Hello Dreamwidth
This weekend I created a Dreamwidth account and copied all my LiveJournal posts there. I plan to use Dreamwidth for future composition, automatically crossposted to LiveJournal. I don't plan to delete any LJ content, and you can leave comments on either site. I'll still read my LJ friends page and will cultivate new connections on DW. For background, read on.
I created my LiveJournal on June 12, 2001, turned on to the service by slyviolet. In my first post I set an intention of using it to track memoirs and musings, share interesting links, and support the site as an open-source, volunteer-run project. My use has followed this overall tenor, though the style has evolved quite a bit-as has the LiveJournal ecosystem.
In the last fifteen and a half years, I've written 1,429 posts with (I think) at least one in every month during that span. My update cadence was much higher in college than it's been during my professional life, with a significant drop-off in 2010 as I started getting my social media fix through company-internal venues. English-language LiveJournal usage has dropped significantly during the Obama administration, probably due to the rise of Facebook, Twitter, Tumblr, and other "Social Networking 2.0" sites. I stuck around because (a) I already had a decade of content on LiveJournal and (b) the site's design and community supports long-form content, which is sorely absent in today's volume-focused social media landscape.
A faction also started leaving LiveJournal after its acquisition by the Russian firm SUP Media. Dreamwidth launched in 2009 using a fork of the open source LiveJournal code base, a modified subscription/access model, a different terms of service, and no ties to Russia. Dreamwidth attracted a significant slice of the English-language geekery and fan fiction demographic from LiveJournal.
Recent weeks have seen a renewed migration from LiveJournal to Dreamwidth. This post summarizes some of the drivers, in particular the fact that LiveJournal's servers now seem to be physically located in Russia and the contemporary political climate in Russia is somewhat bleak on the free speech front.
To a software engineer like me, the idea of mandating a particular piece of the web reside in a particular country is ridiculous. The whole point of the Internet is that people from anywhere in the world can share data with people anywhere else in the world. TCP packets don't need to show their passport at the border and a connection between New York and Los Angeles could pass through London, Dubai, and Tokyo if that turns out to be the fastest route. Yet as the Internet has grown to be of more political and commercial prominence, several governments have taken a keen interest in the geographic location of stored data. Sometimes these laws (proposed or passed) happen because legislators don't understand new technology, so they legislate computing the way they would legislate paper. Sometimes the laws seemed to be based on a desire to drive infrastructure development in their country: "If we require Brazilian users' data to be stored in Brazil, tech companies will build more data centers in Brazil, which will drive jobs and tax revenue."
If these were the only two reasons to require data geolocation, LJ servers in Russia wouldn't be a big deal, aside from perhaps slower page loads from the U.S. Unfortunately, several countries have passed (or would like to pass) data location laws so that user content can be subject to local jurisdiction. And, if you're cynical, the government might also want the data to be available for a police raid where they grab hard drives from the data center. In the specific case of Russia, having data subject to Russian law may be of concern, as the Duma has recently passed laws restricting free speech in ways that would feel uncomfortable to many folks in the west. I'm not sure that the "cops with guns and USB cables" scenario puts your LJ data at significantly more risk today than five years ago: Russian hackers have been plundering data from around the world for over a decade and the Kremlin could probably exert pressure on SUP employees to reveal data they steward, regardless of where it's stored.
If you're a LiveJournal user and care about your content, I think it's wise to create a Dreamwidth account (free or paid) and back up your entries (it's easy). Even if the Russian government or hackers have no interest in your journal, having a backup of your data puts you in a more robust position if SUP goes out of business or turns out to be unprepared for a technical disaster.
Additionally, LiveJournal seems to have turned off HTTPS encryption: https://www.livejournal.com/ now redirects to http://www.livejournal.com/ and likewise for individual journals. This seems like a pretty suspicious setup in 2017, when anybody and their uncle can get an SSL certificate for free. So you should probably assume that somebody's listening in on your LiveJournal traffic, regardless of what you think Russian actors (or anyone else) might want to do with said data.
Ironically, moving data outside the U.S. may actually make it moderately easier for the NSA to get at it, since they have to invent complex procedures to legally snoop on U.S. citizens' data within the U.S. but have more statutory freedom to raid international data. If you want to keep your writings protected from the five prying eyes of the world's spy agencies, your best bet may be pen and paper. If you want to store it digitally, strong encryption and public-key based individual sharing is a good (though not very user-friendly) approach. The best balance may be a major tech company which has the resources to spend on high-quality security engineers and is willing to spend big bucks fighting court orders to secretly hand over user data. The big corp, even though they have a closer relationship with the government, may stand a better chance of defending your data than a small startup founded on principles of pure privacy.
This entry was originally posted at http://flwyd.dreamwidth.org/366249.html - comment here or there.
I created my LiveJournal on June 12, 2001, turned on to the service by slyviolet. In my first post I set an intention of using it to track memoirs and musings, share interesting links, and support the site as an open-source, volunteer-run project. My use has followed this overall tenor, though the style has evolved quite a bit-as has the LiveJournal ecosystem.
In the last fifteen and a half years, I've written 1,429 posts with (I think) at least one in every month during that span. My update cadence was much higher in college than it's been during my professional life, with a significant drop-off in 2010 as I started getting my social media fix through company-internal venues. English-language LiveJournal usage has dropped significantly during the Obama administration, probably due to the rise of Facebook, Twitter, Tumblr, and other "Social Networking 2.0" sites. I stuck around because (a) I already had a decade of content on LiveJournal and (b) the site's design and community supports long-form content, which is sorely absent in today's volume-focused social media landscape.
A faction also started leaving LiveJournal after its acquisition by the Russian firm SUP Media. Dreamwidth launched in 2009 using a fork of the open source LiveJournal code base, a modified subscription/access model, a different terms of service, and no ties to Russia. Dreamwidth attracted a significant slice of the English-language geekery and fan fiction demographic from LiveJournal.
Recent weeks have seen a renewed migration from LiveJournal to Dreamwidth. This post summarizes some of the drivers, in particular the fact that LiveJournal's servers now seem to be physically located in Russia and the contemporary political climate in Russia is somewhat bleak on the free speech front.
To a software engineer like me, the idea of mandating a particular piece of the web reside in a particular country is ridiculous. The whole point of the Internet is that people from anywhere in the world can share data with people anywhere else in the world. TCP packets don't need to show their passport at the border and a connection between New York and Los Angeles could pass through London, Dubai, and Tokyo if that turns out to be the fastest route. Yet as the Internet has grown to be of more political and commercial prominence, several governments have taken a keen interest in the geographic location of stored data. Sometimes these laws (proposed or passed) happen because legislators don't understand new technology, so they legislate computing the way they would legislate paper. Sometimes the laws seemed to be based on a desire to drive infrastructure development in their country: "If we require Brazilian users' data to be stored in Brazil, tech companies will build more data centers in Brazil, which will drive jobs and tax revenue."
If these were the only two reasons to require data geolocation, LJ servers in Russia wouldn't be a big deal, aside from perhaps slower page loads from the U.S. Unfortunately, several countries have passed (or would like to pass) data location laws so that user content can be subject to local jurisdiction. And, if you're cynical, the government might also want the data to be available for a police raid where they grab hard drives from the data center. In the specific case of Russia, having data subject to Russian law may be of concern, as the Duma has recently passed laws restricting free speech in ways that would feel uncomfortable to many folks in the west. I'm not sure that the "cops with guns and USB cables" scenario puts your LJ data at significantly more risk today than five years ago: Russian hackers have been plundering data from around the world for over a decade and the Kremlin could probably exert pressure on SUP employees to reveal data they steward, regardless of where it's stored.
If you're a LiveJournal user and care about your content, I think it's wise to create a Dreamwidth account (free or paid) and back up your entries (it's easy). Even if the Russian government or hackers have no interest in your journal, having a backup of your data puts you in a more robust position if SUP goes out of business or turns out to be unprepared for a technical disaster.
Additionally, LiveJournal seems to have turned off HTTPS encryption: https://www.livejournal.com/ now redirects to http://www.livejournal.com/ and likewise for individual journals. This seems like a pretty suspicious setup in 2017, when anybody and their uncle can get an SSL certificate for free. So you should probably assume that somebody's listening in on your LiveJournal traffic, regardless of what you think Russian actors (or anyone else) might want to do with said data.
Ironically, moving data outside the U.S. may actually make it moderately easier for the NSA to get at it, since they have to invent complex procedures to legally snoop on U.S. citizens' data within the U.S. but have more statutory freedom to raid international data. If you want to keep your writings protected from the five prying eyes of the world's spy agencies, your best bet may be pen and paper. If you want to store it digitally, strong encryption and public-key based individual sharing is a good (though not very user-friendly) approach. The best balance may be a major tech company which has the resources to spend on high-quality security engineers and is willing to spend big bucks fighting court orders to secretly hand over user data. The big corp, even though they have a closer relationship with the government, may stand a better chance of defending your data than a small startup founded on principles of pure privacy.
This entry was originally posted at http://flwyd.dreamwidth.org/366249.html - comment here or there.