Wednesday, April 27, 2005

Using P2P to Protect Anonymous Bloggers

One of the roundtable discussions at the upcoming BlogNashville conference will be on the topic of preserving the anonymity and safety of pseudonymous bloggers. This session is sponsored in part by the Committee to Protect Bloggers and will be focusing on several aspects including the status of online writers imprisoned overseas for daring to criticize their government, why anonymous blogging is valuable, and ways to help "anonibloggers" keep their identities secret.

As a preliminary to the physical discussion, Curt Hopkins, who will be heading up the roundtable, started a Yahoo group discussion which is open to the public. Recently, the topic has turned to the technical aspects of allowing bloggers in repressive systems to exercise their free speech. Sites like Anonymizer and were floated as possible solutions, and indeed, they work well-enough as ways of circumventing censorware. But they don't offer enough to truly protect anonymity since they don't offer the safety of a group.

Instead of relying on the mercies or tenacity of companies or other intermediary groups, would-be bloggers living in oppressive regimes should use an anonymous file peer-to-peer file sharing protocol which transmits all data in an encrypted format, and then have someone on the outside post the information on a blog.

There are several anonymous file-sharing apps (sometimes called third-generation p2p clients) including Freenet, MUTE, GNUnet, and ANts. GNUnet and MUTE are the most secure with MUTE being the best since it never gives out your IP address to anyone on the network, can be configured to use common ports like HTTP, and has native clients for Windows, Linux, and Mac.

Another (much less safe) option is to use an SSH-based darknet with proxy servers using variable IP addresses running on network ports typically associated with the web to get into a system and use a text-based browser (or by creating an SSL tunnel) to post entries on a fourth-party blog site.

For maximum protection, secret information can be embedded and encrypted inside innocuous files with steganographic software and then distributed on a p2p network.

In summary, if I were trying to create some sort of system for transmitting data out of a repressive government, I would do it in the following ways:

  1. Establish contact (either directly or through a cell system) with at least one trusted individual on the outside, tell that person to download whichever steganographic and p2p software will be used.

  2. Decide with that person which types of audio (do not use images since they are not as common on p2p networks) files will be used.

  3. Offer the encoded files over an anonymous network.

  4. Get the contact person to download and decrypt the file and then publish (through a secure anonymous web surfing system) the info on the blog without revealing their real name.
No method is perfect, however, and there will always be some possibility that a user's anonymity on any third-generation file-sharing app can be discovered or that network censors will not find a way to stop or infiltrate a network. Steganography is also not perfect, either. However, I think the procedure outlined above should suffice for situations that require extreme security.

The most likely breaking point in this scenario would be in the cellular chain or a governmental block at the point of public distribution (such as by blocking the blog host's IP). While the first is often irreparable, one could always bypass the second problem by using a different domain or IP.

Links of interest: