Centralization VS Decentralization

ARTICLE IS UNDER ACTIVE CONSTRUCTION, INFORMATION MAY CHANGE OVER TIME AND THERE IS TONS OF SHIT MISSING, JUST BE PATIENT

In this article, I plan to discuss the active centralization of the internet and how it relates to an oligopoly known as the big 5. I will also be discussing federated and decentralized services/applications that we can use to counter the rule imposed upon us by big tech and the big 5.

Who are the "big 5"?

Gafam

The big 5 are an oligopoly consisting of the 5 biggest corporations in the technology sector. The big 5 are not necessarily colluding together, however they all have a mutual mission in keeping other companies down and facilitating the biggest data collection operation on the planet. The big 5 consist of Google, Apple, Facebook, Amazon and Microsoft. Each of these companies dominates a certain part of the technology industry in some way, for example; Amazon dominates e-commerce, Microsoft dominates desktop OS market share, Google dominates web searches and advertisements, Facebook dominates social media and Apple dominates music & hardware.

These companies are only becoming larger and more powerful, they are now the five most valuable companies in the world[1], even bigger than the oil companies. They are the driving force behind the centralization of the internet as we know it. They have a wide range of revenue sources[20].




Centralization

To put it simply; centralization in the context of modern technology is the process of putting all of your eggs in one basket. Sure it might be more convenient to you, however when things go wrong, the impact may have real world consequences[2].

Everybody is moving to either Gmail or Outlook as their primary email provider, people are moving toward Facebook along with subsidiaries WhatsApp and Instagram for communication & social media and people are looking to Amazon for their e-commerce needs. Even if an independent service arises, it will likely rely on its own centralized architecture and/or just be bought out by a bigger giant, just like how Facebook bought Instagram & WhatsApp and how Amazon bought TwitchTV. While one may refer to services like Discord, SnapChat and others as examples of services free from influence from big tech, they don't seem to realize that those kinds of services are often powered by the cloud services offered by the likes of Google, Microsoft and Amazon, cloud services which are prone to outages/downtime which can cause problems[3]. This not only means that those services effectively operate under the umbrella of the big 5, but it also means that if Google Cloud, Microsoft Azure or Amazon Web Services are having problems, all of those services that rely on them will be affected as well, it creates a single point of failure.

I'm not going to recommend centralization at all. If there is some form of centralization taking place, I will generally recommend avoiding it unless under very specific circumstances. If you want an example of what I generally would recommend, I highly suggest you scroll down to the Federated and Decentralized sections below.

Microsoft

Microsoft

Microsoft was the first big tech company and remains a powerful corporation with a diverse source of revenue spread across cloud services, hardware and software.

Microsoft Revenue

While M$ may not have as much control as it used to back in the day when IE dominated the web, it still has major control. Let's just get the obvious out of the way, the Windows operating system itself is a desktop OS monopoly. While *NIX may have dominance in the server and embedded spaces, the desktop market is ruled by Windows[4]. Microsoft's recent aquisition of GitHub has sent shivers down the spines of many and justifiably so (who wouldn't be skeptical of a large company specializing in proprietary software acquiring a site that hosts mostly free software?). This[5] recent incident for instance has shown that one cannot trust the big 5 with a large and critical service like GitHub. This is why a notable amount of projects have left GitHub and migrated over to GitLab instead[6].

Microsoft's primary source of income is from its office suite. Microsoft Office dominates all workplaces, enterprises and schools. Alternatives such as LibreOffice exist, however the compatibility between the two isn't exactly two-way; while you'll have no issue opening a Microsoft Office file on LibreOffice Writer, you may have some trouble with opening LibreOffice files on Microsoft Office.

It is totally possible to simply not use Windows or Microsoft's products altogether, however by ditching Windows, you'll be missing out on a lot of key applications and of course, video games. MacOS and Linux simply aren't ready to compete with Windows for gaming yet despite the major advances that have been made with things like the Vulkan API, Proton etc. There's also Microsoft's Azure cloud service which is extremely competitive with Amazon's AWS, many websites and services are powered by them and you may not even realize it. Avoiding Microsoft entirely simply isn't feasible even for the more dedicated privacy-conscious people out there simply due to Azure's existence.

Google

Google

Google is the biggest privacy invader out of all the tech companies. Its search engine is the most visited website in the world and each search you make is used to track you and create an advert profile around you. Getting around this is really easy, just use an alternative search engine. Ideally you should use Searx, however DuckDuckGo and Startpage are also suitable alternatives. Changing your search engine to a more private alternative will go a long way in reducing Google's grasp on you.

Google Revenue

Google seems to be putting most of their eggs in one basket here with their revenue and to be fair its a good basket to put them in. Ads are what makes the web run these days unfortunately, you can use adblockers and other various things, but the fact is the industry will never die unless a replacement monetization model is found. The reason is because its the most convenient and easy for both the content creators and the consumers. A new monetization model for the web is the only thing that will really change things. Alternatives to ads do exist and they are getting more popular especially with the recent demonetization of YouTube channels as of late. Services such as Patreon have been filling a void for content creators that have been robbed of their ability to receive ad revenue.

Google is at the forefront of web centralization. The web's turn toward the Blink browser engine is shining example of this. Almost every browser is using Blink nowadays, Opera even abandoned its in-house Presto engine for Chromium's Blink engine not too long ago, even more recently Microsoft abandoned EdgeHTML to have Blink instead on their Edge browser. The reason browsers are doing this is because they simply cannot compete with Google, it's too much of a burden on both users and companies. The only other competition is Gecko on Firefox, WebKit on Safari/Epiphany and Goanna, a Gecko fork for the Pale Moon browser. Google having a monopoly on the web is not a good thing. More and more websites are beginning to request that Firefox and other browsers switch to Chrome or another Blink-engine browser, this will give Google control over web standards and it has already shown[7] that it is not afraid to abuse that power to take control away from the users. If Blink keeps growing, the developers over at Google will also see less and less reason to improve. We lose, they win, it's important you avoid Blink browsers if possible.

This may be difficult depending on who you are, perhaps you use a web app which requires Chromium for example, this would hinder your ability to avoid Blink. It is ideal to find an alternative to any Blink-only web apps that you use if possible. You can also attempt to mitigate any blocks by doing things such as altering your useragent-string etc I no longer recommend useragent switching. The reason being is that it even if it does work, you're giving those web services a false statistic, they see you're using Chrome when you really aren't and this will only further justify the shift toward an eventual Blink monopoly. They don't see users that want Firefox compatibility, they just see Chrome users so it only makes them oblivious to the problem. Please don't change your useragent-string.

Apple

Apple

Apple Revenue

Amazon

Amazon

Amazon Reveue

Zuck

Facebook

Facebook Revenue

Why not use Signal, Telegram etc?

Simply put, they are not decentralized/distributed and resort to the same centralization tactics that the big corporations use (that's not to say that services like these are necessarily all evil, they simply don't do enough). Federation of services makes them far more resilient to censorship and puts more control in the hands of the users. These services do the exact opposite of what needs to be done to reclaim the internet from big governments and the data mining industry. The only acceptable option I'd say is Signal (it was their double ratchet algorithm that made OMEMO possible for XMPP).

Telegram

Telegram

Telegram also isn't the most secure option out there as its custom cryptography hasn't been proven to be as reliable as other open standards out there[8], its server software also is closed-source and while I doubt that the people at Telegram Messenger LLP are actively decrypting messages and giving them to the government of wherever the hell its based now, they seem to be openly against user freedom and decentralization, meaning they are a no go. Though it isn't based in Russia, the developers are Russian and the Russian government has openly expressed their contempt for it. Avoid.

Signal

Signal

Signal isn't the friendliest[9] service to pro-privacy communities. It relies on Google's services which is a problem, let's not forget the fact that they require a phone number for registration and the fact that you cannot host your own servers okay so apparently you CAN host your own servers with Signal[10], however it is still not federated with the primary servers used by Open Whisper Systems and getting it to work requires some not so easy workarounds. While it has its share of issues, It's admittedly the least shitty of the centralized services as the cryptography is better in Signal than other apps like Telegram. Signal is also extremely easy to use and has some features such as self-destructing messages which render apps like SnapChat useless in comparison. You should be using OMEMO with XMPP, but realistically your normie friends won't appreciate the seemingly complex federation approach so Signal is a good middle ground if you wish to introduce them to the world of cryptographically sound communication.

Gab

Gab

Gab has a fair bit of issues. For one, it REQUIRES javascript. This means that if you want to disable it for any reason, you won't be able to use Gab at all. It also uses Cloudflare which MITM's connections[11] and this is an unnecessary attack vector. While it may protect Gab, it puts users more at risk (showing that its narrative of putting its users first is a sham). Federated and free open-source social media services exist already and have for a very long time. Gab is an all around inferior product built by a political opportunist and Dissenter is also a problem because it's an attempt at centralization [12]. Not only are they attempting to do what every other corporation is doing, but they are also posing as some sort of underdog while doing it (sound familiar?), it's a very slimy thing to do as it's a deliberate attempt at misleading people who don't know any better.

It is worth noting that the CEO of Gab, Andrew Torba had launched an advertising company called Kuhcoon years before he launched Gab[13] so we already can deduce from that alone that Gab is not a good solution to those that seek to take back control of their data. Not only that, he has made the choice to utilize the Bitcoin Lightning Network for payments, a network that promises to make Bitcoin faster but at the often unmentioned expense of centralizing it[14], sort of defeating the one of the purposes of using crypto currency in the first place. Gab has made its mission clear; fork existing open-source projects and subsequently make them shittier by removing whatever crypto those projects may be using and replacing it with shitty centralized Bitcoin Lightning. Torba even has the audacity to refer to other altcoins as "shitcoins" being pushed by elites while simultaneously pushing his own centralized elitist crap[15].

I wouldn't wish this service on my worst enemies. Please steer clear for your own sake as every single aspect of Gab is cancerous from the founder, their ideology, their goals, their code and all the way to their userbase.

UPDATE: It appears that Torba has now decided to fork Mastodon's code and will now join the fediverse[19]. Code will be better and there will be Mastodon's fediverse compatibility for Gab users. However I still suggest you avoid.




Federation/Decentralization

Federation can be explained here[16]. It can be considered a middle-ground between full on centralization and full on distribution. Some examples of federation include email, XMPP, Mastodon and Matrix. Basically, anyone can host an instance of server software for a federated service like email. Anyone can sign up for that email service as well send and receive emails from other email addresses both on that same server or from other servers. Same goes for XMPP. Federated services and protocols work fine, as seen with the presence of email. Here is a list of federated services.

XMPP

Email

You should know what email is if you use the internet. Email is used for virtually everything whether you are signing up for a subscription, online account, sending in job applications or even just talking to people. In our current society, your email is synonymous with your identity, people know you by your email address and you use your email address to communicate even to government institutions. It's been this way for a long time and it's unlikely to change despite the technologically superior alternatives to email that exist. It is important that you choose the right server[17], I would personally recommend you go with one that supports POP3 & IMAP4 so you can connect via a mail client meaning you can also be in control of your encryption keys with tools like GnuPG. This would mean refraining from services such as Protonmail or Tutanota which use a javascript implementation of OpenPGP and keep encryption keys on their own servers. Getting Protonmail to work with an email client is a total pain as it requires a paid account and requires a gimmicky program that you need to download[21]. Since Protonmail also relies on OpenPGPjs (which they maintain), it uses javascript to deploy the cryptography that sets it apart from other providers. Javascript cryptography is far from a good solution from both a privacy and security standpoint[22] and as such must be avoided.

ActivityPub

NNTPChan (AKA Overchan)

NNTPChan is a very elaborate imageboard. The software utilizes the NNTP protocol to synchronize content posted by users between servers. This means that if one server ends up going down, all other existing instances of NNTPChan will still be available and functioning, making it much harder to takedown in contrast to services like 8chan. Naturally, it is open-source[26] but unfortunately I cannot find any working clearnet links to it. There are some working links on I2P and Tor however.




Distribution

A distributed network requires completely P2P communications. There are no central servers of any kind, each computer acts as a node that can be connected to whether that be anonymously via something like Freenet or it be through pseudonyms and/or real ID's via something like RetroShare which utilizes F2F connections, meaning you only connect to peers which you trust by exchanging certificates. Below is a list of applications which fit the bill for decentralization.

Freenet

Freenet functions as a distributed data store. That means that all content is static, websites you wish to publish are published as static files and distributed across the network from your node. The upside is that any potential exploits that may be served by traditional webservers such as malicious javascript cannot be served on Freenet's sites. The downside is that the content is stored locally on your drive meaning if the jackboots break down your door one day, they could seize your computer, look through your drives and even copy the contents of your RAM for later examination to see what you were browsing. You'd better encrypt the drive where you store your Freenet content and also make use of the panic button when necessary. Freenet is good for storing static content without needing to rely on your own infrastructure being online 24/7.

RetroShare

RetroShare is the perfect solution for if you need a social network entirely isolated from the rest of the internet, that may sound crazy at first, however it's perfect for a social network between REAL friends that you personally know. It is entirely end-to-end encrypted, there is no leakage of metadata or anything like that and it is jampacked with features. You can share files similarly to BitTorrent, have forums, chatrooms and more. You can also hide your IP from peers by using Tor or I2P. It is powerful software that can fill in the instant messaging and email gap while avoiding even federated servers. I used to use this a lot and I'd recommend it to anybody without any regret.

There are some downsides to using this. As mentioned earlier, you connect directly to peers, meaning a network with RetroShare relies on a strong trust between peers, if you want a trustless system you need to rely on Tor or I2P in order to accomplish this which will only increase latency and reduce speed. Friends of friends may interact with one another via what it calls Turtle Routing, an anonymous networking model that relies on the existence of trusted peers. When interacting with a friend's friend, your friend is acting as an intermediary for communication, while this concept may not bother you, it may bother others. There is of course the issue with practicality, exchanging certificates with one another requires you meet up IRL or you exchange them via an alternative channel whether it be email, XMPP or even a proprietary app like Discord. RetroShare has had some security issues in the past[18], however they have been addressed.

I2P

I2P is an anonymous network, often compared to Tor and Freenet rather than being looked at as something unique. I2P is similar to Tor but with a few differences, primarily that every user also must participate as a node to relay traffic for others and that it is not a low-latency network like Tor is. The advantage of this is that there are more nodes in the network equating to greater anonymity and a stronger resistance to timing attacks, however these nodes are often just normal PC's at people's homes whereas with Tor, most nodes are often run on rented servers, so it's often a quality vs quantity issue. I2P employs something they call garlic routing, an improved variant of Tor's onion routing technique. Garlic routing has the advantage of bundling multiple messages together, making traffic analysis harder and speeding up data transfer. I2P also is optimized for torrents, unlike Tor and it has its own trackers too, however the consequence of using I2P to torrent is that it will be really slow in contrast to clearnet torrents, but that's the price you pay for security.

As I2P is an overlay network so you should be able to use many existing protocols and applications with it. The standard installation package comes with many things such as the Susimail webmail client designed to be used with Postman.i2p with privacy-enhancing features and the Jetty webserver preconfigured to work with I2P OOTB.

I2P's weaknesses are the lack of advanced research papers and code audits for it that applications like Tor have (due to garlic routing's immense similarities to onion routing however, I2P benefits from the academic research done on onion routing as stated on their website[28]). I2P also does not have the same level of funding that the Tor Project does and on top of that, the main client is written in Java. Alternative clients do exist, however they do not provide all of the features of the main client.

Briar

Briar is recently created software. It is an Android app so if you're one of those privacy-aware people that doesn't use a smartphone, you won't be using this as there's no PC app. Briar is purely P2P and encrypted, it prides itself on its resistance to DDoS attacks (since it is completely P2P), takedown orders (all content is stored on the devices of the users), content filtering (as it's encrypted), surveillance and even internet blackouts by utilizing Bluetooth and Wi-Fi[25]. Briar is also compatible with Tor if you want to anonymize your usage of Briar.

I've never used Briar myself so I can't really say a whole lot about it. It does seem like a good overall alternative to more mainstream private messaging apps like Signal since there are no centralized servers AND it doesn't request details like your phone number and/or email address. Consider giving it a shot.

Namecoin

Namecoin isn't just another altcoin, it is rather a decentralized DNS that offers the ".bit" top-level domain for websites. It is actually a clever idea as it takes away control of domains away from for-profit domain registrars and certificate authorities as SSL certificates are free with Namecoin and this also means that there is no worry over certificate authorities being compromised. Since the root DNS servers are not utilized, the network cannot be controlled via the likes of ICANN and websites cannot be censored without blocking the entire Namecoin network. You also have more privacy as a server owner by not needing to submit hefty amounts of data to domain registrars and CA's. You can host any type of server you want via Namecoin so it is a nice extra layer to apply alongside measures such as federation of services.

It is important to note that Namecoin isn't anonymous. It doesn't offer anonymity like Tor & I2P do. What it does offer is a more private and decentralized alternative to the existing global DNS we have now which is dominated by ICANN and the 13 root DNS servers, 11 of which are located in the US and the other two in the UK and Sweden. If that doesn't qualify as a form of centralization then I don't know what does. Just like any other altcoin, it is vulnerable to the 51% attack[23].

Emercoin

Emercoin is a similar solution to Namecoin, it offers domains and SSL certificates in a decentralized manner that is immune to the problems posed by our current system. However Emercoin has much more under the hood, it provides a number of services including a far more secure alternative to existing SSH called EmerSSH[24]. Its DNS service (EmerDNS) acts just like Namecoin's, however it ups the ante by providing four top-level domains (.coin, .lib, .emc, .bazar) as opposed to Namecoin's one. It provides TLS certificate via the EmerSSL service to complement EmerDNS' domains. It also provides EmerDPO, a ledger for proof-of-ownership, to put it simply; it's the blockchain equivalent to having your papers that prove you own land or a car etc and can also act as a new form of DRM (as someone who opposes DRM, I do not fully endorse EmerDPO).

Emercoin with its wide array of usecases is looking to be a valuable asset in our mission to decentralize our digital lives and to destroy the big 5. While I am not 100% sure about the EmerDPO service, it is otherwise looking great.

IPFS

IPFS is a distributed data storage network. It aims to replace existing centralized solutions by utilizing a system similar to BitTorrent to access files. It can be thought of as similar to Freenet, however there are a number of differences[27]. For example, the main purpose of IPFS to have high performance whereas Freenet sacrifices speed in exchange for security and anonymity. I'd personally argue that IPFS is one technology that may actually catch on in the future among the mainstream. Unlike Freenet, IPFS does NOT force you to store data that you do not request yourself, meaning there is no concern of people being prosecuted for content they did not request.






References: