SAFE URL: use a real internet domain such as safenetwork.net


#1

I have a new idea for an alternative to “safe:” for helping browsers with a SAFEnetwork add-on, to access SAFE URLs.

This follows on from the discussion about URL handling by the safe browser plugin, where we were suggesting ways to deal with the problem that not all browsers can intercept the original idea of using “safe:” instead of “http:”

@neo and others made some good suggestions such as in the following post (refer back to see the other ideas floated)…

During the discussion, I liked the second idea of @neo’s above, more than the others, but I’m now suggesting something else.

The reason is that I think it’s important to do as much as we can to make it easy for people who don’t know about SAFEnetwork, and don’t have the SAFE browser add-on installed, to access it.

I take the 19 likes that this post got as at least in part due to support for that to be a priority :slightly_smiling::

Using A Real Domain We Own

My suggestion is that we use a normal domain, such as safenetwork.net (or maybe something shorter), so that a safe URL would look exactly like a normal URL: for example “http://safenetwork.net/happybeing” would be used to refer to the SAFEnetwork “DNS” of “happybeing” etc

Behaviour would then be as follows…

  • user with SAFE browser add-on: browser add-on intercepts the URL and displays the content from SAFE domain “happybeing” - this behaviour is exactly like the other schemes such as “safe:”. Content is served directly from SAFEnetwork by the browser add-on.
  • user without SAFE browser add-on: the website on the old internet at safenetwork.net is accessed and displays a page informing the user “You are trying to access a resource on SAFEnetwork, a new public secure internet for everyone. Before you can access this secure anonymous website, you must install the SAFEnetwork add-on for your browser from the official Chrome (or firefox etc) add-on repository. This is necessary to ensure anonymity and end to end encryption, by accessing the website through SAFEnetwork rather than the existing internet, which has inferior privacy and security. If you are concerned about this, you can read more about SAFEnetwork here: http://safenetwork.org. Or to visit the repository and install the SAFE browser add-on click here

The above is just an illustration, and applies to accessing a website URL. The output can be tailored to reflect the browser being used, and point directly to the appropriate add-on. We would need to handle embedded resources (eg images) that appear within an existing web page differently - or perhaps just ignore them.

The advantage here is that users without the SAFE browser add-on will be told about SAFEnetwork and directed as to how to access it. Whereas, with all the other schemes they would just get a “site not found error” when trying to access a SAFE website, and give up.

It then makes sense for us to share SAFE websites widely, and for them to be linked to and used interchangeably with existing website URLs - including in press releases, articles, tweets, facebook shares…anywhere! :slightly_smiling:

Clarification

The first three replies below do not apply to the above proposal, so I’m adding this clarification:

The website does NOT serve up SAFE content. If you have the SAFE plugin installed, the website is NOT visited.

So: no central point of failure, no place to do surveillance etc.

The website will be visited only if someone doesn’t have the plugin. To access the SAFE URL, the user is encouraged to install the SAFE browser add-on, but nobody will know if they did or not, so any surveillance is of little value and the website can of course use SSL/https - so just like visiting a normal website like safenetwork.org. There’s no way to block access, or spy on those who have gone on and installed the add-on.

Privacy Concerns v Privacy Benefit from Mass Adoption (edit)

IMO we’re not creating significant additional risk here - but we are introducing many more people to SAFEnetwork by instead of showing them a “Website not found page”, showing them a page that helps them install the browser add-on, and vastly increases their privacy and security by doing so. And, very important, making rate of adoption much faster, benefiting more people, and increasing the chances of SAFEnetwork being successful.

The biggest risk to people is if SAFEnetwork fails to be adopted widely and becomes another Tor, used by very few, easily sidelined and demonised etc. Or that the individual tries a SAFE link and didn’t get the chance to learn about SAFEnetwork and install the SAFE browser add-on.

How Important is Widespread Adoption?

I’m curious to hear from the community about this question: is widespread adoption a priority for you, or not?

I think widespread adoption of SAFEnetwork is the way to improve people’s security much more than if we get stuck trying to build a perfect system, and far less people use it as a result!


MaidSafe Dev Update 8th December 2015
SAFE URL: "safe://" cross browser support revisited!
Dark Google: more reasons the world needs SAFEnetwork
SAFE URL: "safe://" cross browser support revisited!
The road to mass adoption - Ease of site creation = Widespread usage
#2

IPFS does something similar. You can go to ipfs.io/ipfs/ and any filenamehash and their servers will find and deliver the content for you. The user doesn’t need to install anything - it’s just another website. People posting content can also hack their domain records to point to ipfs.io so you can have something like ipfs.mydomain.com and it works. I have advocated safe do this in the past…

The only downside I see is that it is not censorship resistant – There is a centralized place with a locale in a defined jurisdiction where takedown notices etc could be served and compliance enforced against an operator of a gateway… IPFS has a system to blacklist, I suspect out of necessity caused by this feature…


#3

Neither is the idea to use a domain name for aliasing/redirects. A single point of choke.
The both ideas require clients to be on the WWW.

In terms of the Web redirect idea: that would be a great way to collect data on SAFEnet users, say through Google Analytics.


#4

Yepp this is interesting method, and would provide a good service in terms of ease of use relative to the ‘old dns’ system, but definitely it has some flaws etc.

Obviously it would be just for “surfing” you can not expect to do any real safe network usage beyond consumption of data. It also makes a fall back to make sure people can get connected. And of course the risks of disclosing the IP to the server hosting the safenetwork.net

All in all, I think someone will have a service like this - a URL that points to a server that has safe network internals.

And if on github could be a venue or (safegithub) as a venue to figure out the compromising issues.


#5

@jreighley @janitor @happybeing

You have all misunderstood my proposal. I thought I explained it really clearly, but obviously not enough!

The website does NOT serve up SAFE content. If you have the SAFE plugin installed, the website is NOT visited.

So: no central point of failure, no place to do surveillance etc.

The website will be visited only if someone doesn’t have the plugin. To access the SAFE URL, the user is encouraged to install the SAFE browser add-on, but nobody will know if they did or not, so any surveillance is of little value and the website can of course use SSL/https - so just like visiting a normal website like safenetwork.org. There’s no way to block access, or spy on those who have gone on and installed the add-on.


#6

If I am already posting on my own domain, I am already outside the scope of censorship resistance.

If one wants to be anonymous they can be anonymous, but if they want to be known they can be known. It isnt’ a one size fits all situation. Many folks may want the benefits of P2P’s low cost viral scalability, and may not care much at all about anonymity.

But if you run a gateway, the governments are likely going to require you police it as they tell you to police it, at the very minimum…


#7

It isn’t a gateway, and if they did this you can just disable it and the effect would be exactly like the earlier schemes I referred to - see my post above for clarification.


#8

I think this is the best way to do the job. It is also easier to explain to the end users.


#9

:slightly_smiling: mmmmmmmmmmmmmmmmmm


#10

@happybeing, is this what you are suggesting

user without plugin

user with plugin installed

So the main difference is that there is some real website, so that if the plugin is not installed (and the URL intercepted) then the user gets a WEB page instead.


#11

Frankly, I personally cannot approve of this method. Safenetwork.net becomes a snoop point. A new user attempting to access subversive content is at risk of having their target address intercepted by those who maintain safenetwork.net and any spy embedded among them or the code. This is bad business. I mean if their were a way to blind the SAFE url request we might have a winner. Maybe we can incorporate onion routing in some way. In the end I believe we need a purely trust-less system. Easier said than done.:wink:


#12

If you was using this method you would not be a “new user”, you would be a public internet user with an ip address as the same as another internet user.
So why would snooping matter when google is already doing this for you.

I person that has nothing to hide and is only searching for information on “hobbies” why would you care?

I think the maidsafe mindset will limit the networks growth.

It does not matter what anyone think, If it can be done it will be if there is a need.

Why safe network matter is having true ownership over your own data, where you are not just renting your own data where a hosting company can say, sorry your website is shut down and we taking all your data with us…


#13

Uh, when I wrote new user I meant new to anything SAFE related. General knowledge of computing doesn’t provide users with all relevant knowledge.

We cant be entirely sure of how a user comes across this information. Active searching can indeed be flagged, but a link someone stumbles upon if processed properly can grant the curious plausible deniability in their highly controlled environment.

LOL! This is a strange argument coming from a person who has been on this forum since may last year. This has been covered extensively. Forgive me friend, but the above statement is ridiculously naive. Even more ridiculous is my hope that this will end here. I’m in for a big block of text attack aren’t I? Oh god help me!!!:fearful:

It is this mindset that will stifle tyrants, rejuvenate human creativity, and dispel emotionally driven public stigma. It is this objective approach that will propel the human race into a stage 1 civilization. Your mindset is the dead weight humanity needs drop before moving forward is even possible. Like the ever stiffening mud that impedes the movement of a journeying being.

Well I at least know what it matters to you. This differs for everyone. Don’t superimpose your beliefs onto all of humanity. We are all individuals, not an extension of your subconscious.:neutral_face:


#14

Here are my thoughts. You have to pay for a traditional domain name. You don’t have to pay, at least in cash, for a SAFE domain. And in order o host even one page you need to have a web hosting service, which means you need to pay more. So where’s the financial advantage of using SAFE if you have to buy a website anyway?

That being said if you have a website and want to transition to SAFE, especially if you have data you want to keep safe. Then this could be a very good method to do it with. I don’t see this as an effective way to help SAFE grow in a sense of making new websites where none existed before but rather of converting old websites from the web to SAFE in such a way so that they can bring their audience with them. In short I see this as an assimilation method rather than cultivation.

If SAFE is to grow it’s still going to need a DNS system of one kind or another of it’s own so that people can build their own stand alone websites natively on SAFE without relying at all on the traditional WWW architecture. As for privacy so long as the data is secured getting a new domain is a reletively easy thing to do. Has anyone been keeping track of how many times the piratebay has changed their domain or popcorntime for that matter? The gov’t keeps on trying to shut them down but they keep on popping back up. Same principle.


#15

I always speak for myself of my feelings and emotions and do not represent anybody but myself. But to be on the safe network do I have to opt in or opt out and choose sides, Do i have to agree with all the mindset of the group mentality.
or can I use the network as I feel it suit me, myself safe network is just a tool to be used, I look at and see what it can offer me, like any other technology it gives me opportunities which I found difficult before.

I do not see safe network as my new religion in virtual world but just progress in the right direction. I think sometimes this is like inventing the Book and calling it the bible. hey but do not take offense it just my thoughts.

If you want all the privacy and security on the safe network, I am not stopping you or any other person. But if I want to give up some of those freedom to trade with functionality why do I feel I have broken the ten safe commandments. Is not the safe network for “everyone” no matter what your beliefs are or political agenda is. This means If I wanted to create a data mining app on app on safe network I have the freedom to do so, but you have the freedom not to use it.

I agree I have opposing views to many other people, I do not plan to try to offend and I am not saying anyone is wrong. I am just expressing what I want from the safe network.


#16

That’s cool, but the proposal doesn’t allow for a chosen trade off by the prospective user. No opt in or opt out. It just is. No bueno…:disappointed_relieved:


#17

I bought the website for the frame work, I have wordpress which is excellent cms with every plugin I can imagine. I can pick plugin and use it like a paint brush.
On the safe network you can not just create a dynamic website in a couple months, But you can easy create a static website in a day or two.

So my plan is to have static data stored onto the safe network for my users, and have the functionality of buddy press on the traditional internet…

now abracadabra I have functionality and secure data where it matters.


#18

How do you ensure that http://safenetwork.net/democracy4china doesn’t redirect users to the Public Security Bureau of the PRC?

You’d need a way to ensure that the mapping between democracy4china and the same user homepage on SAFE is correct, which means you’d have to get a list of sites from SAFE and create these mappings by yourself at which point the entire Web site becomes a target - if nothing else, all governments would record IP addresses of all visitors.

The site would instantly be blocked in all messed up countries, but even in the West one should be careful to not click on “bad referral links” because his profile would be instantly tagged with appropriate metadata (subversive, anti-EU, etc.). I’m pretty sure state actors record all IPs that access torproject.org, but at least they can’t see what sites you want visit (unless you’ve tried to click on a dot-onion hyperlink, which would be the same).


#19

What about a wordpress plugin for a website could this been done as the same as a browser plugin? again I am not concerned with ip recording but p2p networking…


#20

Because the MAIDSAFE foundation would setup the website

AND more importantly the plugin would not even go to the website when accessing SAFE. Just like what @happybeing said