The Pirate Bay founder has launched a new service to register domain names anonymously: https://njal.la/. You can sign up using XMPP+OTR and pay in BTC. The company buys the domain and then gives you the usage rights.
Seems useful mainly for people worried about content takedowns.
@bcrypt true enough. but this is effectively a giant target saying "hey if you want to hit ALMOST ALL the privacy aware people with low opsec, hit me!". As opposed to someone who takes the opsec care to build up shell contact info etc, and registers with a normal registrar.
@bcrypt If certain content is illegal and a (federal) takedown is requested, then someone somewhere will be responsible for it, imo.
so IF the content is taken down, I wonder how anonymous the owner will stay (depends on severity of content, of course.)
but, the overall concept looks kinda smart..
@lambadalambda @bcrypt Still they're more experienced than most of us in juggling with the technical and judicial struggle to stay online against all censorship... I am not saying it is perfect, (to be fair I didnt even check the link or the company).. I am just bringing that to the level of trust, and the trust in these ppl in particular... <3
@bcrypt I suspect some threat intel company will keep an eye out for the placeholder-reg company's acquisitions and apply them to malware blacklists posthaste.
@bcrypt think it's a great idea. Illegal content will still be taken down, so it seems the service is really targeted to non-illegal uses where anonymity is desired (think rogue Whitehouse/disgruntled parks type accounts).
To the extent that domain registration/ownership provides a static identity layer to federated systems (like mastodon), it's a big win.
@bcrypt it looks like they're still vulnerable to payment provider attack, and they'd need to have plausible deniability at every level of the interface, but their comment on helping law enforcement in the case of harm would indicate that they keep records of some description, which makes them vulnerable to bring raided.
@bcrypt not sure if this possible point was brought up or not, but:
given that you need a XMPP+OTR and bitcoin wallet, and I assume that they need to remain knowledgeable of that info to be able to bill you, a court could come in and order the company to hand over the information for the purposes of investigation, even if that information is not immediately identifiable
and even then, once you have the domain name, what's to stop someone from identifying you via ping? or port enumeration?
@bcrypt a service like this already exists: www.anonymousspeech.com (not that having another is a bad thing, just pointing out that it's not new).
If people really care about anonymity and censorship-resistance they should look into using and supporting blockchain-based DNS like Blockstack (https://blockstack.org/).