiver. You flash the Meshtastic firmware to it, and now it is a “node.” “Nodes” can be configured in several ways, but in general they’ll sit there and scream into the void looking for other nodes. Messages sent are like “Tell John I say hello. Pass this on Three times.” If your node hears that message, it will automatically transmit “Tell John I say hello. pass this on Two times.” So in that way, nodes can automatically act as repeaters.
So they have astonishing range for their band and power, and the automatic relaying of messages means a message can propagate pretty far. Mind you, it has limitations similar to old school SMS; a message is pretty strictly limited to something like 288 characters, including emoji.
Many “nodes” don’t have much of an onboard UI; some do but the main intended way for the user to access a node is over bluetooth from the Meshtastic app running on an Android or iOS device. Some units do have onboard UIs or can host a web interface accessed via wi-fi or ethernet.
Meshtastic essentially forms an ad-hoc off-grid SMS-like service. The bandwidth is simply too low to allow anything like web hosting, audio or video. At a ham convention, several hundred nodes saturated the available bandwidth just with procedural pings leaving no room for actual traffic.
Encryption is permitted on this network, I wouldn’t exactly plan a coup over Meshtastic but I think I could coordinate meeting friends at a restaurant without being stalked.
If your project is to abandon the internet, this may be one of many tools necessary.
Woah thats insane, thanks for the summary. The stuff I had been reading about it was a bit dense for me as someone with 0 background in radio.
Maybe I’ll get one and become a node
Yeah I hold a general class amateur radio license, and that’s helped me wrap my head around how it works. And I’ve still got a lot of "somehow"s in my understanding.
The official website has a lot of good resources. You can burn the firmware into the devices directly from there.
Trouble is, there is little that can be done.
Enough folks drank the coolaid, and now we’re stuck with surveillance laws masquerading as child protection laws.
Those laws can, and will, get worse over time. However, new mediums will arise, or old ones will rise to the occasion (IRC goes brr). The main thing to do is remain calm, make it a key voter issue, and watch the bastards fold right before the next election.
What’s your plan to make it a key voter issue? Lamenting about it on censored internet?
We need bulletproof alternatives and solutions.
XMPP has been brring for a while now.
You say that like the UK all sat down in a room and most of the country said “please censor me”.
It’s always about trust in your government. As a Slovakian, I don’t believe mine.
For clarity, lemmy.zip had blocked them months ago because the owner of lemmy.zip is based in the UK and theoretically could actually be fined. This is not the same situation as lemmy.world.
Guess they need to work on their authoritarian hellhole of a country.
~American
Americans arent exactly in a great position to judge right now.
These are incompatible statements lol
Tor is fine, I'm looking at this on Tor Browser right now. I would say the jank level is about 20%. Quokk.au, actually, for some weird reason has significant problems with it (significant slowness and sometimes refuses to load a page). I actually have no idea what's going on with that, but it and I think one other site are the only Fedi sites that have any kind of problem at all. The majority (but not all) news sites and things work fine. Some things do not and I have to bounce over to some normal browser. The jank level is definitely not 0, but it's bearable.
I actually do agree about needing to set up a better architecture overall. Tor is an extremely special-purpose architecture for one thing only (near-bulletproof privacy and firewall traversal even against extremely aggressive government attempts to defeat both), which is honestly a pretty fantastic start, but there's a lot more that goes into "the internet" than just slapping a slightly janky but super-safe VPN over the front of it.
The main point is: Hey! Don't badmouth Tor, it's good (and the jank level of starting from scratch instead will be super high for any forseeable future.)
I strongly encourage everyone to protect the things they love, download all of Wikipedia, screenshot & download all the things. It’s a little paranoid, sure, but between all of us downloading & saving all our little pieces of the web & all its information, we effectively safeguard most of it from digital terrorism, tyranny, erasure. It costs very little, relatively speaking. Do your part & I’ll do mine.
I have Kiwix (offline versions of Wikipedia and other online resources) and Linkwarden (preserve specific websites in multiple formats) running on my home server.
record scratch
I was under the impression linkwarden just saved… links.
Entire webpages? Do tell!
Yes! It saves it as HTML, readable HTML, PDF and image.
Results can vary a lot depending on how the page is implemented. Sometimes most of the formats are empty or broken, but I always got at least one that’s usable.
Can you use it to search for old versions of web pages too?
Unless I missed that feature, no, you only have one version.
But it creates a link to archive.org so you can see if there’s older versions there.
Is there an ELI5 of how Kiwix works? I’m having some trouble wrapping my head around it.
You have two things, the application and the libraries.
The libraries are files with the data you want to host (wikipedia, stack overflow, etc).
There’s a lot of applications for different platforms. Some allow to download the libraries directly, otherwise you can download them manually into a folder and tell the app where to find them.
It’s kind of like a PDF of a web page. But it’s functional You don’t have to load the whole site at once and links take you from page to page just like it did in the original website. The content is stored in monolithic ZIM files and you can get a decent selection from archive.org. But it’s mostly reference material and the content is quite static.
All I have is like QWEN 3B that fits on my HDD and and an USB with memories
I've often felt that the web should work more like Git, so you can keep the content locally and just pull updates when you need.
Outlawing VPNs? Good luck doing business with the rest of the world
Good point. How tf are they going to work remote?
Only tangentially related, but in the vein of privacy and circumventing surveillance, one communication idea I really like in that vein is from the show The Leftovers–the way the “Remnant” group communicates only by simple handwritten notes.
<img alt="" src="https://lemmy.world/pictrs/image/d68c3b91-e737-42f1-8b11-0aaf2b84bf51.jpeg">
I just like the idea that something so rudimentary could theoretically overcome a lot of very high-tech snooping equipment. Good luck using your Stingray cell tower simulator to intercept my notepad scribbles.
Camera’s or any other matter of visual detection. So perhaps we should get back into cyphers. Vigere anyone?
Visual regonition on image coming from many stream most of them having nothing to actually recognised as text is much harder to do than analys text in computer text format than come right to you.
Good point. And a lot of handwriting is unreadable anyway.
I also presume some level of common-sense. Don’t do it near cameras, destroy the notes immediately, etc… It’s not air-tight, but it’s a surprisingly useful approach in many contexts where very expensive technology can fail.
Obviously, yeah, it wouldn’t work in the middle of a Target. And given the AI tools that can use keyboard typing sounds to determine what was typed, it’s even theoretically possible there’s some bleeding-edge capability to circumvent it. But in general, if you’re in some context where you’re not sure if you’re being listened to/monitored, handwritten notes would definitely work, because your biggest concerns are e-mail, text messages, phone calls, GPS, etc…
You are not overreacting, an alternative to internet is needed and it’s not that hard to create, there are many projects already of networks working over radio and wifi, we should probably just stick to one of these and work to expand it
Meshtastic-Based Web?
reticulum.network
I live in the UK and host my own instance (not hosted in the UK). I don't really have any real active users other than myself and most signups end up being deleted as soon as they post some advertising spam.
So, to that end I ensured I don't have any communities marked as NSFW on my instance at all. But, I'm one person and cannot moderate the entire fediverse content I carry. When it moves to enforcement time and I see a definite sign of targeting fediverse hosts, or (as I expect will be a first phase) warnings being issued to fediverse hosts. I'll likely just close registration, go on an account purge and lock out content to logged in users only. Then scale down the operation to a server hosted in my own house and just for me.
If things start to turn into serious enforcement against fediverse hosts, I fully expect the number of instances that will allow UK users to drastically reduce. But, don't forget this is coming to the EU and US if things keep moving as they are. So, there may be no real way to survive as an independent forum/gathering place. And maybe, maybe that's been part of the plan all along? Hobbyists like me cannot provide the time or financial burden to perform age checks or moderate everything to ensure there's nothing that will breach the extremely (and deliberately) vague rules.
We live in interesting times.
The UK moves are very worrying. We’re trying to help people to move away from big tech at our site www.rebeltechalliance.org
We recommend fediverse protocols wherever possible - so I’m interested in the comments here about how that is affected
This site would be more compelling if it didn’t look so much like a you wouldn’t steal a car ad.
If doing an overlay network (network on top of the Internet), you probably won’t be able to do much better than Tor or i2p.
freedom.cs.purdue.edu/projects/trilemma.html
This applies to all types of anonymous networks as well (BT, Wifi, etc).
I have always wondered about distributed hosting, like BitTorrent, but for websites. You go to a webpage, and it gets seeded from however many people host the file. It should be harder to take down. I do not code at all. Is that a thing? Why not?
That has already been done: zeronet.io
So like IPFS?
I tried really hard to use IPFS. I set up a syncthing and did some auto-publishing scripts.
It’s slow AF, and unless you pay some big player to pin your files there’s only about a 1 in 10 chance of it actually being available everywhere. I had to actually peer my computers together to get sure fire access to my own data.
Then there’s very little in the way of privacy. I did some JavaScript crypto self-decrypting archives that was kind of fun But with the distribution problems it just became more of a hassle to use than anything.
Tenfingers does distributed sharing, it’s basically your folder(s) in the cloud but decentralised, so it could be your website by just publish the html and the rest.
Tor is not that slow for normal internet usage. You can even watch videos in SD.
you can at it’s current usage level, if new limits spark new usage, we’ll need a lot more exit nodes.
Tribler has inbuilt onion routing. If I understand it correctly, tribler <-> tribler connections don’t need exit nodes and it’s fast enough to stream video
I just jack off into the camera every once Ina a while in case any government agent is watching. I don’t have to do it. But they have to watch it
Hate being assigned to this guy
<img alt="" src="https://lemmy.zip/pictrs/image/d22e3b20-5fec-4a16-a84a-83f94b29fed9.webp">
Thanks for this post and thanks to all the commenters here for great suggestions. Definitely commenting to remind me to come back here and add some of these awesome resources to my home lab.
Something like Tor only solves half the problem. A Tor hidden service still has physical reality and a person who is hosting it, and who can be held responsible for failing to register the thing with the feds or file a moderation transparency report or whatever the latest nonsense is. The anonymity network helps to hide where the equipment and who the operator is, but there’s still a single point of failure and a person to blame for the community.
We need a way to run online communities that are not online services: no single point of failure, no individual or partnership describable as a service’s operator, and no meaningful way in which one person provides access to the system to another person.
I don’t know enough to know whether this is a dumb suggestion - but could web3 / blockchain hold some of the answers?
The irony of Lemmy not letting me post this until I turned off my VPN 😖
In the future new technologies will maybe bypass internet but right now the best thing to do it’s to start being less internet dependent: archive stuff for your home server, buy physical media, preserve what you’d need and like.
Or start selfhosting.
I don’t think this is true. It’s a bit complicated because there are ways to obfuscate the traffic, but generally speaking, I’d assume governments could track and block nodes just as easily as you can find them.
It might trip you up for real-time things like gaming and you might take a while to download HUGE files, but it’s much faster than its historical reputation
This is true for any privacy software. Encrypted chats, cryptographic currency, darknets. Even the internet itself has that reputation. Anyone trying to hide what they’re doing is likely to seek privacy tools. Reputation means nothing.
Back to printing presses
geocaching + memory sticks
What about LokiNet ?
From the picture I’m going to say it should be the great wall of politicians. It may take a while but If pile enough of the up and cement them together one way or the other things will improve.
You can always host your instance.
Host your own.