<h1><a href="http://www.itworld.com/legal/129947/net-censorship-dns-alternative">http://www.itworld.com/legal/129947/net-censorship-dns-alternative</a></h1><h1>Gov't crackdown spurs initiatives to route around DNS</h1>
<h2>The Net interprets censorship as damage and routes around it</h2>
<div class="byline"><span class="byline_text">by <a href="/%5Bprimary-term%5D/124035/keith-dawson">Keith Dawson</a></span> </div>
<div class="content_item_info"><span class="num_comments"><a href="/comments/129947">20 comments</a> | </span><span id="vote_up_129947" class="fans vote-up-inact"><span id="vote_points_129947" class="vote-points">33</span><span class="ilike">I like it!</span></span> <br>
<span class="article_tags"><span class="tags_text">Tags:</span> <a href="/censorship">censorship</a>, <a href="/dns">DNS</a>, <a href="/icann">ICANN</a> </span></div>
<div id="article_body">
<div class="date_src"><span class="publish_date">December 7, 2010, 12:57 PM —
</span><span class="source_link">ITworld</span> — </div>
<p>
</p><p>Over the Thanksgiving holiday weekend, US Immigration and Customs Enforcement
(ICE), the principal investigative arm of the Department of Homeland Security
(DHS), led an alphabet soup of government agencies in seizing the domain names
of <a href="http://www.ice.gov/doclib/news/releases/2010/domain_names.pdf" target="new">82 Web sites</a> (PDF) that ICE said were "engaged in the illegal
sale and distribution of counterfeit goods and copyrighted works" (See: <a href="http://www.itworld.com/legal/129947/net-censorship-dns-alternative?page=0%2C1">Operation
In Our Sites v. 2.0</a>). The seizures were accomplished by getting the VeriSign
registry, owner of the <b>.com</b> and <b>.net</b> top-level domains, to <a href="http://rulingclass.wordpress.com/2010/11/28/the-background-dope-on-dhs-recent-seizure-of-domains/" target="new">change the authoritative domain-name servers</a> for the seized
domains to servers controlled by DHS.</p>
<table align="left">
<tbody>
<tr>
<td>
<br></td></tr></tbody></table>
<p>Regardless of the supposed criminal intent of the affected systems, the
seizure without notice of these domain names by US authorities sent shock-waves
around the Internet world. It got people's attention in a much stronger way than
version 1 of this enforcement operation had — the <a href="http://www.pcmag.com/article2/0,2817,2365902,00.asp" target="new">first
iteration late last June</a> seized the names of nine sites selling pirated
first-run movies. Many people woke up to the reality of how vulnerable the DNS
is to government meddling.</p>
<p>(More recently, the uproar caused by the WikiLeaks publication of US
diplomatic cables — and subsequent attempts to <a href="http://news.netcraft.com/archives/2010/12/03/wikileaks-org-taken-down-by-us-dns-provider.html" target="new">censor the site</a> and/or to <a href="http://aws.amazon.com/message/65348/" target="new">hound it off the
Internet</a> — have resulted in what developer Dave Winer <a href="http://scripting.com/stories/2010/12/03/wikileaksOnTheRun.html" target="new">calls</a> "a human DNS" implemented "in a weird sneaker-net sort of
way," via Twitter and ad hoc bulletin-board sites.) </p>
<p>Within days of the ICE/DHS seizures, at least three separate initiatives to
work around the DNS had been announced, and several existing alternatives were
highlighted in the ensuing discussion. Let's take a look at some of these
proposals — two to route around and one to supplant the DNS — and some of the <a href="http://www.itworld.com/legal/129947/net-censorship-dns-alternative?page=0%2C2">obstacles
they face</a>.</p>
<p><strong>1. <a href="http://blog.rabidgremlin.com/2010/11/28/4-little-words/" target="new">4LW</a>: 4 Little Words</strong></p>
<p>This new alt-DNS project got a quick boost from the developer communities at
Hacker News and Reddit. The idea is to map each of the four numbers in an IPv4
address to one of 256 "little words," in the Mad Libs-inspired pattern
<i>adjective noun verb noun</i>. For example, using an online <a href="http://4lw.org/" target="new">4LW generator</a>, 208.101.51.56 (the IP
address of the seized domain name <a href="http://torrent-finder.com">torrent-finder.com</a>) becomes <b>simple hair
climbs cup</b>. Reddit user <a href="http://www.reddit.com/user/armooo" target="new">armooo</a> created an open source DNS server that returns "A" records
using the 4LW protocol. For the example above, visiting <a href="http://simple.hair.climbs.cup.4lw.org/" target="new">http://simple.hair.climbs.cup.4lw.org</a> takes you straight to
the site formerly pointed to by the seized domain name. This scheme should
continue to work unless <a href="http://4lw.org">4lw.org</a> itself is compromised, in which case others
could copy <a href="https://github.com/armooo/4-little-words-DNS-server" target="new">the source code</a> and put up their own servers; meta-servers could
emerge to distribute requests among known 4LW servers; and so on. </p>
<p><strong>2. <a href="http://p2pdns.baywords.com/2010/11/30/hello-world/" target="new">P2P DNS</a>: Peering Around It</strong></p>
<p>This project has gotten the lion's share of press attention, because it was
<a href="http://twitter.com/brokep/status/8779363872935936" target="new">initially
suggested</a> by Peter Sunde, co-founder of The Pirate Bay. The idea is to
create a peer-to-peer alternative to the DNS, and beyond that nothing has been
announced. Sunde's <a href="http://p2pdns.baywords.com/2010/11/30/hello-world/" target="new">blog post</a> has garnered over 100 comments, most pledging help and
some offering concrete suggestions or pointing out similar efforts across the
Net. There are active <a href="http://dot-p2p.org/index.php?title=Brainstorm" target="new">brainstorms</a> in <a href="http://dns-p2p.openpad.me/1?" target="new">various media</a> and a <a href="https://github.com/DNS-P2P/" target="new">code repository</a>, which is currently empty. Sunde has promised a
press release soon.</p>
<p><strong>3. <a href="http://lauren.vortex.com/archive/000787.html" target="new">Project IDONS</a>: Internet Distributed Open Name System</strong></p>
<p>This proposal is by Lauren Weinstein, one of the early developers of what
became the Internet and the long-time moderator of the PRIVACY forum (which
predates even the widespread existence of email). Weinstein's vision is of "an
alternative Internet name to address mapping system — fully distributed, open
source, fault-tolerant, secure, flexible, and not subject to centralized
constraints, meddling, and censorship." Other high-level goals include "no
central registries, no registrars, no fees nor charges necessary for any name or
address operations across IDONS."</p>
<p>Weinstein adds in his introduction to IDONS: "Ad hoc attempts to bypass the
existing system (such as those newly proposed by Pirate Bay) are likely to
create fragmentation and confusion, and therefore ironically tend to further
entrench the existing system… ad hoc won't fly for this."</p>
<p>In an interview, Weinstein told me he has had a "couple of thousand"
responses to the IDONS proposal, ranging from substantive technical suggestions
to "Yes I'd like to help." Weinstein said, "The point is not just to replace the
DNS with another DNS. It's to get out from under a completely limiting
condition. Technology is full of these kinds of situations in which we have to
get out from under bad early decisions. In the case of DNS, the mistake was
centralization. That enables not only censorship, but also the whole gigantic
mess that has grown up around domain registrations" — what Weinstein has taken
to calling the "domain industrial complex." He continued, "This is not just a
technical project, it's an attempt to change the underlying mechanisms we use
for names on the Internet. It involves policy and politics as well as
technology." And it's likely to be a 10-year effort or longer.</p>
<p>At this point the project does not have a website or a mailing list.
Interested parties can contact Weinstein <a href="http://lauren.vortex.com/archive/000787.html" target="new">via his
blog</a>.</p></div>