Speech.js

Censorship circumvention that's as easy as signing into Facebook

download .ZIP download .TGZ

Introduction

Speech.js is a thin wrapper which translates URI's between the traditional domain name system and an Alternative Domain Name System (altDNS), transforming example.alt-> example.jsdns.tld. Speech.js websites rely on the users social network to provide the initial routing information and process and stores this information in the browser (immunizing the website from legal attacks) while only requiring logging into a social networking site. Thanks to the simplicity of the deployment model, it is very, very cheap to run a Speech.js site, nullifying the effect of taking down any single website.

Speech.js 2.0

If you think that's cool, here are the two big features planned for version 2.0:

Customized Feeds Even if governments create IP blacklists, publishers will be able to hand out private and unique URIs to each user.
WebRTC DHT This will remove the sign-in process entirely, making routing entirely transparent to the end user.

Speech.js is reaching its third and final Alpha build. The prior 'alpha' builds produced proof-of-concept implementations which were capable of navigating compatible .bit websites. It is not a matter of "if" or "how" it works, this third alpha simply reimplements the prior work using a more structured architecture. We would like to squeeze customized feeds, a WebRTC DHT, and plenty more in time for version 1.0 but we need your help!

Speech.is

Speech.js is the reference implementation of the JavaScript Domain Name System client specification and Speech.is (pronounced "speech DOT is") provides access to the .bit decentralized alternative domain name system and serves as the reference Speech.js deployment.

While any Speech.js deployment relies on the traditional DNS system, Speech.is provides two additional defenses against state-sponsored censorship. The first is the location of the Speech.is servers and domain name: the data-haven of Iceland. This makes it very difficult to hold Speech.is legally liable for any content hosted in other countries.

Even if a country chooses to censor a specific domain (such as wikileaks.speech.is) Speech.js offers routing using the hash/fragment convention: wikileaks.speech.is -> speech.is#wikileaks.bit. The #wikileaks.bit portion of the url is never sent to the webserver, let alone included in the low-level DNS requests. Politician seeking to restrict our online speech rights will be forced to advocate for censoring speech.is itself. Something justifiable on a home or corporate network but an obvious affront to basic human rights when enforced at via political means,

Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.

-Article 19 of the United Nations Universal Declaration of Human Rights

Technical Details

Legal

Speech.js, Speech.is, and .bit DNS are all parts of a larger effort to end the threat of SOPA and other state-sponsored DNS censorship regimes. A Speech.js site neither hosts nor links to any content deemed objectionable in major western democracies. As a result the webhost, the upstream carriers, and the owners of the domain name are all immune from legal and political censorship. A more in-depth analysis can be found in the jsDNS specification proposal.

User Experience

The user experience for visiting a Speech.js website is identical to that of any other website with a login requirement, such as the New York Times or Facebook. After the initial login information is automatically updated it whenever changes occur and is stored in the browser itself. From then on (even if the user restarts their computer) they are never prompted to login again.

Scaling

Unlike server-side proxies or content mirrors, a Speech.js deployment can easily scale to virtually any traffic load very cheaply. A minimal Speech.js deployment consists of a single static HTML file which loads the CSS and JavaScript files from the free cdnjs content delivery network. Combined with Cloudflare's free HTML caching a Speech.js deployment can handle the traffic load of a top-5 website for around $20/month.

Security

We believe that we will be able to offer a level at least as high as that of any CDN hosted JavaScript provider, your local DNS server, or your favorite package manager's local mirror. In the future, we believe we will be able to offer even stronger security guarantees.

Breakdown of visiting example.jsdns.tld

navigationStart

Whatever the URL, be it wikipedia.jsdns.tld or wikileaks.jsdns.tld, a Speech.js deployment serves the exact same webpage to visitors. If the user has not visited the website before they are prompted to log into a social network. Speech.js scans their friends pages for compatible DNS feeds and presents them to the user in order of popularity. While the software relies on consensus among multiple lists, ultimately the user decides which DNS feeds s/he chooses to use informed by the choices of her/his friends.

redirectStart

These feeds can be as simple as private friend to friend message with raw JSON, an app that the user or their friends have authorized, or jsDNS entries published as posts.

domainLookupStart

After retrieving the information the parent page stores DNS records in localStorage and then loads the destination website using an iFrame. The parent page is hidden and the child page is shown as if it were the main page using the new seamless attribute. The destination site can cooperatively pass URL updates to the parent page to provide a truly seamless user experience.

Authors and Contributors

Conceived of and developed by indolering.