This still requires ground stations. Though I guess you could pay for "censor resistant" traffic where your data is bounced among the satellites until someone has a US ground station in sight...
I agree that the US is above average in terms of protection against censorship, but I imagine that if it is an option a lot of people would specifically avoid US ground stations (US is above average in tracking online activity as well).
To some extent we just need something better than https and the various email protocols that we have for securely transmitting data, with built in blinding for sender and reciever. (Only the receiver knows it is a message for them). Stuff should never be in the clear on an intermediary server, and it should be at least resistant to MITM (everything should be signed). It isn't an easy problem. But you can't snoop on and censor what you can't decipher.
The problem is that blinding for sender and receiver is hard to achieve on a route-based mesh.
On the internet you need to know the receiver and sender of a message, otherwise you have no idea where it's going and the best method to from there is to use very inefficient methods.
HTTPS and IMAP over TLS already achieve MITM-resistance, as long as you verify the certificate.
With TLS (and SSL to some extend) you can't snoop on and censor data, not without compromising the sender (assuming you trust their certificate explicitly).
That still wouldn’t give you access to piracy sites, for which the FBI has required US ISPs to censor them from their DNS servers.
I’ve had this occur quite a few times now that 8.8.8.8 (yes, verified with DNSSEC to be the real one) and DNS servers of US ISPs returned different IPs than the authoritative nameservers, and the returned IPs always showing a neat "The FBI has seized this property due to piracy" link.
> he FBI has required US ISPs to censor them from their DNS servers.
That's a pretty serious statement, the government threatens infrastructure providers all the time but I haven't heard of the FBI requiring ISP level censorship of DNS.
> I’ve had this occur quite a few times now that 8.8.8.8 (yes, verified with DNSSEC to be the real one) and DNS servers of US ISPs returned different IPs than the authoritative nameservers
I believe the FBI seized the domain names, as in, from the registrars/registries themselves. They talk about some of them being forefeited, which would have happened at registrar-level. There's nothing in there that suggested manipulation of the DNS servers themselves.
> That's a pretty serious statement, the government threatens infrastructure providers all the time but I haven't heard of the FBI requiring ISP level censorship of DNS.
It’s not unheard of the FBI just storming into data centers, seizing entire racks, just because some of the systems in them might be connected to piracy sites.
> Can you give some examples?
I’m sorry, I know this will undermine the credibility of the statement, but I won’t link to content where linking to it can potentially be a crime on here. Sorry.
> It’s not unheard of the FBI just storming into data centers, seizing entire racks, just because some of the systems in them might be connected to piracy sites.
Indeed, they regularly force cooperation by telling the accused that they will seize their hardware for forensic analysis and then drop them to the bottom of the priority queue.
> I’m sorry, I know this will undermine the credibility of the statement, but I won’t link to content where linking to it can potentially be a crime on here. Sorry.
I think you misunderstand how the law works (at least in the US). I suggest you read this guide put out by the ACLU[0].
You were probably witnessing normal DNS propagation after the authoritative name servers had been changed. Keep in mind that the nameserver data you see in "whois" may not be up to date. When a site is seized, law enforcement goes direct to the registry (GLTD operator, such as Verisign), not the registrar.
