The internet is vulnerable to wiretapping at its root. Organisations like the NSA or the GHQ are collecting petabytes of metadata on every individual on the planet. Every day. Everywhere. And they keep it for many years. The word "privacy" doesn't mean anything to them. But it means something to most of the people living in peaceful countries. Personal freedom is at stake.
So what to do? Using encrypted services such as HTTPS, TLS help hiding the content of your communication. However at the very core of the internet, you still leave tons of traces as unencrypted metadata. Every request to resolve a domain name such as when you type
https://www.example.com/ will result in a query to your name-servers. This is in the clear, no matter how secure the site is you are communicating with. The NSA might not know what you are doing on
www.example.com. But it will know that you use that site and will think you could be an
example-terrorist. This creates personal profiles based on your liking, your habits etc. It can bring you into the cursor of surveillance and has the potential to put you on blacklists such as the no fly list and is an insult to your personal freedom. There is no way to know, no way to correct. The only thing you can do is suffer. For life.
The solution is to encrypt everything, or everything you can. Reduce the amount of metadata you leak reduces the risks a lot. Minimize any traces you leave. The bootstrap.is initiative starts at the root of all: the domain name system (DNS). bootstrap.is will give you an encrypted DNS service. Any application you use which uses hostnames will profit from it. Mail, Web, Instant messaging, Your app which checks if there's an update (and thus revealing you have this app), all that DNS communication is now instantly encrypted. Enabling SSL/TLS in the apps then is the second step. And if securing the communications is absolutely vital, adding VPN's is a third level.
So to start we need a widely available high performance, encrypted DNS infrastructure. Protocols such as DNScurve and DNScrypt are the building blocks of it. But it takes more to arrive on the mainstream.
Operating out of Switzerland and Iceland, we are not subject to any fabricated US search warrants, gag orders or similar weapons of mass humiliation. Switzerland and Iceland are in the topmost peaceful places on earth and hold up privacy and respect. So unless there are some real serious crimes at stake, wiretapping wont be allowed and in all cases a judge has to order it, no exception.
We plan to launch a funding campaign through Indiegogo. Leave your email and we will inform you when we launch it. After the service is launched, we plan to offer it for a very very small yearly fee. Initial backers would get a lifetime account.
As this is a heavy infrastructure based project, the running costs will be very substantial. So this only works out if we have many millions of users. And for that we need to reach the critical mass to make the project worth while. So talk about this initiative to your friends. Help others understanding that privacy matters. You can also donate by bitcoin to 1HQmUeFJHDkEdLPQPeAP1CbkDynYbxPfZK. If you are an ISP, you can donate rackspace and connectivity in major datacenters. We also will need support for other languages and we will need crypto and security experts to assist us in verifying it stays secure.
There's lots to be done. Lets bootstrap the internet into secure mode and get our privacy back!