Why gopher needs crypto

A little while back I wrote some speculative stuff[1] about a

hypothetical protocol which was more than gopher but less than the

web (it really wasn't about gopher itself, and because of that this

post is actually perhaps poorly titled, but oh well). There have been

some responses to this, both in gopherspace[2,3] and on Mastodon, and

I've done a poor job of engaging with the wider discussion that I

triggered. This may continue, as my own thoughts and feelings on the

matter continue to be in a state of flux. But there is one component

of that hypothetical new protocol which I am certain of, and it's a

component that some people have expressed confusion as to the need

for, so I'm going to write a little bit about that.

I'm talking about the fact that my hypothetical new protocol operated

strictly over TLS connections - plaintext straight up wasn't an option.

I am of the opinion that the widespread lack of encryption in

gopherspace today is the protocol's biggest shortcoming, and I

actually suspect that this point alone discourages some folks who would

otherwise be on board from adopting it. But others, including

Bongusta overlord Logout, do not see the need, so here's my attempt at

a justification.

I have to admit that I'm a little baffled that this needs to be

explained in 2019. The web has seen a significant shift to using

HTTPS for anything and everything in the past few years, instead of

only for login pages or internet banking, and just about every

argument used to justify that applies also to gopher. Claiming that

gopher doesn't need it because there's "nothing important on gopher"

is a self-fulfilling prophecy. Nobody will put anything important on

gopher until it stops lacking basic protections which we expect

elsewhere.

Even if all content on gopher is fundamentally public content whose

authors want it to be read by anybody, it remains true that:

• Your ISP can see and modify all gopher traffic. ISPs have

inserted ther own advertisments into websites in the past, and it's

naive to think they won't do it again wherever they are not

prevented by either legal or technical measures. The probability of

getting effective legal protection in place everywhere on Earth is

zero, so basically we need to make this technically impossible.

Also, in the US and presumably other places it is legal for ISPs to

collect your browsing history, analyse it and sell the results. US

ISPs would not have wasted time and money lobbying for those laws

without concrete plans to exploit them, so assume that this is

happening, today.

• Keyword-based censorship schemes such as those used in China and

elsewhere will be effective against gopher content - TCP connections

can be automatically dropped as soon as forbidden phrases are passed

along them, which makes gopher useless for political activism in

some important real-world theatres.

• Gopher cannot be safely used to distribute PGP keys because those

keys can be modified in transit by some of the same adversaries who

could read the intended PGP encrypted mail if it weren't encrypted,

defeating the purpose.

• Software distributed via gopher (e.g. Zaibatsu-ware[4]) can be

modified in transit to insert security vulnerabilities.

These are all real problems affecting gopher today which make it

unsuitable for several use cases, like political activism or software

distribution, which I think it would be nice if it were suitable

for. As long as these problems are unsolved, gopher can't ever be

more than a toy in today's ultra-hostile internet.

All of these problems are solved, or at least heavily ameliorated, on

the web via the ubiquitous use of HTTPS. Of course, the web comes with

its own boatload of problems, like Referer headers and cookies and

Javascript and more, which make it unsuitable for a bunch of uses too.

Note that all those problems are solved in gopher, by virtue of its

simplicity.

We only need to add ubiquitous encryption to gopher to end up with the

best of both worlds!

Now, let me be clear exactly what I mean by "adding encryption to

gopher". I don't want to advocate anybody serving anything on port 70

which isn't backward compatible with standard gopher, because that

would be a tragedy for the gopher community. And I also don't want

plaintext gopher to disappear entirely, because it's great that

something like gopher exists which can be utilised on 40 year old

machines which are too slow to do effective crypto. What I would like

is to see something new which is basically "gopher plus crypto, maybe

a little more" appear alongside the existing options. Something which

could be thought of as a "souped up gopher" or as a "stripped down web",

depending on your perspective. Something which meant people weren't

forced to choose between two non-overlapping sets of massive and

obvious shortcomings but could just USE the internet for sharing

static content in a non-awful way - whether that static content is

"just" phlog posts, ASCII art or old zines, or whether it's serious

political dissent, cypherpunk activism, sexually explicit writing or

non-trivial free software development.

The web is surely a dumpster fire, but let's not pretend gopher is

perfect and cannot be improved. Those of us fleeing the web have just

fallen back here because it's about the only off-the-shelf vaguely

web-like thing that there is to fall back to. Some of us may be truly

comfy here, and that's absolutely fine. Increasingly I think I'd like

to use gopher as a temporary base of operations to build something even

better.

[1] gopher://zaibatsu.circumlunar.space:70/0/~solderpunk/phlog/pondering-whats-inbetween-gophe

r-and-the-web.txt

[2] gopher://circumlunar.space:70/0/~sloum/phlog/20190309-22.txtgopher://circumlunar.space:70/0/~sloum/phlog/20190309-22.txt

[3] gopher://republic.circumlunar.space:70/0/~uwu/thoughts/20190329-markup-market.txt

[4] gopher://zaibatsu.circumlunar.space:70/1/software