FreeSpeechMe is a Free Software plug-in for Firefox that allows you to effortlessly view Dot-Bit websites. Dot-Bit is a new type of website that, unlike Dot-Com or Dot-Net (etc), is NOT controlled by any government or corporation.
We already have working beta versions of the FreeSpeechMe Free Software plug-in for Windows and GNU/Linux. You can start using them today. We have them ready to install on our website at: http://www.freespeechme.org
Dot-Bit is also resistant to DNS or HTTPS hijacking, which is common and easy with normal top-level domains. DNS or HTTPS hijacking is when someone redirects your traffic to an impostor website, which allows them to steal passwords or install malware. DNS and HTTPS hijacking are not theoretical threats. In July 2011, DigiNotar, a major corporation in charge of preventing hijacking, was compromised. Over 300,000 users fell victim to fraudulent websites which appeared to be HTTPS-secured. The attackers were able to impersonate the CIA, MI6, Facebook, Microsoft, Skype, Twitter, WordPress, Mozilla, and hundreds of other targets. DigiNotar didn't notice for over a month. Dot-Bit would have eliminated this attack vector.
Dot-Bit domains propagate worldwide within minutes, so new Dot-Bit websites show up promptly for everyone, rather than in 24-72 hours like with other domains. Dot-Bit is secured using the same peer-to-peer technology which protects Bitcoin.
FreeSpeechMe rises above previous Dot-Bit software packages in that it does not need to trust any third parties, AND it's easy to install.
FreeSpeechMe also supports a new feature of Dot-Bit domains: the ability to point to anonymously hosted websites using Tor or I2P. Tor and I2P are networks that allow users to host websites without revealing their identities or locations.
Tor and I2P are a necessity for human rights activists and whistleblowers working in repressive countries, and both networks were critical in keeping citizens safe during the Arab Spring. FreeSpeechMe solves a major issue that has plagued Tor and I2P: giving them domain names that both are human-memorable (Tor normally has domains like duskgytldkxiuqc6.onion) and can only point to the correct website (I2P domains can normally point to different websites for different users). Note that Dot-Bit only keeps the location and IP address of the domain owner private (assuming the domain is registered using Tor); the identity of the domain owner may be linkable with that person's other usage of Namecoin (e.g. usernames at exchanges).MEET THE VIRAL ELECTRON CHAOS LABORATORIES ONE-PERSON TEAM:
Jeremy Rand: FreeSpeechMe creator and programmer.
Jeremy runs Viral Electron Chaos Laboratories. He’s a Computer Science major at the University of Oklahoma. He works in research fields relating to robotics and game enhancement.
Jeremy co-wrote the Tor- and I2P-Service Support for the current Dot-Bit specification. It was accepted and implemented by the Namecoin development community.
FreeSpeechMe is the first software to implement this feature.
Jeremy is the author or co-author of five additional Dot-Bit specification proposals that have been accepted by the Namecoin development community and are awaiting implementation.
THIS PROJECT ISN'T JUST FOR US. It's for the world....Though we will personally be incredibly grateful to each and every person who can help. We are offering perks, but the real prize for everyone will be a more-free and more-secure Internet.
We are also releasing the source code to the world. This is Free Software.
What We Need & What You Get
Please donate if you can.
Even if you can't donate, please tell two friends. We have a press release here:
that you can post, and send to as many people as possible. And whether you donate or not, please download our FreeSpeechMe plug-in and start checking out the Dot-Bit web today.
And don't just check it out, start building these new roads. You can easily and inexpensively start your own censorship-resistant and secure Dot-Bit website TODAY with our clear and easy tutorials. They're all on our website: http://www.freespeechme.org
CAN YOU GET THIS DONE IF
YOU DON'T REACH YOUR FULL
We are unquestionably dedicated this project. We will work on this as hard as we can with whatever funds we raise. But to really hit it out of the park, $50,000 is what we feel we'd need.
If we pass our goal, we will work longer on this. The more money we raise, the better we can make the software, and the more we can spread it. Widespread adoption of this is paramount to its success.
BREAKDOWN OF WHERE THE FUNDS WILL GO (After Indiegogo takes their cut off
30%: Compensation for programmer Jeremy Rand to allow him to work as much as possible on improving FreeSpeechMe for as long as possible. He will also be the project coordinator with other programmers.
35%: Rewards for other programmers who help perfect the FreeSpeechMe plug-in, write WordPress plug-ins to streamline more seamless integration, payment for better web design, graphics, video editing, etc.
25%: Marketing and advertising expenses. (This is a maximum value; we
expect that the actual expenses will be lower. If not all spent, it
will be distributed according to the ratio of the above items to improve
5%: Perks and postage for perks.
5%: Misc / prudent reserve for unexpected expenses / legal expenses / extra cloud hosting if we get suddenly slammed with traffic, etc. Will likely all be spent but if any ends up unspent, it will return to Jeremy to fund additional full-time work on FreeSpeechMe.
We love all donations, but we especially love donations in Namecoin. Namecoin is the concrete used to build the roads of this new Internet superhighway system.
This isn't just "a plug-in." FreeSpeechMe, Dot-Bit and Namecoin are a complete new Internet ecosystem. We are building the roads to a secure and censor-resistant Web 4.0.
TO-DO LIST FOR CODING
As a Namecoin-based project, FreeSpeechMe is part of a significant ecosystem of software which can benefit from improvements. Since FreeSpeechMe directly uses much of this software, and we like to give back, we plan to use some of the funds we raise to improve the underlying Namecoin software, in addition to the FreeSpeechMe code itself. Because what's good for Namecoin is good for FreeSpeechMe, and what's good for FreeSpeechMe is good for Namecoin.
We'll favor hiring people who actually already did some of the work on Namecoin and Namecoin-related software. First because they know the code better than anyone, but also because they deserve to be first in line for paid bounties on Namecoin-related systems.
Below are some examples of the improvements to both FreeSpeechMe and other Namecoin-universe software that we want to have a hand in implementing. Some of these could be put into operation directly by us, others we would like to fund via posting bounties. Note that Namecoin-related improvements are typically discussed in the development community to ensure high-quality design, so it is possible that some of the improvements listed below will change based on community feedback.
Just getting to our current FreeSpeechMe beta has been an immense undertaking. But we'd like to go much further, to do the "work under the hood" that the average user never sees, but that results in a system that could solve many of the problems currently experienced in the entire Internet. We need to do a lot of heavy lifting to not just build an impermeable shell around this new system, but to harden the system itself into that worldwide walled fortress for freedom.
But we also take this down to complex frame-level surgical engineering that will make FreeSpeechMe effortless to use and incredibly valuable to everyone worldwide who uses the Internet.
Think about what a massively complex system Google is. Now think about what the average user sees: just a simple search box on a mostly blank page. We're not postulating that FreeSpeechMe will grow to be as complex as Google, but the analogy is apt.
Below is our ambitious list. We can implement many of these if we reach our funding goal. If we don't reach our goal, we'll get as much done as possible.
FreeSpeechMe-SPECIFIC IMPROVEMENTS WE PLAN TO DO:
Hide nmcontrol/namecoind windows on WindowsGNU/Linux users don't see the terminal windows for backend software; Windows users shouldn't be bothered by them either.
Don't try to visit .bit websites when blockchain isn't downloaded
Right now, visiting a .bit website with an incomplete blockchain will use an older version of that name's data. Usually this results in a failure to load the page with no good explanation of what's wrong, but in certain rare cases it could also hypothetically result in security issues such as hijacking. A better version of FreeSpeechMe should refuse to use incomplete blockchains.
Facilitate non-Firefox usage
FreeSpeechMe uses a networking method, HTTP, which is specific to website traffic. Replacing it with a different method, SOCKS, would make it much more flexible, so you could use Dot-Bit for non-website Internet applications such as SSH. It should also be possible to route other web browsers such as Chromium through FreeSpeechMe. FreeSpeechMe should support being installed as a standalone application for users who don't use Firefox (although obviously Firefox will remain the main method of installation).
Improvements for anonymous browsing
Right now FreeSpeechMe supports routing its traffic through anonymization proxies such as Tor and I2P (if they are installed), but it is not compatible with TorBrowser, so while attackers generally can't see your location or IP address, they can deduce that different activities you do online may have come from the same person. FreeSpeechMe should be improved to function in TorBrowser, which would prevent linkage of different online activities.
Improvements for anonymous hosting
FreeSpeechMe supports Tor and I2P hidden services (if the user has Tor or I2P installed), but does not support Freenet, OnionCat, GarliCat, or other anonymous hosting networks. This should be improved.
Support for next-gen TLS specification
FreeSpeechMe is using a method of specifying certificates to prevent hijacking which is deprecated in the Dot-Bit specification. While this method remains very secure, the newer specification has more features, and FreeSpeechMe should implement it.
Websites which claim to support HTTPS in their domain record should automatically be loaded in HTTPS, even if the user accidentally forgets the "s", to prevent hijacking in such cases. (Note for geeks: this is like the HSTS specification, but works even for sites you haven't visited before.)
Websites that want to support Dot-Bit should be able to do so without changing their server configuration, and instead have FreeSpeechMe make the server think the preexisting domain is being requested. The user would still see the Dot-Bit URL in Firefox, and unlike iframe-based methods, the URL displayed in Firefox would change accordingly as the user clicks links..
Fix HTTP protocol bugs
Unencrypted HTTP Dot-Bit websites occasionally have odd behavior in FreeSpeechMe (sometimes manifesting as links not working properly); this is most frequently seen in WordPress websites. While we strongly encourage the use of HTTPS (which isn't subject to these bugs), we still want to fix the bugs with HTTP websites.
Round-Robin Load Balancing
Some large websites use multiple server IP addresses for a single domain. FreeSpeechMe should be able to randomly choose one.
OTHER NAMECOIN SOFTWARE IMPROVEMENTS
Some of this is possibly out of the scope of this one Indiegogo campaign, depending on funds raised. But these are things we're very interested in helping implement:
Rebase on the latest Bitcoin code
Namecoin is based on an outdated version of Bitcoin (0.3.x). We should rebase on a current release. We inquired with a well-qualified and well-respected contractor (who developed Namecoin-Qt) about how much this rebase would cost; the estimate was around $17,000-$35,000 US. Spending that much on one project would be out of the realm of this first campaign. However, it may be possible to reduce this cost significantly by rebasing on a codebase other than Bitcoin, such as libcoin.
Namecoin currently requires having the entire blockchain for good security. While the 1.6GB blockchain isn't a large concern right now, future scalability requires that clients be able to securely resolve names without possessing the blockchain. There is a proposal for this called SPV+UTXO.
Automatic renewal of names
Losing your names because you forgot to renew them is a problem.
Names should be able to be renewed automatically. Preferably without decrypting the wallet each time the name is renewed, and maybe without even needing your client to be open when it renews. Any solution must be trust-free.
Cold storage of Namecoin name keys
To update a Namecoin name, the keys must be decrypted on a computer with Internet access; this could be a security risk if malware is installed on that computer. To fix this, cold storage should be used, as is possible with Bitcoin.
This is in two parts: (1) port the Armory client to Namecoin (this allows transactions to be signed offline), and (2) allow a cold-storage name to be used as a revocation key for a hot-wallet name (this is called the "import" field).
Dot-Bit is already much faster than other top-level domains for both name lookup and name propagation. However, it can be made even faster.
We estimate that pre-cached name lookup time can be decreased by 2- to 5-fold in some cases, uncached name lookup time can be decreased significantly, name update propagation can be reduced from 40 minutes to under 1 minute, and blockchain sync time can be reduced significantly.
Namecoin software currently does not support Android; this situation should be improved.
Better blockchain anonymity
Like Bitcoin, Namecoin can keep the location and IP address of name owners anonymous (if used with Tor), but the various activities of name owners can be linked by an attacker. This should be improved, e.g. by implementing Zerocoin.
Better blockchain privacy
Some name owners may wish their records to not be publicly accessible; encryption would improve this situation.
Decentralized website single sign-on
Namecoin can be used to log into websites in a secure way without needing a password (protecting people from database leaks or cracked passwords without trusting a third party such as "all your data are belong to us" systems like Facebook); this is implemented as the NameID library by domob. Unfortunately, this library is not easy for non-programmers to integrate with existing websites. Plugins should be created for major website backends such as Drupal, phpBB, WordPress, and SMF, to allow trust-free NameID sign-on to be as easy as checking a box.
Namecoin software should support automated builds and testing so that our developers and testers can work more efficiently. The builds should also be deterministic (as Bitcoin and Tor are doing) to improve security.
Offline signing of static websites
Verifying signatures of static websites against the blockchain would prevent hijacking even if a web server is completely compromised.
SSH client integration
Log into your servers remotely without trusting your network or manually verifying fingerprints, using the same anti-hijacking features that FreeSpeechMe first implemented.
They are all pretty nifty and fun. But we've chosen each perk carefully; they all promote the FreeSpeechMe plug-in. Because the primary goals of this campaign are:
- Promoting FreeSpeechMe
- Improving the software and the methodologies for adopting and utilizing it
- Spreading adoption Dot-Bit
It's often remarked that the Internet runs the world. But if governments, corporations, and criminals can censor and hijack websites at will, the end result won't be good for the Internet, or the world. We have a solid track record working with the technologies behind Dot-Bit. We created the first ever implementation of the Dot-Bit feature which prevents HTTPS hijacking, as well as the first ever trust-free Dot-Bit Firefox plug-in. We are an active participant in the Dot-Bit and Namecoin development process.
FreeSpeechMe is a
game-changing world-advancing leap for freedom. Please help us raise
50,000 dollars to further perfect the FreeSpeechMe Free Software
plug-in, spread its adoption and adoption of Dot-Bit, and help save the Internet from the website censors and hijackers of the world.