The dark side of the decentralized web

On a recent Bloom Network community call introducing the decentralized web, a couple of people asked about the potentially harmful uses of the technology. We didn’t have much time to get into it on the call, but there are valid concerns here that I think warrant further discussion.

The issue at hand

To summarize the concerns, it makes sense to first give a brief introduction to decentralized web technologies and explain why they’re important and different from the web most of the world uses today.

The basic goal of the decentralized web is to remove centralized points of weakness on the web, making the web more secure, private, resilient, and censorship-resistant. For example:

  • Domain names in the traditional web are controlled by a corporation called ICANN, who can revoke the names from users whenever they want. Yes there are technically conditions that must be met before the name can be seized, but ICANN itself defines these conditions so… anyways if they (or your government) don’t like what you’re publishing on your website, they can make your site harder to find by taking away the domain name. Blockchain name systems are a decentralized web technology that provides an alternative to the ICANN-owned domain name system and gives end users true ownership of their domain names.
  • TLS/SSL Certificates in the traditional web are issued by organizations called Certificate Authorities. There are hundreds of Certificate Authorities and your browser will trust a certificate issued for a website by any one of them. This power has been abused to man-in-the-middle entire countries, likely in an attempt to spy on political dissidents. Decentralized public key infrastructure is a decentralized web technology that provides an alternative to Certificate Authorities, where users can issue their own certificates and cryptographically link them to their domain name using a blockchain name system.
  • File hosting in the traditional web is provided by organizations that host digital files on centralized servers. While these web hosts do their best to keep the files available using backups and data redundancy, they can still experience issues that lead to catastrophic losses. Distributed file and data storage systems are decentralized web technologies that decentralize the job performed by file hosts. Files (or pieces of files) are stored on computers operated by multiple hosts instead of relying on a single web host to make the files available. This makes it less likely for data to get lost and permanently taken offline if one or multiple hosts go down.
  • Electronic payments over the traditional web have historically relied on centralized intermediaries such as payment processors and banks. These middlemen have abused their privileged positions of power to attack their own customers for political reasons, or for no good reason at all. Cryptocurrency is a decentralized web technology that makes it possible to send payments online without an intermediary, so payments can be sent by anyone, to anyone, anytime and anywhere – a simple yet powerful concept.

While all of these decentralized web technologies help provide strong protections for normal web users against security vulnerabilities, privacy intrusions, and censorship, because these technologies are freely available, they also provide these protections to bad people too. The main concern that people have brought up about decentralized web technologies is that they believe these technologies make it harder to catch bad people or stop them from using the internet to do crime.

Before addressing the concern, first a brief trip down memory lane…

The Four Horsemen of the Infocalypse

To provide some more context, it’s worth pointing out that concerns about bad people using the internet to do bad things are as old as the internet itself. Back in the early 1990s, during the first Crypto War (which cryptographers won, btw), such concerns were brought up as a reason for backdooring encryption or otherwise breaking the security of the internet so often that Timothy May came up with a name for them: The Four Horsemen of the Infocalypse. So these concerns are not new or unique to the decentralized web.

Still, how do we (people developing and promoting decentralized web technologies) respond to these concerns? Here’s how I think about it:

The positives outweigh the negatives

Ok so the concerns aren’t new. But that doesn’t mean they’re not valid, right? Only that we’re still grappling with them, almost thirty years later.

Indeed. As technologists, it is certainly important to think about the ethics of the technology we are developing. Is this technology a net benefit for the world? Does the technology do more harm than good? From personal firearms and nuclear weapons to smartphones and the internet, humans have constantly grappled with the question of whether the positives of the technologies we develop outweigh the negatives.

As someone who helps develop decentralized web technology and promotes its usage, I personally believe that the positives far outweigh the negatives. The benefits that billions of people could gain from a more secure, more private, more resilient and censorship-resistant web to me far outweighs the bad that a relatively small number of people could do with the technology.

Striking at the root of evil

That brings the discussion to the actual concern being raised: bad people doing bad things online. Ok, so there’s this technology that can be used to publish harmful content online in a way that could be hard to censor or track back to the source. What do we do about that? Well, we cannot un-invent the technology. It’s out there, it’s open source software published in public repositories that anyone can use now. So how do we deal with online-based crime in a world where information can now be strongly encrypted and permanently published to the internet?

To answer this question, I would first interrogate further: why is there crime to begin with? Why do people do the bad things that they do? How do their victims end up in situations where they are victimized? What can we do to stop crime before it happens? Trying to answer these questions exposes deep societal problems that are out of scope for this blog post, but suffice to say that when it comes to criminals using software to commit crimes, there’s a lot the government itself could do to fix their own policies that create crime in the world (drug prohibition, supporting terrorists, sex work criminalization, as just a few examples) before we even think about how open source software comes into the equation.

Now let’s assume that governments and everyone else have done just about everything possible to reduce crime caused by or enabled by bad policies and bad personal habits. There will still be a small minority of people who are just born to do bad things, and they will probably use the internet and decentralized web technologies to do some of those bad things. How do we deal with that?

I think that, just as it’s difficult to erase something off the internet today, it will continue to be difficult to erase something off the internet in the future. Decentralized web technology doesn’t necessarily create a new capability here, it just makes that level of resilience more accessible to more people. Similarly, end-to-end encryption has been widely available since the release of PGP in the early 90s, and today is made easier to use by end-to-end encrypted messaging apps such as Signal. Again, decentralized web technology doesn’t introduce new encryption capabilities here, but rather can help make secure end-to-end encryption more easily usable with DPKI and more private by removing messaging intermediaries.

So to answer the question “how do we deal with bad people who do bad things using decentralized web technologies” we could ask law enforcement, military, and other people in the security industry how they deal with the crime on the internet today. Many tactics they use will probably still be relevant. They may have to shift tactics or develop new tactics. And, yes, in some cases (such as deleting links to illegal content stored on the bitcoin blockchain) they won’t be able to do anything about it at all, except to track and find the source of the content and cut the problem out at the root to prevent further harm.

My computer, my business

“But, but,” the concerned people protest, “couldn’t we just force developers to make it possible for law enforcement to break decentralized web technologies in limited circumstances?”

This request for a “golden key” or “backdoor” is another old zombie policy proposal that just won’t die, and the answer is, was, and always will be: no.

Quoting a tweet I sent recently:

think of my computer as an extension of my brain. you can’t force a company to give you access to the contents of my brain. you shouldn’t expect to be able to force a company to give you access to the contents of my computer, either.

Under the U.S. Constitution, people have a right to privacy and the right to remain silent. These rights exist to protect innocent people from having their private life unfairly intruded on by the government. We also have a right to free speech, a right that an increasingly large number of people are finding hard to exercise on the internet, with unaccountable corporations acting as the final arbiter of what speech is allowed and what is not.

Decentralized web protocols provide a technological means of protecting these rights. Remember that not everyone in the government is acting with the best of intentions. It’s important that these rights be protected by the Constitution, but in case the government fails to respect our rights (it wouldn’t be the first time), or in cases where such rights are weak or nonexistent, it’s also important that we have these technological means of protecting our rights.

Besides, even if we did put backdoors in decentralized web software, bad people would just create versions of the software that do not have a backdoor, so they could continue their bad activities unconcerned about unwanted guests intruding on their business. It’s better that we have secure software that protects everybody, rather than expect innocent people to use software with backdoor vulnerabilities on the delusional hope that it would make it easier to catch and stop criminals. All a backdoor in the decentralized web would really accomplish would be to make innocent people less safe online while criminals continue their business using software without backdoors.

Making the best of it

Decentralized web technologies such as cryptocurrency, blockchain name systems, DPKI, and distributed file and storage systems are exciting new tools that can help improve on existing shortcomings with the web, including security and resilience problems. They can also help protect our rights to privacy and free speech. Yes, like every other tool ever invented, it is also possible to use these tools for bad as well. We will have to adapt and accept that some problems that are created by these new technologies cannot be completely eliminated, only mitigated. We have accepted this trade-off for countless other technologies in human history, including for the internet itself, and I think it’s reasonable to accept this trade-off for the decentralized web as well.

There’s so much good that the decentralized web makes possible. Let’s make the best of this new reality and use these technologies to improve our world, to liberate ourselves and others and improve our digital lives.

P.S. One final point: although it is possible for other people to use the decentralized web to host objectionable content, remember that as a user of this technology you are in no way obligated to help host that content! You can delete any data off your computer that you do not want to host. Part of the benefit of the decentralized web is that you are in control. Such content filtering can even be automated, so if you are running a file hosting node for example any objectionable material can automatically be rejected as soon as it’s detected on your computer. It’s like avoiding the bad part of town – you can just not go there!


 

Email is probably the most popular decentralized messaging protocol, and I expect it to be around for a while. Add yourself to my email contacts if you would like to stay in touch!

A better app store

What would a new and improved app store look like? The Aragon App Center is in development so I’m excited to think about how we can improve on existing app store designs.

There are three new features I’d love to see:

Decentralized publishing

Today only one person is required to push the “publish” button, and this creates a central point of failure. What if multiple devs and community members had to sign off before a new app update was pushed? This could prevent problems like devs going on power trips or burning out and giving their publishing rights away to hackers. With a decentralized package manager it would be possible to require multiple sign-offs before a new app update is published. This update could then be cryptographically verified to be published by the correct author (see the next section).

Trusted publisher profiles

When I look at an app download page in an app store, how do I really know it’s being published by who I think it is? I might look at how many people downloaded it, or go to the download page straight from the publisher’s website (the address of which I got from another trusted source, etc). What if there was a way to trust the download page no matter how I arrived at it?

With trusted publisher profiles, that becomes possible. Publishers could publish proofs to their profile showing that they control certain website domains, social media accounts, and crypto keys. They can sign app install files using these keys so that I can trust that the file came from the right publisher. Various solutions like this exist but they aren’t adopted consistently and no app store that I’ve seen has been able to blend the freedom of decentralization with the security of trusted publisher profiles.

Cryptocurrency payments

I want to pay for good software. But I don’t want the app store to know who I am and I don’t want to worry about whether it can actually secure my credit card data. Besides, credit cards are an ill-suited medium for the <$0.99 payments I imagine for software installs and updates. It might not seem like much, but multiplied by thousands or millions of users and a developer (or team) that puts out consistent and consistently good app updates could make a good living off these small payments alone, not to mention any in-app monetization mechanisms.

I want to pay for good software and I want it to be fast, cheap, and private. Cryptocurrency is a great fit for this.

Hundreds of media accounts were just deplatformed. The need for a decentralized web is greater than ever.

Over the past few days Facebook and Twitter have deplatformed hundreds of accounts with millions of followers in total under the guise of fighting “clickbait” and “spam”. The Washington Post reports:

Facebook said on Thursday it purged more than 800 U.S. publishers and accounts for flooding users with politically-oriented spam, reigniting accusations of political censorship and arbitrary decision-making.

In doing so, Facebook demonstrated its increased willingness to wade into the thorny territory of policing domestic political activity. Some of the accounts had been in existence for years, had amassed millions of followers, and professed support for conservative or liberal ideas…

Just one day after the Facebook purge, Twitter followed suit, deplatforming the accounts of alternative media outlets Anti-Media and The Free Thought Project. Sputnik International reports:

Anti-Media and TFTP aren’t automated bot accounts or spammers. They are run by US citizens who used the internet applications Twitter and Facebook to exercise their First Amendment rights. For that they have been punished — first by Facebook, now by Twitter.

I have friends who were caught up in these purges. Their audiences have been significantly reduced because of this deplatforming. I am generally opposed to “censorship” by media platforms, preferring that readers use their power to mute or block content they do not like rather than have their web browsing experience curated by paternalistic algorithms and “content moderation” teams.

That said, we have to recognize the reality of the situation we find ourselves in: Facebook and Twitter are platforms owned by private companies who have the freedom and the right to deplatform any content they do not like.

https://twitter.com/lightcoin/status/1026688238281482240

The alternative is website owners being forced by the State to host content they disagree with, which seems even worse than the status quo. Hypothetical Lockean squatters rights aside, today’s legal regime supports a company’s right to moderate content off of their platform. So what can we do to protect ourselves from sudden deplatforming by social media administrators?

We get rid of social media administrators.

The future of social media, and the web itself, is decentralized. The same way bitcoin is a decentralized, open protocol that enables anyone to send and receive money without intermediaries, social media platforms will become decentralized protocols that enable anyone to publish and read without intermediaries. The web gets us most of the way there, but there are still vulnerable choke points, such as centralized servers that host content and the ICANN-owned domain name system that routes web requests.

The decentralized web is removing these choke points and replacing them with open protocols that advance the vision of the web’s inventors and early pioneers. Platforms like Blockstack and Ethereum are taking the vision of the web and building in censorship resistance that is stronger than anything possible with the technology of prior generations.

Using BNS and ENS, you can own a domain name that no corporation or government can take away from you. Using Gaia and Swarm you can self-host and back up your content on multiple geographically diverse hosts, preventing take-down by would-be censors. And rather than rely on the good graces of payment processors like PayPal to earn your keep on the web, you can get paid for your content directly by your fans using Lightning and Connext.

Putting this all together, what does the decentralized social media platform of the future look like? It could look like Afari, a Twitter-like application built on Blockstack:

lightcoin_afari2.png

Or it could look like Akasha, a Medium-like application built on Ethereum:

lightcoin_akasha.png

To be sure, it’s early days for these platforms, so they’re not quite ready for prime time yet. And in all likelihood, they could go the way of previous decentralized platforms that attempted to take on the centralized social media giants: at best a niche curiosity, at worst abandon-ware that gets buried in the graveyard of failed projects.

But what this new breed of open protocol-based platforms represents is a turning technological tide, where users don’t have to be sysadmins to take control of their data, where interfaces are familiar and functional, where censorship and deplatforming are nearly impossible. In this world, publishers can post without fear and have a direct relationship with their audience, secure in the fact that no third party can unilaterally take away their online voice and reach.

If you have any motivation to help – whether with design, development, documentation, or testing skills, or even just providing moral or financial support to these projects – I urge you to get involved. The decentralized web wasn’t mature enough yet to save the hundreds of accounts that were just purged by Facebook and Twitter and the many that have been purged before. But maybe, with your help, we can prevent something like this from ever happening again.

Reach out any time through my contact page or the comment section below, let me know how you’d like to help, and I’ll try to point you in the right direction. You can also click through any of the links to projects mentioned above to get in touch with them directly.

Thanks to all involved with organizing and supporting the Decentralized Web Summit.


Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

Join the herd on Mastodon

May 2017 update: I haven’t yet found a good workflow for cross-posting from birdsite to Mastodon, and I still don’t have a large network on Mastodon, so I have mostly stopped using it. I’ll keep checking in and posting now and then, but I do not see it becoming my new mainstay any time soon. Regardless, I will continue giving feedback in hopes that it will evolve into something that is “sticky” for me because birdsite is birdshit.

A few months ago I saw Aral Balkan tweet about a new social media app called Mastodon. With a Tweetdeck-like interface and compatibility with the GNU Social federation, I found the app easy enough to use, with a large network of interesting people to follow. I followed some people, sent my first “toot” (I am not sure if messages were called a “toot” yet) and… did not ever use the app again. This is not unusual: I’ve signed up and played around with many decentralized social apps before and most often I won’t use them more than once.

mdon

Today, something unusual did happen: I logged back in. I am officially a repeat user of Mastodon. Today, a bunch of people joined the network and it even got some press. So I dusted off my login credentials and went to check in on how things are going. Mastodon hasn’t changed much in the intervening time period but there are some subtle yet important improvements (such as 2FA support – gg).

I haven’t had a chance to look through every issue on GitHub or review every companion app so these might have been suggested or done already but here are the features that would make the app stickier for me:

  • A mobile client
  • Post scheduling
  • Post to/from other networks (including the big centralized ones)
  • Add search columns (and other types of columns that Tweet deck offers)
  • Mute whitelist (so you will see toots from people on your whitelist who would otherwise be muted)
  • Easy self-host options for muggles (e.g. Sandstorm is great)
  • Blockstack support (decentralized DNS, PKI, storage)
  • Search-by-word (this was intentionally not done for mastodon.social)
  • Data analytics and visualization tools (I ❤ dataviz)
  • And of course, a bigger network.

I’m probably missing a bunch of other things that I won’t notice until I use Mastodon more. There is a tool you can use to find the people you follow and who follow you on Twitter that helps with bootstrapping your network. I will see if I can add Mastodon to my Blockstack ID so people who use that can find me on Mastodon. And I might even continue using the app to find and share content. Toot me.


Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

For @j12t

Transcription from the Decentralized Web chat (Matrix)(Slack).

A few replies to some comments from earlier:

@eric: +1 to the general concept of consensus system where your vote is not tied to directly a useless-number-crunch POW scheme.

POW is far from “useless” – it’s what allows Bitcoin to work. POW enables decentralized issuance of the bitcoin currency, and prevents the “nothing at stake” attacks, “long-range” attacks, and “grinding” attacks that POS is vulnerable to.

@eric: Silicon-melting POWs are both carbon/entropy-sad, but IMO more worryingly it seems we’ve now demonstrated that existing capital can be brought to bear to buy power in POW schemes, which is not the decentralizing utopia most of us were dreaming of.

A couple of points to consider here:

  1. Miners actually do not have that much power. Economic full nodes have at least as much if not more power than miners. Economic nodes accept bitcoin in exchange for “real world” value in goods and services. Without them, miners wouldn’t be able to pay the bills. Miners therefore follow the economic majority when deciding what full node software to run.
  2. The alternative to “one dollar = one vote” (POS) or “one hash = one vote” (POW) is “one person = one vote” (democracy). It turns out that democracies eventually devolve into oligarchies (at least that’s how things have turned out in the U.S. http://www.bbc.com/news/blogs-echochambers-27074746). It’s quite possible that as long as money exists, people/groups with lots of money will always find a way to rig the system in their favor – they’ll buy candidates, buy votes, lobby for preferential legislation that favors their interests, etc. One person = one vote also requires a robust identity system to be built into the consensus mechanism, which is antithetical to Bitcoin’s decentralized nature. Who would be in charge of verifying identities and letting people into the system or kicking them out? That would require a central authority of some type. So not only would a democratic cryptocurrency not work in practice, it would go against the whole idea of cryptocurrency in the first place.

@eric: I mean, they’re an answer, but it’s debatable whether they’re a good one that results in any better incentives than any other answer.

Bitcoin has the best incentives of any cryptocurrency thus far, by far. Miner incentives are aligned to support the long term health of the network to protect, at the very least, their investment in ASIC mining hardware, and, at most, the value of their hardware plus all of the bitcoins they’ve saved from mining. Since ASICs are specialized hardware and are useless for any application that isn’t SHA-256 hashing (unlike GPUs or CPUs which can be used for many applications), miners wouldn’t be able sell the ASICs if Bitcoin goes bust. So they have an incentive to protect the value of that hardware for as long as possible, which means protecting the value of Bitcoin. As described earlier, POW isn’t vulnerable to many of the attacks that POS is vulnerable to, so it is a very robust form of consensus that is likely to continue working for as long as the block reward is valuable enough to support all of the SHA-256 hashpower that’s out there. All other consensus algorithms either aren’t secure by design or aren’t decentralized by design.

@olivier: There are 700 crypto-currencies: http://coinmarketcap.com/all/views/all/ The real question is: why ?

Altcoin pumpers proponents that I’ve spoken to give two main reasons, you decide which is more valid:

  1. “Experimentation” (because apparently Testnets aren’t good enough?)
  2. Pump n Dump. https://twitter.com/hrdng/status/737018222411665409

There’s also a third reason that is less and less valid every day, but is probably actually the most legitimate reason for now:

3. Filling gaps in Bitcoin’s functionality i.e. the altcoin implements some feature that Bitcoin does not support that people want to use today. This reason is becoming less valid due to the ways that Bitcoin as a system can evolve using e.g. metalayers (http://counterparty.io/news/evmparty-progress-update/) and sidechains (https://www.blockstream.com/sidechains.pdf)

In the end, I believe there will be many blockchains but only one cryptocurrency of any significance (https://lightco.in/2016/02/15/many-blockchains/).


Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!