--- title: How to Save the World --- I have almost completed an enormous design document for an uncensorable social network intended to contain a non evil scalable proof of stake currency, and I have a wallet that can generate secrets, but the wallet is missing no end of critical features – it is pre-pre alpha. When it is early pre alpha, I am going to publish it on Gitea, and call for assistance. Here is a link to one version of the [white paper](social_networking.html), focusing primarily on social media. (But though information wants to be free, programmers need to get paid.) Here is a link to [another version](white_paper.html) of the white paper, focusing primarily on money and getting rich by protecting capitalism from the state. # Speech and commerce As the internet goes, so goes the world. For freedom of speech to exist, there must be freedom of speech on the internet, and if there is freedom of speech on the internet, there is freedom of speech, for governments will find it very hard to stop it. If freedom of information, file sharing and open source code on the internet, then there is freedom of information, if there is freedom of association on the internet, then there is freedom of association – and, the big one, the one we have least, the one under most severe threat, if there is freedom of commerce on the internet … We can establish these freedoms by technological and business means instead of political means. These means turned out to be more difficult than expected in the heady days of the [cypherpunk](cypherpunk_program.html) movement. To secure all these, we need the right software, software that successfully applies the cryptographic tools that have been developed. Governments are getting worse, governments *always* get worse, yet what is outside the government’s power is getting stronger. It is the nature of governments to always get worse over time, resulting in them either collapsing or being bypassed by new forms of government. The cypherpunk program was that governments would be bypassed, as organization moved to the internet, hidden behind cryptography. The cypherpunk program died, yet lives – for China’s industrialization is being organized through the VPNs of firms whose servers are located in the cayman islands. These firms do transactions largely by trading each other’s IOUs in private conversations rather than through regular bank ’t. Cypherpunks imagined that they would be living in tropical paradises running businesses nominally located in tax havens. It has not come true for them, but an increasing proportion of the world’s business does work that way. In the cypherpunk vision, people of moderate wealth would escape the power of government – unfortunately what is happening is merely billionaires escaping the power of government. To revive and accomplish the cypherpunk vision, we need to make these capabilities and methods more widely available – available not just to the super rich but to the better off middle class – not necessarily the ordinary middle class, but rather the sort of middle class person who has a passport in more than one country and does not need to show up at the office at 9AM every morning. From thence it will eventually trickle down to the regular middle class. At the same time as we see a billion people industrializing in an industrialization run from islands on the internet, we also see a variety of private use of force organizations also organized over the internet popping up – thus for example the extortion operation against oil companies in Nigeria was in part run over the internet from South Africa. Somali pirates were largely eradicated by private security firms whose home nation is far from clear. We are seeing entirely legal and government approved mercenaries, not quite legal and sort of government approved mercenaries, illegal but government tolerated militias and armed mosques, illegal distributors of recreational chemicals very successfully resisting government power, and assorted extortionists and terrorists. Yes, extortionists and terrorists are bad things, but that people are ever less inclined to rely on government provision of protection against them is a good thing. The power of states is increasing, in the sense that taxes and regulation is increasing, that government ownership is increasing, that large firms function by special privilege granted by the government to those firms to the detriment of those less privileged – but at the same time, that which is outside the power of the state is growing stronger. It is a pattern that recurs every few hundred years, leading to the renewal, or the collapse, of civilization. # Major concepts - PKI and SSL needs to be obsoleted and replaced. As Bruce Schneier said in Secrets and Lies: 〝SSL is just simply a (very slow) Diffie-Hellman key-exchange method. Digital certificates provide no actual security for electronic commerce; it’s a complete sham〞 The underlying problem is that our mental name handling mechanism is intended for the relatively small social groups of the Neolithic. True names fail when we attempt to scale to the internet. The current name system is rooted in governmental and quasi governmental entities, who use this power to gently encourage nominally private institutions to censor the internet. Similarly, the encryption system of https allows the government to intercept any website with a man in the middle attack. To fix this, we need a name system rooted in the blockchain, with encryption rooted in Zooko’s triangle, as with crypto currency - [Zooko’s triangle](zookos_triangle.html), The solution is an ID system based on Zooko’s triangle, allowing everyone to have as many IDs as they want, but no one else can forge their IDs, ensuring that each identity has a corresponding public key, thus making end to end encryption easy. These identities may correspond to people you can instant message, or web sites, particularly secure web sites that require logon, such as banks, or indeed any service. Thus, they also correspond to bank accounts, that work like Swiss numbered bank account, in that your identity is a secret. - Protocol negotiation at the levels equivalent to TCP and UDP, and default encryption and authentication at those levels, as with ssh. - Ability to introduce new protocols and upgrade old protocols without central coordination, just as Zooko allows us to introduce new identities without central coordination. Central authority is failing, has become an obstacle, instead of the fast way to get things done. - File sharing with upload credits. - Single signon, buddy list user interface for web page logon. - Messaging system integrated with single signon – message authentication, all messages end to end encrypted. Zooko identity means yurls, which means a problem in getting people onto our buddy list. - Money transfer integrated with instant messaging. - Money transfer uses ripple. - Each money transfer creates a record of accompanying obligation, equivalent record on both sides of the transaction. You can put put money in a message, and for the recipient to get it out of the message, he has to sign a receipt that says this money is for such and such, and he took the money – a receipt that only the person who sent the money and the person who received the money can read, and any financial intermediaries cannot read, though they will need proof that the requested receipt exists, without them being able to read what the receipt is for. The records provide a basis for generating reputation of Zooko based identities. This web page is intended to keep track of the various technologies needed to implement liberty on the internet. There are lots of them, and they are all fairly complex and many of them subtle and very difficult to understand, so this web page will always be severely incomplete. Right now it is almost totally incomplete, I have just got started listing stuff: # Details This list severely incomplete, when finished will be at least a screen’s worth, probably several screens. - [how to build an operating system that is largely immune to viruses, Trojans and spyware](safe_operating_system.html) - [how to stop phishing and browser session hijacking, how to do browser security right.](how_browser_security_should_be_done.html) - [How to do VPNs right](how_to_do_VPNs.html) - [How to prevent malware](safe_operating_system.html) - [The cypherpunk program](cypherpunk_program.html) - [Replacing TCP and UDP](replacing_TCP.html)