Status20 Success
Metatext/plain
Why gopher needs crypto
-----------------------

A little while back I wrote some speculative stuff[1] about a
hypothetical protocol which was more than gopher but less than the
web (it really wasn't about gopher itself, and because of that this
post is actually perhaps poorly titled, but oh well).  There have been
some responses to this, both in gopherspace[2,3] and on Mastodon, and
I've done a poor job of engaging with the wider discussion that I
triggered.  This may continue, as my own thoughts and feelings on the
matter continue to be in a state of flux.  But there is one component
of that hypothetical new protocol which I *am* certain of, and it's a
component that some people have expressed confusion as to the need
for, so I'm going to write a little bit about that.

I'm talking about the fact that my hypothetical new protocol operated
strictly over TLS connections - plaintext straight up wasn't an option.  
I am of the opinion that the widespread lack of encryption in
gopherspace today is the protocol's biggest shortcoming, and I
actually suspect that this point alone discourages some folks who would
otherwise be on board from adopting it.  But others, including
Bongusta overlord Logout, do not see the need, so here's my attempt at
a justification.

I have to admit that I'm a little baffled that this needs to be
explained in 2019.  The web has seen a significant shift to using
HTTPS for anything and everything in the past few years, instead of
only for login pages or internet banking, and just about every
argument used to justify that applies also to gopher.  Claiming that
gopher doesn't need it because there's "nothing important on gopher"
is a self-fulfilling prophecy.  Nobody will put anything important on
gopher *until* it stops lacking basic protections which we expect
elsewhere.

Even if all content on gopher is fundamentally public content whose
authors *want* it to be read by anybody, it remains true that:

* Your ISP can see *and* modify all gopher traffic.  ISPs have
  inserted ther own advertisments into websites in the past, and it's
  naive to think they won't do it again wherever they are not
  prevented by either legal or technical measures.  The probability of
  getting effective legal protection in place everywhere on Earth is
  zero, so basically we need to make this technically impossible.
  Also, in the US and presumably other places it is legal for ISPs to
  collect your browsing history, analyse it and sell the results.  US
  ISPs would not have wasted time and money lobbying for those laws
  without concrete plans to exploit them, so assume that this is
  happening, today.

* Keyword-based censorship schemes such as those used in China and
  elsewhere will be effective against gopher content - TCP connections
  can be automatically dropped as soon as forbidden phrases are passed
  along them, which makes gopher useless for political activism in
  some important real-world theatres.

* Gopher cannot be safely used to distribute PGP keys because those
  keys can be modified in transit by some of the same adversaries who
  could read the intended PGP encrypted mail if it weren't encrypted,
  defeating the purpose.

* Software distributed via gopher (e.g. Zaibatsu-ware[4]) can be
  modified in transit to insert security vulnerabilities.

These are all real problems affecting gopher today which make it
unsuitable for several use cases, like political activism or software
distribution, which I think it would be nice if it *were* suitable
for.  As long as these problems are unsolved, gopher can't ever be
more than a toy in today's ultra-hostile internet.

All of these problems are solved, or at least heavily ameliorated, on
the web via the ubiquitous use of HTTPS.  Of course, the web comes with
its own boatload of problems, like Referer headers and cookies and
Javascript and more, which make *it* unsuitable for a bunch of uses too.
Note that all *those* problems are solved in gopher, by virtue of its
simplicity.

We only need to add ubiquitous encryption to gopher to end up with the
best of both worlds!

Now, let me be clear exactly what I mean by "adding encryption to
gopher".  I don't want to advocate anybody serving anything on port 70
which isn't backward compatible with standard gopher, because that
would be a tragedy for the gopher community.  And I also don't want
plaintext gopher to disappear entirely, because it's great that
something like gopher exists which can be utilised on 40 year old
machines which are too slow to do effective crypto.  What I would like
is to see something new which is basically "gopher plus crypto, maybe
a little more" appear alongside the existing options.  Something which
could be thought of as a "souped up gopher" or as a "stripped down web",
depending on your perspective.  Something which meant people weren't
forced to choose between two non-overlapping sets of massive and
obvious shortcomings but could just USE the internet for sharing
static content in a non-awful way - whether that static content is
"just" phlog posts, ASCII art or old zines, or whether it's serious
political dissent, cypherpunk activism, sexually explicit writing or
non-trivial free software development.

The web is surely a dumpster fire, but let's not pretend gopher is
perfect and cannot be improved.  Those of us fleeing the web have just
fallen back here because it's about the only off-the-shelf vaguely
web-like thing that there is to fall back to.  Some of us may be truly
comfy here, and that's absolutely fine.  Increasingly I think I'd like
to use gopher as a temporary base of operations to build something even
better.

[1] gopher://zaibatsu.circumlunar.space:70/0/~solderpunk/phlog/pondering-whats-inbetween-gophe
r-and-the-web.txt
[2] gopher://circumlunar.space:70/0/~sloum/phlog/20190309-22.txtgopher://circumlunar.space:70/0/~sloum/phlog/20190309-22.txt
[3] gopher://republic.circumlunar.space:70/0/~uwu/thoughts/20190329-markup-market.txt
[4] gopher://zaibatsu.circumlunar.space:70/1/software