Speech.is, breaking out of the alt TLD niche

indolering
Posts: 801
Joined: Sun Aug 18, 2013 8:26 pm
os: mac

Speech.is, breaking out of the alt TLD niche

Post by indolering »

I would like to propose a bridge to the .bit TLD for all internet users without a proxy/forwarding domain/iframes. Instead, a website server located at speech.is would host a single page that loads Javascript to parse the DNS records directly. The user would travel to wikileaks.bit by typing wikileaks.speech.is and the javascript would parse the URL and forward the user to an IP address instead of the domain name. This bypasses technical, legal and usability issues blocking widespread use of the .bit domain. A technical summary is below but a fuller spec is on the wiki, I look foward to your feedback : )

On loading, speech.js parses the URL in the users browser and checks local storage for necessary IP address. If there is no domain record in local storage, speech.js checks for known friend lists. If that fails Speech.js will ask the user to sign into the social networking site and check all of her/his friends to see if someone is sharing a compatible list.

For the beta release, this will be restricted to Github and it will probably just check the users repo for a copy of the list. For the alpha release, we will probably just have a JSON-RPC and ping servers directly.

For version 1.0 I'm hoping to use the WebRTC data channel to enable direct browser-to-browser communication with their friends. We can leverage a Facebook app to create a “viral” marketing campaign. The user only has to know a friend of a friend who has access to a server with the list, completely bypassing the social network for storage.

There are lots of other fun possibilities, including inline frames to fetch sites with a speech.is cross-server-scripting policy, a fully decentralized javascript DHT, onion routing, and more shit I haven't thought of.

The only requirement is that the web page simple and the javascript slim. Using Cloudflare, a million+ knockoffs can be created using the cheapest of web hosts. Eventually, it will be fully decentralized so everyone can speak to each other.
Also, we need to own spk.is : )
Last edited by indolering on Sat Aug 24, 2013 2:47 am, edited 1 time in total.
DNS is much more than a key->value datastore.

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Speech.is, breaking out of the alt TLD niche

Post by phelix »

Hi!

forwarding to the ip will not work so well as most servers run several domains on one ip.

There should be some proxies available even open source. I think Khal's at least.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

virtual_master
Posts: 541
Joined: Mon May 20, 2013 12:03 pm
Contact:

Re: Speech.is, breaking out of the alt TLD niche

Post by virtual_master »

Hmmm.
Very unusual idea.
But if you make a practical demonstration we would understand it better.
A graphical illustration could also help.
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S

indolering
Posts: 801
Joined: Sun Aug 18, 2013 8:26 pm
os: mac

Re: Speech.is, breaking out of the alt TLD niche

Post by indolering »

forwarding to the ip will not work so well as most servers run several domains on one ip.
Ahh, but that is by convention, it's trivial to specify specific websites according to IP address. We just need to establish a new convention.

Eventually, Cross-Origin Resource Sharing will make it so the user never sees the IP address. If a server admin judges Speech.is and Speech.js to be secure enough, they can use CORS to allow JS from Speech.is to interact with their content transparently. Then Speech.js can load content in an iframe and manually fiddle with the URL.
Hmmm.
Very unusual idea.
But if you make a practical demonstration we would understand it better.
A graphical illustration could also help.
Sorry, I wrote the whole thing up in a pinch. I'm sure it full of grammatical errors but it's finals week!

You are right, a block diagram would help explain things.

The technical details are more fully fleshed out on the dot-bit wiki page. Hopefully I can get to making a fully functioning prototype in a week or two.
DNS is much more than a key->value datastore.

indolering
Posts: 801
Joined: Sun Aug 18, 2013 8:26 pm
os: mac

Re: Speech.is, breaking out of the alt TLD niche

Post by indolering »

phelix wrote:There should be some proxies available even open source. I think Khal's at least.
A proxy is infeasible for two reasons:
  1. Proxies are expensive. Someone has to pay for all the bandwidth and CPU to route every connection. Speech.is, on the other hand, is a single, static HTML file which will be served up almost entirely for free by Cloudflare or another CDN. It's trivial to scale that to even the largest of DDOS attacks.
  2. It's a legal liability. Everything MUST be done client-side.
DNS is much more than a key->value datastore.

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: Speech.is, breaking out of the alt TLD niche

Post by biolizard89 »

Not sure if I understand the proposal completely, but what prevents your server from either wiretapping the connection metadata or modifying the data which is returned by the .bit website? This doesn't sound any better in terms of security/privacy than a 3rd-party DNS server. For that matter, wouldn't it be trivial to insert malicious JS which wiretaps the actual connection content?
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Speech.is, breaking out of the alt TLD niche

Post by phelix »

indolering wrote:
phelix wrote:There should be some proxies available even open source. I think Khal's at least.
A proxy is infeasible for two reasons:
  1. Proxies are expensive. Someone has to pay for all the bandwidth and CPU to route every connection. Speech.is, on the other hand, is a single, static HTML file which will be served up almost entirely for free by Cloudflare or another CDN. It's trivial to scale that to even the largest of DDOS attacks.
  2. It's a legal liability. Everything MUST be done client-side.
I had thought it was impossible without a proxy. If it is possible, all the better.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

indolering
Posts: 801
Joined: Sun Aug 18, 2013 8:26 pm
os: mac

Re: Speech.is, breaking out of the alt TLD niche

Post by indolering »

biolizard89 wrote:Not sure if I understand the proposal completely, but what prevents your server from either wiretapping the connection metadata or modifying the data which is returned by the .bit website? This doesn't sound any better in terms of security/privacy than a 3rd-party DNS server. For that matter, wouldn't it be trivial to insert malicious JS which wiretaps the actual connection content?
What prevents Linus from dropping a backdoor into the kernel? What prevents the US, China, or Hak5 script-kiddies from forging an SSL certificate? Transparency!

As Speech.js is a neutral library for end-users and posted on public servers and will be widely audited. Independent websites could load their own javascript which would scan the Speech.js library, referral website, and SSL certificates to ensure that it has a matching hash.

In the beginning, the DNS info will be a distributed, friend-to-friend affair, because that's WAY easier to implement. Later, the DHT should enable a web-of-trust based system and we would be no better/worse off than the namecoin blockchain.

Ideally, all of this would be pushed to browser and OS level security mechanisms.
DNS is much more than a key->value datastore.

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: Speech.is, breaking out of the alt TLD niche

Post by biolizard89 »

indolering wrote:
biolizard89 wrote:Not sure if I understand the proposal completely, but what prevents your server from either wiretapping the connection metadata or modifying the data which is returned by the .bit website? This doesn't sound any better in terms of security/privacy than a 3rd-party DNS server. For that matter, wouldn't it be trivial to insert malicious JS which wiretaps the actual connection content?
What prevents Linus from dropping a backdoor into the kernel? What prevents the US, China, or Hak5 script-kiddies from forging an SSL certificate? Transparency!

As Speech.js is a neutral library for end-users and posted on public servers and will be widely audited. Independent websites could load their own javascript which would scan the Speech.js library, referral website, and SSL certificates to ensure that it has a matching hash.

In the beginning, the DNS info will be a distributed, friend-to-friend affair, because that's WAY easier to implement. Later, the DHT should enable a web-of-trust based system and we would be no better/worse off than the namecoin blockchain.

Ideally, all of this would be pushed to browser and OS level security mechanisms.
Providing a signed, open-source, downloadable Javascript file would most likely be fine. However, if a web server is providing this file every time a .bit site is visited, it would be trivial for the server to send malicious JS depending on certain targeted user IP's or destination domains. This would be impossible to verifiably audit. This is not a theoretical concern; this has happened with a Bitcoin online wallet which stole a specific targeted user's money by serving malicious JS to that user only. (I believe this was mentioned in Bitcoin Magazine a while back.)

Web of trust is also very different from a Namamoto blockchain in terms of threat model.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

indolering
Posts: 801
Joined: Sun Aug 18, 2013 8:26 pm
os: mac

Re: Speech.is, breaking out of the alt TLD niche

Post by indolering »

Providing a signed, open-source, downloadable Javascript file would most likely be fine. However, if a web server is providing this file every time a .bit site is visited, it would be trivial for the server to send malicious JS depending on certain targeted user IP's or destination domains. This would be impossible to verifiably audit.

This is not a theoretical concern; this has happened with a Bitcoin online wallet which stole a specific targeted user's money by serving malicious JS to that user only. (I believe this was mentioned in Bitcoin Magazine a while back.)
Whoa, what is our threat model here? Targeted attacks happen on the normal internet and to real banks as well.

.bit improves upon a single point of failure for the internet: DNS-level censorship. There are ambitions to move beyond that, but we have to get to that goal first. This hybrid between DNS forwarding and social networking darknet is a very real way to make .bit relavent in a manner that is as secure as any financial institution. Given the level of scrutiny, it would be at least as secure as the updates we get from the namecoin development servers or Github or Mozilla :P
Web of trust is also very different from a Namamoto blockchain in terms of threat model.
Blockchains are distributed trust based crypto. Whether it's by consensus, percentage votes, or darknets, you must rely on other sources for that information.

Sorry if this is scattered, very late :P
DNS is much more than a key->value datastore.

Post Reply