From 810c324068ddf592ca7ab0919215422d25e95b07afb2be8ee9ea15e145f5fc50 Mon Sep 17 00:00:00 2001 From: Nicholas Johnson Date: Wed, 7 Sep 2022 00:00:00 +0000 Subject: New entry: icannot-be-trusted --- content/entry/icannot-be-trusted.md | 39 +++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 content/entry/icannot-be-trusted.md (limited to 'content/entry') diff --git a/content/entry/icannot-be-trusted.md b/content/entry/icannot-be-trusted.md new file mode 100644 index 0000000..b9be6e6 --- /dev/null +++ b/content/entry/icannot-be-trusted.md @@ -0,0 +1,39 @@ +--- +title: "ICANNot Be Trusted" +date: 2022-09-07T00:00:01 +draft: false +--- +## ICANN +The Internet Corporation for Assigned Names and Numbers, also known as ICANN[1], is a U.S. nonprofit which manages the DNS[2] root servers. When you type "nicksphere.ch" into your search bar and hit enter, ICANN is ultimately in control over what happens next, not me. + +ICANN's contracts with domain registries are immune from being challenged and registries can set arbitrary restrictions on content hosted on their domains. ICANN has an effective monopoly on almost all domain names and punishes people for past sharing.[3] For more on that, see the article "Ending the War on Sharing".[4] + +Another problem I have with ICANN is one can't legally own a domain name without forking over personal information to the domain name registrar. Most registrars offer to hide that information from public view, but they still have to hand it over under certain circumstances and there's always the possibility that it gets stolen. + +To get around that, nicksphere.ch is currently registered through Njalla[5]. Njalla legally owns nicksphere.ch and all its subdomains and in return, I don't have to fork over any personal information. They've been operating for years, but could still run away with my domain name and I'd have no recourse since they legally own it. + +## Tor and I2P +Ideally, you're accessing this journal over Tor[6][7] or I2P[8][9]. Those networks will continue working even if my domain gets hijacked. It's unlikely that something happens to my domain, but it's not impossible. + +My Tor onion and I2P addresses aren't foolproof. They're hosted on a VPS, meaning my VPS provider could hijack them. Using nicksphere.ch to access my journal, you have to trust both ICANN and my VPS though. So you're better off using Tor or I2P so you only need to trust one third party, not two. + +Brief digression: To avoid trusting any third party, you can always verify my journal's Git repository[10] with my public Signify key[11] and a small utility called git-signify[12]. If there's any doubt the key is mine, I gave a Libreplanet talk[13] with my public key in the slides five months ago and I have an unbroken history of public keys going back to December of 2020 starting with my original GPG key[14] which I transitioned away from. + +If you yourself are an online service provider, please follow my example and offer a Tor onion and/or I2P address to help resist ICANN's power. + + +Links: +[1: ICANN](https://wikiless.org/wiki/ICANN) +[2: DNS](https://wikiless.org/wiki/Domain_Name_System) +[3: Peter Sunde Kolmisoppi](https://nitter.net/brokep/status/1364950213790740481) +[4: Ending the War on Sharing](https://stallman.org/articles/end-war-on-sharing.html) +[5: Njalla](https://njal.la/) +[6: Nicksphere Onion Capsule](gemini://nick6gsepvtmkcpibpid6dqtqroxt62u6ab4ep65vxrenffruumj6jad.onion) +[7: Nicksphere Onion Website](http://nick6gsepvtmkcpibpid6dqtqroxt62u6ab4ep65vxrenffruumj6jad.onion) +[8: Nicksphere I2P Capsule](gemini://nick6w7lwwzwli57czw5glh3sm2qhnyzbhtq3nohbcnc7j3wqmqq.b32.i2p) +[9: Nicksphere I2P Website](http://nickg4tsj3wy3i23faxp5momjcnlwrvwl5ek5l7lkm5vrbblvgbq.b32.i2p) +[10: Nicksphere Signed Git Commit](https://git.nicksphere.ch/nicksphere/commit/?h=signify-signature-1) +[11: Public Signify Key](/resource/signify.pub) +[12: Git-Signify](https://git.nicksphere.ch/git-signify/) +[13: Taking back the Web with Haketilo](https://media.libreplanet.org/u/libreplanet/m/taking-back-the-web-with-haketilo/) +[14: Public GPG Key](/2021/12/30/statement-of-gpg-key-transition/) -- cgit v1.2.3