Thursday, January 17, 2013

DIYISP second PC revolution

The first PC revolution happened when ordinary people could afford a computer on their desks. The web, and especially web 2.0, has revived the mainframe era, in that software is outside our reach and our data reside on machines owned and operated by someone else.

I don't want my ISP, or the US government, or Google, or anybody to censor my Internet access or unplug it. I'm willing to let them see my data, but I don't want them confiscating it, and I sympathize with those, especially in other countries, who fear that their government will punish them for their political opinions. Even in the US, ISPs, cell phone providers, and web 2.0 style social networking services may reveal my email to government agents without proper authorization, or be "socially engineered" by crooks. Their logs reveal what I read, what I write, and when I am reading and writing it.

In a previous post, I briefly described my vision of a DIY ISP (http://brimpossible.blogspot.com/2012/10/diyisp.html?m=0). Ideally, my home computers would hide behind a home firewall, showing nothing but constant encrypted noise to my ISP. The firewall would generate some random packets to defeat traffic analysis. Outgoing connections would utilize the TOR network or some similar darknet to obscure the content and destination of my attention. I would use my ISP's email and web services only for innocuous tasks, or not at all.

What are the threats and responses? If a disaster disconnects my ISP, a mesh net should take its place. If a corporation deletes my data, I should restore from a backup. If a government seeks to track or censor my consumption or production of ideas, I should hide using steganography and cryptography. How to resist a web takedown?

In reality, I have taken the opposite approach, radical openness and radical laziness.

Would anyone buy a cable router that accomplished all this, or a home firewall? Would the government treat my odd behavior as a red flag and search for excuses to raid my house?
Could I protect my data from seizure? I could store it primarily offsite, encrypted, on a non-shared virtual server hosted in a different country.

How often will this break down? What will be the consequences of breakage?

No comments: