What is Namecoin DNS useful for?
Posted: Tue Feb 09, 2016 2:26 pm
Namecoin's DNS namespace is often described and marketed as a censorship-resistant DNS system. I think this may be shortsighted and counterproductive.
Let's say you want to register a domain name that is at risk of seizure in your jurisdiction. There's generally nothing stopping you from buying a domain name from a registrar in a different, more friendly jurisdiction. For example, Chinese anti-government activists can get a US-based domain name, and American journalists publishing documents that embarrass the U.S. government can get a Russian domain name. There's a well-known name for this: jurisdictional arbitrage. It's also how Tor exit traffic works: if you're in China and you want to read about Tienanmen Square, you can use a Tor circuit that exits in the U.S. where such material isn't blocked.
So what use case is left for Namecoin under this logic? Probably only material which is illegal in all jurisdictions. That means it's restricted to use cases that very few people care about, or have any interest in supporting.
This is the conclusion that is easy to draw if we accept that Namecoin is primarily an anti-censorship tool. However, it's pretty clear to me that this is a false conclusion, because Namecoin isn't an anti-censorship tool. Namecoin domain names have an important advantage over any other global, human-meaningful TLD: they are resistant to hijacking (e.g. MITM attacks). Large businesses, and to some extent even governments, care a lot about resisting hijacking/MITM attacks. When large businesses get owned, they get extremely bad PR, their stock price and profits may drop, and they may be subject to criminal or civil liability depending on whether they took sufficient due diligence steps to prevent it. Governments don't like the negative economic effects of businesses in their jurisdiction getting owned. None of these entities care at all about resistance to censorship. And there's no such thing as jurisdictional arbitrage to get resistance to hijacking/MITM attacks. That gives us a huge advantage over ICANN-based DNS which is readily marketable. (Resistance to censorship is a cool side feature that some people will like, but it's not the thing that really distinguishes us.)
When I talk to people who are not free speech activists, the thing they find most interesting about Namecoin DNS is the security, not the censorship resistance. When I was looking for teammates for the Borderless Block Party hackathon in November 2015, one of the people I talked to was a business-oriented person (i.e. not primarily a coder), and his immediate thought when I told him about Namecoin and TLS was that it's immediately valuable to businesses. I gave a talk about Namecoin and TLS to a roomful of social science majors circa March/April 2015, and they understood the usefulness of resistance to hijacking/MITM attacks, while I'm pretty sure they wouldn't have been interested in resistance to censorship.
When I do talk to people who are free speech activists, they tend to be people who also understand that you don't have free speech if someone is wiretapping you without your consent. As such, while they may like the censorship-resistance properties of Namecoin, they also think the hijacking/MITM protections are important.
When we've applied for funding, we often get a reply that we're targeting a tiny demographic, and therefore we will have trouble achieving sufficient adoption. This is, quite honestly, a fair criticism of the way we've been marketing Namecoin. Very few people will go out of their way to buy domains with a product that resists DNS censorship, when there are a lot of other ways to do that which don't require visitors to install special software. And very few people will go out of their way to install special software that lets them view domains that are censored, because very few people care about DNS censorship to begin with. (Lots of people install Tor, but that's because many people are affected by network censorship; far more than are affected by DNS censorship. Also Tor is primarily marketed as anonymity, not censorship resistance, so many Tor users are using it for privacy rather than for accessing blocked sites.) However, a substantially higher number of people will go out of their way to use special software that improves the security of their private data. Look at how much money businesses, governments, and consumers spend on computer security products and consulting. There is a strong market here, and it's growing, in part due to media coverage of both Ed Snowden's leaks and the perceived increase in cybercrime. This is not to argue that marketing Namecoin as security software will magically bring us worldwide adoption overnight. But while it's still an uphill battle, that hill becomes substantially less steep.
Obviously, I really like both the censorship resistance and security properties of Namecoin. I think they're both highly desirable properties in a DNS system. But I think it makes a lot of sense to focus on security as a primary marketable feature. (This is not a criticism of anyone in particular; I'm definitely as guilty as anyone else here, seeing as I wrote software called FreeSpeechMe.)
(This post is based on a #namecoin conversation between myself and Hugo on Jan 7, 2016.)
Opinions?
Let's say you want to register a domain name that is at risk of seizure in your jurisdiction. There's generally nothing stopping you from buying a domain name from a registrar in a different, more friendly jurisdiction. For example, Chinese anti-government activists can get a US-based domain name, and American journalists publishing documents that embarrass the U.S. government can get a Russian domain name. There's a well-known name for this: jurisdictional arbitrage. It's also how Tor exit traffic works: if you're in China and you want to read about Tienanmen Square, you can use a Tor circuit that exits in the U.S. where such material isn't blocked.
So what use case is left for Namecoin under this logic? Probably only material which is illegal in all jurisdictions. That means it's restricted to use cases that very few people care about, or have any interest in supporting.
This is the conclusion that is easy to draw if we accept that Namecoin is primarily an anti-censorship tool. However, it's pretty clear to me that this is a false conclusion, because Namecoin isn't an anti-censorship tool. Namecoin domain names have an important advantage over any other global, human-meaningful TLD: they are resistant to hijacking (e.g. MITM attacks). Large businesses, and to some extent even governments, care a lot about resisting hijacking/MITM attacks. When large businesses get owned, they get extremely bad PR, their stock price and profits may drop, and they may be subject to criminal or civil liability depending on whether they took sufficient due diligence steps to prevent it. Governments don't like the negative economic effects of businesses in their jurisdiction getting owned. None of these entities care at all about resistance to censorship. And there's no such thing as jurisdictional arbitrage to get resistance to hijacking/MITM attacks. That gives us a huge advantage over ICANN-based DNS which is readily marketable. (Resistance to censorship is a cool side feature that some people will like, but it's not the thing that really distinguishes us.)
When I talk to people who are not free speech activists, the thing they find most interesting about Namecoin DNS is the security, not the censorship resistance. When I was looking for teammates for the Borderless Block Party hackathon in November 2015, one of the people I talked to was a business-oriented person (i.e. not primarily a coder), and his immediate thought when I told him about Namecoin and TLS was that it's immediately valuable to businesses. I gave a talk about Namecoin and TLS to a roomful of social science majors circa March/April 2015, and they understood the usefulness of resistance to hijacking/MITM attacks, while I'm pretty sure they wouldn't have been interested in resistance to censorship.
When I do talk to people who are free speech activists, they tend to be people who also understand that you don't have free speech if someone is wiretapping you without your consent. As such, while they may like the censorship-resistance properties of Namecoin, they also think the hijacking/MITM protections are important.
When we've applied for funding, we often get a reply that we're targeting a tiny demographic, and therefore we will have trouble achieving sufficient adoption. This is, quite honestly, a fair criticism of the way we've been marketing Namecoin. Very few people will go out of their way to buy domains with a product that resists DNS censorship, when there are a lot of other ways to do that which don't require visitors to install special software. And very few people will go out of their way to install special software that lets them view domains that are censored, because very few people care about DNS censorship to begin with. (Lots of people install Tor, but that's because many people are affected by network censorship; far more than are affected by DNS censorship. Also Tor is primarily marketed as anonymity, not censorship resistance, so many Tor users are using it for privacy rather than for accessing blocked sites.) However, a substantially higher number of people will go out of their way to use special software that improves the security of their private data. Look at how much money businesses, governments, and consumers spend on computer security products and consulting. There is a strong market here, and it's growing, in part due to media coverage of both Ed Snowden's leaks and the perceived increase in cybercrime. This is not to argue that marketing Namecoin as security software will magically bring us worldwide adoption overnight. But while it's still an uphill battle, that hill becomes substantially less steep.
Obviously, I really like both the censorship resistance and security properties of Namecoin. I think they're both highly desirable properties in a DNS system. But I think it makes a lot of sense to focus on security as a primary marketable feature. (This is not a criticism of anyone in particular; I'm definitely as guilty as anyone else here, seeing as I wrote software called FreeSpeechMe.)
(This post is based on a #namecoin conversation between myself and Hugo on Jan 7, 2016.)
Opinions?