- Email: [email protected]
- Posts Authored: 13
- Posts Contributed To: 0
November 10th, 2015 by mdw
Seems like quite a bit of controversy was stirred up by the recent Economist article, "The great chain of being sure about things," which they say "has implications far beyond the cryptocurrency." Their point seems to be spot-on in my view.
Bitcoin is a substrate for token-based systems of many sorts. But is it the most appropriate choice for all use cases? Aren't we likely to see MILLIONS of blockchains in the future?Read More
December 25th, 2014 by mdw
Welcome to the pilot episode of Decentralizing Internet Plumbing
We intend to cover topics involving blockchain-based approaches to fixing some of the problems related to the current Internet infratructure. This includes core services like the Domain Name System (DNS), messaging sysytems like email and chat services, cloud storage systems, distributed applications and more.
Episode 1 - Show Notes
Mike and Dante discuss recent events:
bitcoin.com.auseized and ...
November 13th, 2014 by mdwFormer chain lord Tine van der Hoeff takes a job offer from her previous sponsor, Oak, who is the author of Naga Sib, and whom she also knows as Kinaree. She flies to Bangkok to work with Oak, and immediately gets her feet wet. Right away, Tine becomes engaged in defending the Votes 2.0 election chain and trying to prevent an unknown attacker from defrauding the voters in Belgrade. Read More
October 31st, 2014 by mdw
There is considerable activity going on behind the scenes, so I figured I'd offer a survey of current events, instead of taking an in-depth look at various topics individually.
The Huffington Post carried an article recently about domain name thefts. The main point was that domain thefts happen, and there is often little recourse for the domain registrants. As long as we rely on registrars to safeguard our domain names, instead of controlling our own, thefts will happen.
This week I came across an altcoin called EmerCoin. They allow people to register .emc and .coin domains. Now is the preregistration period. Domains will be allocated, for free, to registrants of existing domains in other extensions.
okTurtles announced this week that they are hiring! The team is expanding in order to better pursue development efforts around its flagship products—DNSChain and okTurtles software. Node.js developers are wanted, as well as fundraisers. Also, the OpenBazaar team has begun their DNSChain integration effort.
ICANN 51 took place in Los Angeles last week, with hundreds of participants falling asleep during the proceedings. The main item on the agenda was, of course, the IANA Stewardship transition, but we also take a look at proposed changes to WHOIS.Read More
October 13th, 2014 by mdw
This is part two of a series called Chain Wars. It started last week with this double length intro: http://letstalkbitcoin.com/blog/post/chain-wars-the-worm
Tine van der Hoeff was an expert in keeping next generation blockchains running. But she was lured away on an important task by an unknown patron. Working with her friend Theo, she plans to attack the chain worm, Naga Sib.
Tine understood how important it was for humans to maintain control over their technology. She knew that humans set the rules for the chain when the code was launched. Surely, she thought, better chain design could prevent chain infections from happening.
Some parts of the Naga Sib codebase remained mysterious, including the instruction set for building the next generation. Many of its secrets were hidden in a big binary blob, from which both parts of the worm could be made. It was not clear how to extract the information from that binary hunk of code, but it contained the digital DNA of the chain worm.
Tine's current goal was to figure out how it worked and how to conquer it. She would kill both halves of this at the same time. Then she intended to find out who was behind Naga Sib, and why.Read More
October 4th, 2014 by mdwIt all started when a decentralized app called Naga Sib, running on the NetherChain, got out of control. These autonomous entities could be coded to prioritize self-preservation, even if that meant bad consequences for others. Naga Sib was no ordinary app. It was designed for trouble. How easily we lose control of our technologies when we're not careful. Read More
September 5th, 2014 by mdw
Namecoin: The First Altcoin
In 2010, Aaron Swartz realized that a blockchain-based Domain Name System (DNS) would be a secure, decentralized, and human-friendly, readable naming system. In other words, it could square Zooko's triangle. Internet users had limited choices because friendly naming on the Internet was a necessity, so compromises had to be made.
August 17th, 2014 by mdwEditor #1: William
Editor #2: Cheryl
The first article in this series compared the Domain Name System (DNS) to a phonebook. In this analogy, DNS is a directory that allows you find computer addresses from domain names just as people's names can be looked up in a phone directory to find their phone numbers. DNS enables us to translate "LetsTalkBitcoin.com" into the computer-friendly IP address "220.127.116.11".
This article discusses the system's security. It will explain how the existing DNS system is prone to malicious attacks, and suggest how decentralized solutions increase security.
DNS Security in the Age of the Blockchain
The current Domain Name System was designed with reliability in mind, not security. It was designed in a different era, when packet switched networks were still a novel idea. Indeed, DNS is easily compromised, and is now a prime target for attack. For example, the government of Turkey recently forced local ISPs to redirect all traffic for twitter.com to a government site by changing the DNS entries in their nameservers.
Our current DNS has many intermediaries, called nameservers where traffic can be intercepted or tampered with. Blockchain based DNS reduces the number of queries to nameservers. That's because many domains are associated with IP addresses in the blockchain, so no other servers need to be consulted.
A huge problem on the Internet is man-in-the-middle (MITM) attacks. In MITM attacks, the "bad guy" is positioned between users and the site being accessed. This allows the attacker to return fake data in order to to divert users to malicious sites.
Blockchain-based DNS makes significant improvements to the existing system. Most importantly, the process of resolving a domain name and verifying the credentials of the destination server will be greatly simplified and substantially more secure. All the information needed to resolve a domain name will often be found in the blockchain, whereas the current process usually involves querying multiple servers. Blockchain-based DNS will also simplify the process of establishing trust between a given user and a server.
Centralized control structures create central points of failure that constitute valuable targets for attack. We noted in a previous article how these hierarchical systems lead to troubling political problems. In this article we will briefly look at some of the security implications.
Let's suppose some user Mary wants to visit her bank website. How does she decide whether or not she has found the legitimate bank website? She trusts her web browser, which in turn relies on an overly complex system involving signed digital certificates.
Mary's web browser is presented with a digital certificate from the bank website, which bolsters her belief that she is interacting with the legitimate bank website that she expected. That certificate makes the claim that this bank is indeed the site operator, by offering an assurance from the entity issuing that claim - called a certificate authority (CA). Her web browser probably decides to trust the site because the Certificate Authority is on a whitelist of trustworthy CAs, and therefore trustworthy.
The government of France was recently caught using a fraudulent Google certificate, which is dangerous because it can be used to man-in-the-middle (MITM) Google users. How safe should you feel? Digital certificates can usually, but not always be trusted. Rather than basing security on math, the current system requires faith.
Decentralized DNS can fix this problem by replacing the current certificate trust relationships with a much simpler scheme. The site owner can publish their own signed certificate, or the equivalent, right there in the blockchain. Only the registrant has the ability to publish this certificate because doing so requires the private key.
See the difference? There is no need to have a third party validate the trustworthiness of a certificate since by definition only the site owner has control of this. Certificate authorities are a prime target for attack, but decentralized systems have no such authorities to rely on. There is literally nobody to attack!
Man In The Middle
Main-in-the-middle (MITM) attacks are a persistent problem on the Internet. MITM refers to a broad class of attacks where somebody between the two endpoints intercepts, tampers with, or redirects the traffic without the knowledge of the victim.
For example, when Mary attempts to access her bank website she might be attacked by someone in a position to intercept this traffic. She may be tricked into connecting to a fake bank website, in an attempt to steal her username and password.
A next generation nameserver like DNSChain will retrieve the information needed to resolve a decentralized domain name by maintaining local blockchains. Signing the reply with a private key allows Mary to know that the IP address she gets back definitely came from her chosen name server.
On a local network like many people have in their homes or offices, a router is the perfect place for this nameserver to reside. By being so close to the networked devices it can efficiently provide name resolution to connected computers, tablets, mobile devices, smart toasters and more. By expecting signed responses from a next generation router, devices can avoid the classic MITM attack which victimizes so many Wi-fi users.
Domain names are stolen or hijacked all the time, often by exploiting registrar procedures for safeguarding registrants' names. A typical domain theft begins with an email account being compromised. The thief then calls the registrar to explain that they forgot the password, and requests a reset link be sent to the registrant's email address of record. Once the registrar account can be accessed, the domain name is transferred to an overseas registrar.
In decentralized systems there is no registrar to exploit with social engineering. If there is an entity like a registrar, they cannot be made accomplices in order to change ownership data, or provide password resets. With Namecoin's .BIT domains, for example, an update operation is required to transfer ownership, which can only be accomplished by presenting the corresponding key.
Note that spear-phishing, social engineering, hijacking email accounts, cracking registrar passwords, compromising registrar databases and other traditional tools in the domain thief's arsenal are all useless here.
There seem to be only two ways to steal a domain name in a blockchain-based system like Namecoin; either steal the private key from the registrant, or take control of the network via 51% attack and register the domain again. The former is certainly plausible, but strategies to prevent it are straightforward, including using multiple signature (multisig) addresses.
Eliminating Attack Targets
The Internet Corporation for Assigned Names and Numbers (ICANN) has the authority to digitally sign the root zone, which in practical terms means they hold one of the most valuable private keys in the world. ICANN carefully guards the key used to sign root nameserver keys. Root servers store the most important data for almost all the world's Top Level Domains (TLD) like .COM, .NET and so on.
In case that description did not make it clear, this essentially means that both ICANN and the root name servers themselves are high value targets for criminals and malicious hackers. After DDOS attacks on the root servers in 2002 and 2007, these lynchpins of the Domain Name System were made more redundant, but they remain a critical target. A threat was made in 2012, allegedly from Anonymous, to "shut the Internet down" by attacking the root servers.
Another potential choke point is the registry operators. Recall that registries are granted the authority to operate a Top Level Domain by ICANN. They provide the APIs which allow registrars to offer domain name registration and domain management services for all conventional domain names. Attacking registry operators like Verisign, administrator of .COM and .NET, would have a severe impact on the Internet.
Decentralized DNS avoids these problems. If all the domain data is stored in the blockchain, there is no need for ICANN, registries, or registrars. Gone in one fell swoop are all of these pressure points of the legacy DNS. Decentralized Domain Name Systems are MITM-resistant, theft-proof, and solve the whole digital certificates problem on the Internet today!
A quick reminder, this is a multipart series on decentralizing the Domain Name System. Be sure to check back next time as we take a close look at a real, working example - Namecoin.
If you enjoyed this article and want to show your gratitude you can do so by signing up to Lets Talk Bitcoin using my referral code: http://letstalkbitcoin.com/?ref=52b52db8Read More
August 8th, 2014 by mdw
The Domain Name System (DNS) has become such a fundamental part of the Internet over the years, and yet it has also become more political than ever. In our introductory piece we introduced the main themes for this series, and in this article we explore the the specific issues of censorship, domain seizures, thefts and privacy. Decentralization can address these important issues in a direct way.
Much of what is wrong with the status quo stems from the centralized structure of our DNS. From a political perspective it is a three-tired hierarchy. ICANN is in charge, at the center of it all. On the second level are the registries, like Verisign, who are in charge of Top Level Domains (TLDs) like .com.
On the bottom tier are registrars, who provide retail services like domain registration to customers. They are proxies who typically present an assortment of TLDs for consumers to register. There are currently around 1000 registrars accredited by ICANN, and many have networks of resellers working with them. Think of registry operators as the wholesalers and registrars as the retailers.
All these are eliminated or at least marginalized with a decentralized solution - there is just no need for them. People and companies are now empowered to register their domain names without going through intermediaries, and without being forced to adhere to the rules set by political bodies like ICANN.
The hacker inside me likes decentralization architecture. It could be argue that much of the "political problems" we have today derives from the centralized nature of the DNS with the root. So technology like namecoins or other decentralized identifier system intrigues me.
- James Seng, March 2014 draft from ICANN's Technology Innovation Panel
Vint Cerf explaining who controls the DNS
Protecting Freedom of Speech
Censorship is an important issue for us all. National governments are the primary concern here, with many exerting as much control as they can. Extreme examples include North Korea and Iran, where authoritarian regimes control virtually all available information.
In countries where political speech is stifled, dissidents are often prevented from publishing anti-government opinions. The use of Tor in Turkey nearly tripled this past March in the wake of videos on youtube implicating government officials of trying to stage an event as pretext to declare war on Syria. Government officials also banned twitter in March by redirecting DNS queries, after leaked recordings surfaced with the prime minister apparently instructing his son to dispose of large amounts of cash.
The situation in most countries is far more nuanced. It is all too easy to single out countries like Turkey and Iran for what many consider to be draconian censorship. But some level of censorship takes place pretty much everywhere, including less oppressive Western nations. Google, the world’s largest search provider, now discloses the number of requests they receive to remove search results.
Luckily no matter the current level of censorship in a country, blockchain systems can provide a solution. Namecoin’s .BIT domains and BitsharesDNS upcoming .p2p domains cannot be seized or pointed to government sites against the will of the registrant. Even if a government seized control of the network through a 51% attack, it does not appear possible to change ownership of a blockchain-based domain name without being in possession of the corresponding private key.
Next generation DNS like Namecoin are immune to censorship! People can now publish political content without worrying about government censors seizing their domain names. We cited political dissidents but this is a critical assurance used by journalists operating in hostile environments as well. This freedom to speak out will certainly be used by bad actors too, but the benefits are indisputable.
People often believe that theft of domain names is rare, because there is a lack of supporting evidence. There is anecdotal evidence, and a few high profile cases like sex.com (video). There was even a conviction in the much publicized case of the P2P.com domain name theft.
Most people own very few domain names and have never experienced domain theft firsthand. No reliable data on domain thefts seems to be available. The registrars are in a position to have information about this, but have a strong disincentive to publicizing incidents that might damage their reputation.
"As far as I know, no one has a really good handle on just how much of a problem domain theft is. We hear of occasional instances of high profile thefts that catch everyone's attention, however I'm sure the vast majority of thefts go unreported."
- Ron Jackson, Editor and Publisher, DN Journal
It is typically registrars that engage in bad behaviors which result in lost or stolen domain names. However, both registry operators and registrars can both behave in questionable ways, like registering domain names right after their customers search for them.
Registrars have been caught stealing users' domain names too. Bad actors lose their accreditation when caught, but that is small consolation to a person or company that no longer has their domain names. If only these domain names had been registered on a blockchain! Domain name theft in the world of crypto-DNS requires stealing a private key. Theft of a .bit or .p2p domain name cannot occur as result of a company abusing its authority.
Domain Name Seizures
Registrars commonly seize domain names at the behest of government agencies or judicial systems. There are instances when many people feel it can be considered appropriate, but again this comes loaded with the potential for abuse. As mentioned earlier, although there is a nearly universal consensus on the undesirability of domains being used to host child pornography, it is less clear in matters involving intellectual property rights or political speech.
The DNS pecking order goes something like this. The U.S. Department of Commerce has had the authority to approve changes to the Root Zonefile since it was inherited from the U.S. Department of Defense in 1998. ICANN awards contracts for management of TLDs to registry operators, who enter into contractual relationships with registrars.
Individual domain names are sometimes seized as result of court orders when the domain is operated by a registry which operates in that jurisdiction. The .COM registry for example, is run by Verisign, a U.S. Corporation, and can therefore be compelled to comply with U.S. federal court orders.
The U.S. Department of Homeland Security has seized domain names on several occasions, when illegal activities are alleged. And in fact, other nations routinely seize domain names as well when a registry is located within their jurisdiction.
Thus the rationale for blockchain-based DNS, where domain names are independent of national jurisdictions. If a government agency wants to take control of a Namecoin .bit domain name, for example, how can they do it? It's basically impossible for governments, courts, registries or registrars to seize domain names in a decentralized system.
Department of Justice took down 130 websites, Thanksgiving 2011
Seizing Entire Namespaces?
There are several types of extensions, and they are not treated the same. The two letter country code domains (ccTLDs) like .DE (Germany ccTLD) are administered entirely as the national governments decide. This is in stark contrast with how Sponsored Top Level Domains (sTLDs) are forced to abide by very restrictive terms and conditions.
Yet a U.S. federal court is currently being asked by plaintiffs in a lawsuit to compel ICANN to seize control of the ccTLDs of Iran (.IR), Syria (.SY) and North Korea (.KP) to satisfy judgements against those nations. At stake is the fate of three entire namespaces, despite there being virtually no functioning websites in North Korea.
This raises legitimate questions about Internet governance. In blockchain-based DNS, federal courts have no agency. Even in the case of BitsharesDNS, where the underlying technology is being developed by a for-profit company, it seems that they cannot be compelled to intervene because they simply don't have that capability.
Who is that domain name registered to? It's a question many would like to know. Registration data is generally stored by the registry operator, and can be accessed using a protocol called WHOIS. Providing accurate information including name, street address and phone number is required by ICANN. Failure to comply is grounds for forfeiting the domain name.
The status quo is convenient for law enforcement to help locate lawbreakers. It also makes life easier for intellectual property holders to identify those who they believe to be infringing. The current system is also of great benefit to prospective buyers who wish to negotiate a domain name sale, or potentially anyone interested in contacting the domain owner. But the status quo offers no good options for individual registrants to protect their private information.
In fact, the current scheme has serious disadvantages for individuals. We make this distinction between individual and corporate registrants because the latter can use corporate contact info and no personal information is exposed. Individual domain owners are often targets for scammers because their personal information is required to be public. For example, an easy way to bootstrap a botnet intended for mass spamming is to harvest the millions of email addresses publicly available in WHOIS records.
Over the years registrars began to sell private registration services. This service typically involves replacing the ownership data on the official WHOIS record with that of the registrar. This scheme unfortunately requires even more trust be extended.
Technically these registrars are in a position to make an ownership claim, which might be important if the owner disappears from public view. More troubling still is the notion that they keep the real ownership info in their database. Those private details must be kept hidden from both misbehaving employees as well as hackers.
Two Systems Going in Different Directions
ICANN wants to replace the current system with one where more detailed contact information is required from registrants, but data lookup would be granted only for "permissible purposes" to authenticated and approved users. Despite thoughtful objections of the sole privacy advocate on the working group which came up with this proposal, both registrants and agents looking up information would need to be clearly identified in the latest proposed scheme.
Namecoin requires no information from the registrant to simply reserve a domain name. Possession of the private key corresponding to that domain’s address on the blockchain is the only thing required. Registrations are pseudonymous in that no identifying information is available by default except that particular tokens can be tracked through the blockchain. With some effort, a registrant could come to posses tokens which could not be traceable back to any personal identifier.
But this is not an anomaly. According to project lead Nikolai Mushegian, "all domains are anonymous by default" in BitsharesDNS, meaning that personal identifiers are only public record if the registrant chooses to provide that info. In their soon-to-be launched system domain names will be pseudonymous, meaning that they are by default only associated with internal identifiers.
A registrant in either the Namecoin or BitsharesDNS systems can put in specific contact details entirely at their discretion. Meanwhile ICANN steadily continues down the path of eroding user privacy in order to appease the interests of big business.
A quick reminder, this is a multipart series on decentralizing the Domain Name System. Stay tuned for the next installment as we explore how decentralized DNS allows us to solve some of the most pressing online security issues we face today.
If you enjoyed this article and want to show your gratitude you can do so by signing up to Lets Talk Bitcoin using my referral code: http://letstalkbitcoin.com/?ref=52b52db8Read More