The US does not have laws that forbid people who don’t have a security clearance from publishing classified material. The UK is a country that has such laws but the first amendment prevents that.
I don’t think that chosing jurisdiction in the hope that they will protect you is a a good strategy. If you want to host leaks from the US in China, it’s possible that China’s offers to surpress that information as part of a deal.
4chan has a single point of failure. If the NSA would be motivated enough to burn some of their 0-days, taking it offline wouldn’t be hard.
Taking a decentralized system with an incentive structure like ArDrive down is significantly harder.
Attacking ArDrive is likely also politically more costly as it breaks other usages of it. The people with NFT that store data on ArDrive can pay lobbyists to defend it.
Just convincing the developers is not enough. You also need the patch they created to be accepted by the network, and it’s possible for the system to be forked if different network participants want different things.
Torrents are also bad for privacy everybody can see the IP addresses of all the other people who subscribe to a torrent.
For privacy onion routing is great. Tor uses that. Tor however doesn’t have a data storage layer.
Veiled and the network on which Session runs use onion routing as well and have a data storage layer.
In the case of Veiled you get the nice property that the more people want to download a certain piece of content the more notes in the network store the information.
As far as creating public knowledge goes, I do think that Discord, servers and Telegram chats serve currently as social media.
Update: I thought about this more and I think yeah it should be possible to just skip the torrent step. I have updated the post with this change.
Post on SecureDrop servers, circulate via manual or automated resending of messages. For people with technical skills and enough free time to run servers as a part-time job.
Post on a nginx clearnet server, circulate via automated web crawlers, For people with technical skills but not necessarily a lot of free time.
Post on high attention social media platforms, circulate via people using DMs and discovery of those social media platforms. For all people.
A key attack point here is the first person who posts this on clearnet. Hence I was hoping for it to circulated by automated bots before any human reads it on clearnet.
The US does not have laws that forbid people who don’t have a security clearance from publishing classified material. The UK is a country that has such laws but the first amendment prevents that.
Thanks this is useful info for me. But also don’t think it matters as much? People in NSA, state dept etc will obviously find an excuse to arrest the person instead. Many historical examples of the same.
I don’t think that chosing jurisdiction in the hope that they will protect you is a a good strategy. If you want to host leaks from the US in China, it’s possible that China’s offers to surpress that information as part of a deal.
I will likely read more on this. I’m generally less informed on legal matters. Any historical examples you have would be useful.
I agree with the very specific example of US and China this might happen. The general idea is to share in a lot of different places. So share it in China and also lots of other countries.
Attacking ArDrive is likely also politically more costly as it breaks other usages of it.
I’m currently not very convinced but I’ll have to read more about ardrive in order to be confident. I currently guess 4chan’s owners and developers have more money and public attention, and hence more powerful humans need to be taken down in order to take down 4chan. Zero day might doxx users sure, I agree with this being possible.
Torrents are also bad for privacy everybody can see the IP addresses of all the other people who subscribe to a torrent.
Yes I’m aware of this.
One platonic ideal world is just have 8 billion people operate 8 billion securedrop servers and for any information that hits one server and checks out as not spam, user attached a PoW hash and sends copies to every other server. But convincing that many people to run SecureDrop is hard. Torrent is one level less private and secure than this. But yes I’ll think more on whether torrent is good enough or whether a custom solution has to be designed here.
Veiled and the network on which Session runs use onion routing as well and have a data storage layer.
In the case of Veiled you get the nice property that the more people want to download a certain piece of content the more notes in the network store the information.
I’ll try to read more on veiled. And also try their app out. Thanks!
As far as creating public knowledge goes, I do think that Discord, servers and Telegram chats serve currently as social media.
Yes this is true as of 2025 for many countries. Which social media platforms are high attention and also hard to censor varies country-to-country.
For instance in India most people use phone login not email login hence WhatsApp plays a lot more of a social media role.
The US does not have laws that forbid people who don’t have a security clearance from publishing classified material. The UK is a country that has such laws but the first amendment prevents that.
I don’t think that chosing jurisdiction in the hope that they will protect you is a a good strategy. If you want to host leaks from the US in China, it’s possible that China’s offers to surpress that information as part of a deal.
4chan has a single point of failure. If the NSA would be motivated enough to burn some of their 0-days, taking it offline wouldn’t be hard.
Taking a decentralized system with an incentive structure like ArDrive down is significantly harder.
Attacking ArDrive is likely also politically more costly as it breaks other usages of it. The people with NFT that store data on ArDrive can pay lobbyists to defend it.
Just convincing the developers is not enough. You also need the patch they created to be accepted by the network, and it’s possible for the system to be forked if different network participants want different things.
Torrents are also bad for privacy everybody can see the IP addresses of all the other people who subscribe to a torrent.
For privacy onion routing is great. Tor uses that. Tor however doesn’t have a data storage layer.
Veiled and the network on which Session runs use onion routing as well and have a data storage layer.
In the case of Veiled you get the nice property that the more people want to download a certain piece of content the more notes in the network store the information.
As far as creating public knowledge goes, I do think that Discord, servers and Telegram chats serve currently as social media.
Update: I thought about this more and I think yeah it should be possible to just skip the torrent step. I have updated the post with this change.
Post on SecureDrop servers, circulate via manual or automated resending of messages. For people with technical skills and enough free time to run servers as a part-time job.
Post on a nginx clearnet server, circulate via automated web crawlers, For people with technical skills but not necessarily a lot of free time.
Post on high attention social media platforms, circulate via people using DMs and discovery of those social media platforms. For all people.
A key attack point here is the first person who posts this on clearnet. Hence I was hoping for it to circulated by automated bots before any human reads it on clearnet.
Thanks this is useful info for me. But also don’t think it matters as much? People in NSA, state dept etc will obviously find an excuse to arrest the person instead. Many historical examples of the same.
I will likely read more on this. I’m generally less informed on legal matters. Any historical examples you have would be useful.
I agree with the very specific example of US and China this might happen. The general idea is to share in a lot of different places. So share it in China and also lots of other countries.
I’m currently not very convinced but I’ll have to read more about ardrive in order to be confident. I currently guess 4chan’s owners and developers have more money and public attention, and hence more powerful humans need to be taken down in order to take down 4chan. Zero day might doxx users sure, I agree with this being possible.
Yes I’m aware of this.
One platonic ideal world is just have 8 billion people operate 8 billion securedrop servers and for any information that hits one server and checks out as not spam, user attached a PoW hash and sends copies to every other server. But convincing that many people to run SecureDrop is hard. Torrent is one level less private and secure than this. But yes I’ll think more on whether torrent is good enough or whether a custom solution has to be designed here.
I’ll try to read more on veiled. And also try their app out. Thanks!
Yes this is true as of 2025 for many countries. Which social media platforms are high attention and also hard to censor varies country-to-country.
For instance in India most people use phone login not email login hence WhatsApp plays a lot more of a social media role.