(More coming soon, will be written by Jeremy.)
For the basic intro FAQ, please go to the front page, here. Below is the more advanced FAQ for techies, written by Jeremy Rand.
Q. IN TECHNICAL TERMS, WHAT DO YOU PLAN TO DO WITH THE MONEY YOU MAKE FROM YOUR INDIEGOGO CAMPAIGN?
A. Here’s our to-do list for coding and bounties:
As a Namecoin-based project, FreeSpeechMe is part of a significant ecosystem of software which can benefit from improvements. Since FreeSpeechMe directly uses much of this software, and we like to give back, we plan to use some of the funds we raise to improve the underlying Namecoin software, in addition to the FreeSpeechMe code itself. Because what’s good for Namecoin is good for FreeSpeechMe, and what’s good for FreeSpeechMe is good for Namecoin.
We’ll favor hiring people who actually already did some of the work on Namecoin and Namecoin-related software. First because they know the code better than anyone, but also because they deserve to be first in line for paid bounties on Namecoin-related systems.
Below are some examples of the improvements to both FreeSpeechMe and other Namecoin-universe software that we want to have a hand in implementing. Some of these could be put into operation directly by us, others we would like to fund via posting bounties. Note that Namecoin-related improvements are typically discussed in the development community to ensure high-quality design, so it is possible that some of the improvements listed below will change based on community feedback.
Just getting to our current FreeSpeechMe beta has been an immense undertaking. But we’d like to go much further, to do the “work under the hood” that the average user never sees, but that results in a system that could solve many of the problems currently experienced in the entire Internet. We need to do a lot of heavy lifting to not just build an impermeable shell around this new system, but to harden the system itself into that worldwide walled fortress for freedom.
But we also take this down to complex frame-level surgical engineering that will make FreeSpeechMe effortless to use and incredibly valuable to everyone worldwide who uses the Internet.
Think about what a massively complex system Google is. Now think about what the average user sees: just a simple search box on a mostly blank page. We’re not postulating that FreeSpeechMe will grow to be as complex as Google, but the analogy is apt.
Below is our ambitious list. We can implement many of these if we reach our funding goal. If we don’t reach our goal, we’ll get as much done as possible.
FreeSpeechMe-SPECIFIC IMPROVEMENTS WE PLAN TO DO:
Hide nmcontrol/namecoind windows on Windows
Linux users don’t see the terminal windows for backend software; Windows users shouldn’t be bothered by them either.
Don’t try to visit .bit websites when blockchain isn’t downloaded
Right now, visiting a .bit website with an incomplete blockchain will use an older version of that name’s data. Usually this results in a failure to load the page with no good explanation of what’s wrong, but in certain rare cases it could also hypothetically result in security issues such as hijacking. A better version of FreeSpeechMe should refuse to use incomplete blockchains.
Facilitate non-Firefox usage
FreeSpeechMe uses a networking method, HTTP, which is specific to website traffic. Replacing it with a different method, SOCKS, would make it much more flexible, so you could use Dot-Bit for non-website Internet applications such as SSH. It should also be possible to route other web browsers such as Chromium through FreeSpeechMe. FreeSpeechMe should support being installed as a standalone application for users who don’t use Firefox (although obviously Firefox will remain the main method of installation).
Improvements for anonymous browsing
Right now FreeSpeechMe supports routing its traffic through anonymization proxies such as Tor and I2P (if they are installed), but it is not compatible with TorBrowser, so while attackers generally can’t see your location or IP address, they can deduce that different activities you do online may have come from the same person. FreeSpeechMe should be improved to function in TorBrowser, which would prevent linkage of different online activities..
Improvements for anonymous hosting
FreeSpeechMe supports Tor and I2P hidden services (if the user has Tor or I2P installed), but does not support Freenet, OnionCat, GarliCat, or other anonymous hosting networks. This should be improved.
Support for next-gen TLS specification
FreeSpeechMe is using a method of specifying certificates to prevent hijacking which is deprecated in the Dot-Bit specification. While this method remains very secure, the newer specification has more features, and FreeSpeechMe should implement it.
Websites which claim to support HTTPS in their domain record should automatically be loaded in HTTPS, even if the user accidentally forgets the “s”, to prevent hijacking in such cases. (Note for geeks: this is like the HSTS specification, but works even for sites you haven’t visited before.)
Websites that want to support Dot-Bit should be able to do so without changing their server configuration, and instead have FreeSpeechMe make the server think the preexisting domain is being requested. The user would still see the Dot-Bit URL in Firefox, and unlike iframe-based methods, the URL displayed in Firefox would change accordingly as the user clicks links..
Fix HTTP protocol bugs
Unencrypted HTTP Dot-Bit websites occasionally have odd behavior in FreeSpeechMe (sometimes manifesting as links not working properly); this is most frequently seen in WordPress websites. While we strongly encourage the use of HTTPS (which isn’t subject to these bugs), we still want to fix the bugs with HTTP websites.
Round-Robin Load Balancing
Some large websites use multiple server IP addresses for a single domain. FreeSpeechMe should be able to randomly choose one.
OTHER NameCoin SOFTWARE IMPROVEMENTS
Some of this is possibly out of the scope of this one Indiegogo campaign, depending on funds raised. But these are things we’re very interested in helping implement:
Rebase on the latest Bitcoin code
Namecoin is based on an outdated version of Bitcoin (0.3.x). We should rebase on a current release. We inquired with a well-qualified and well-respected contractor (who developed Namecoin-Qt) about how much this rebase would cost; the estimate was around $17,000-$35,000 US. Spending that much on one project would be out of the realm of this first campaign. However, it may be possible to reduce this cost significantly by rebasing on a codebase other than Bitcoin, such as libcoin.
Namecoin currently requires having the entire blockchain for good security. While the 1.6GB blockchain isn’t a large concern right now, future scalability requires that clients be able to securely resolve names without possessing the blockchain. There is a proposal for this called SPV+UTXO.
Automatic renewal of names
Losing your names because you forgot to renew them is a problem.
Names should be able to be renewed automatically. Preferably without decrypting the wallet each time the name is renewed, and maybe without even needing your client to be open when it renews. Any solution must be trust-free.
Cold storage of Namecoin name keys
To update a Namecoin name, the keys must be decrypted on a computer with Internet access; this could be a security risk if malware is installed on that computer. To fix this, cold storage should be used, as is possible with Bitcoin.
This is in two parts: (1) port the Armory client to Namecoin (this allows transactions to be signed offline), and (2) allow a cold-storage name to be used as a revocation key for a hot-wallet name (this is called the “import” field).
Dot-Bit is already much faster than other top-level domains for both name lookup and name propagation. However, it can be made even faster.
We estimate that pre-cached name lookup time can be decreased by 2- to 5-fold in some cases, uncached name lookup time can be decreased significantly, name update propagation can be reduced from 40 minutes to under 1 minute, and blockchain sync time can be reduced significantly.
Namecoin software currently does not support Android; this situation should be improved.
Better blockchain anonymity
Like Bitcoin, Namecoin can keep the location and IP address of name owners anonymous (if used with Tor), but the various activities of name owners can be linked by an attacker. This should be improved, e.g. by implementing Zerocoin.
Better blockchain privacy
Some name owners may wish their records to not be publicly accessible; encryption would improve this situation.
Decentralized website single sign-on
Namecoin can be used to log into websites in a secure way without needing a password (protecting people from database leaks or cracked passwords without trusting a third party such as “all your data are belong to us” systems like Facebook); this is implemented as the NameID library by domob. Unfortunately, this library is not easy for non-programmers to integrate with existing websites. Plugins should be created for major website backends such as Drupal, phpBB, WordPress, and SMF, to allow trust-free NameID sign-on to be as easy as checking a box.
Namecoin software should support automated builds and testing so that our developers and testers can work more efficiently. The builds should also be deterministic (as Bitcoin and Tor are doing) to improve security.
Offline signing of static websites
Verifying signatures of static websites against the blockchain would prevent hijacking even if a web server is completely compromised.
SSH client integration
Log into your servers remotely without trusting your network or manually verifying fingerprints, using the same anti-hijacking features that FreeSpeechMe first implemented.
Q. Is Dot-Bit really secure? I read an article here that said this:
“But while Dot-BIT may allow for an anonymous and relatively secure exchange of DNS information, it won’t necessarily prevent censorship by ISPs. If the .bit top-level domain becomes the target of laws like SOPA, it can be shut down pretty quickly by cutting off the head – its own internal DNS – either through port blocking or other filtering. And since it lacks the anonymizing routing abilities of “hidden” networks like Tor’s .onion domain, it won’t protect the identities of publishers and users who visit sites that use a .bit name.”
A. That’s a quite misleading claim; I’m guessing the author of that claim doesn’t understand how Dot-Bit works. A few points:
1. There are three types of Internet censorship: DNS seizures, DNS blacklisting, and active filtering. Dot-Bit is designed to be effective against the 1st and 2nd; this guy is talking about the 3rd case. Tor is ineffective against the 1st, and only somewhat effective against the 2nd, but it’s very effective against the 3rd case, so if you access the Namecoin network via Tor (which is quite possible) then you defeat all 3 methods.
2. Domain owners are not anonymous in Dot-Bit (due to blockchain analysis attacks). We have never claimed that they are. However, there is a way to make them anonymous, it’s called Zerocoin, and there is discussion of implementing it.
3. Dot-Bit domains can point to Tor hidden services or I2P eepsites. I’ve already implemented this in FreeSpeechMe. Combining this with Zerocoin enables anonymously hosted websites with anonymously registered, human-memorable, deterministically resolvable domains.
4. Dot-Bit is intended to be capable of viewing websites via Tor. Doing so is possible with FreeSpeechMe, but because it’s not compatible with TorBrowser, the anonymity is easily breakable by a motivated attacker who knows how to fingerprint Firefox. Making FreeSpeechMe work with TorBrowser is definitely something I’d like to work on. In any event, Dot-Bit has never been advertised as an alternative to Tor.
Q. What’s this I hear about Tor and I2P support?
A. FreeSpeechMe supports a new feature of Dot-Bit domains: the ability to point to anonymously hosted websites using Tor or I2P. Tor and I2P are networks that allow users to host websites without revealing their identities or locations.
Tor and I2P are a necessity for human rights activists and whistleblowers working in repressive countries, and both networks were critical in keeping citizens safe during the Arab Spring. Unfortunately, Tor- and I2P-hosted domain names normally have some issues: Tor domains (ending in .onion) are not human-memorable (e.g. duskgytldkxiuqc6.onion), and I2P domains (ending in .i2p) can resolve to different websites for different users (bad for security). FreeSpeechMe allows Dot-Bit domains to be used to point to Tor- and I2P- hosted websites, and as with all Dot-Bit domains, they are human-memorable and only can point to the correct website. Note that Dot-Bit only keeps the location and IP address of the domain owner private (assuming the domain is registered using Tor); the identity of the domain owner may be linkable with that person’s other usage of Namecoin (e.g. usernames at exchanges). As examples, we’ve setup two Dot-Bit domains using this: federalistpapers.bit (requires Tor) and anonymous-git-hosting.bit (requires I2P).