Chapter 2b: Server Issues: Networked Infrastructure: Difference between revisions

Coordinator: SysterServer Contributors: xm (ooooo) and Mara

https://digitalcare.noho.st/pad/p/servpub

https://eth.leverburns.blue/p/servpub-2b

Index/Structure

positionality of feminist servers:

• data infrastructure literacy
• digital solidarity networks
• dependencies - alliancies - affinities
• troubleshooting /debugging vulgar marxism

politics of networks

• systerserver networking: internes/alliances/systerserver /....
• lan/wan/vlan
• regulatory bodies ICAN-RFC's develop/discuss standards (missing)
• routing / subnetting (missing)
• history of VPN
• proxy, tor as tools for accessing the web (missing)
• geolocation and network infrastructures

resources matter

• traffic costs and electricity (missing)

Chapter

positionality of feminist servers

In this chapter we will appropriate the tactics of Queercore: How To Punk A Revolution and introduce our feminist server's activities as a catalyst to push techno-feminism into existence and announce we are here to stay. The documentary explores the rise of the queercore cultural and social movement in the mid-1980s, which channeled punk angst into a biting critique of societal homophobia.

We as part of Systerserver and co-dependent on other feminist server projects (Anarchserver, Maadix, leverburns, digiticalcare...), will share ways of doing, tools & strategies to overcome/overthrow the monocultural, centralized oligopolic surveillance & technologies of control.

A server is a place where our data is hosted, the contents of our websites, where we are chatting, storing our stories and imaginaries and access the multiple online services we need to get organized (mailinglists, calendars, notes,...). We don't want to be served, we think a feminist server as an (online) space that we need to inhabit. As inhabitants,  we contribute by nurturing a safe space and a place for creativity, experimentation and justice, a place for hacking heteronormativity and patriarchy. Feminist servers have the potential to learn together, to maintain and care for a space together in a non-hierarchical way, and in a non-meritocratic way.

• https://creatingcommons.zhdk.ch/wp-content/uploads/2020/06/Transcript-Femkespider.pdf

To be able to setup server's we need to have hardware, a machine - a single board computer (like raspberry pi, olimex, an old refurbished laptop,...) or a server in a rack in a data center, a virtual machine (vps), and the will to self host (described in chapter 1). As Systerserver, our feminist server project, we relate and organize around these servers by adopting different roles, defined in conversations in Anarchaserver. [roles]

Besides from these roles we need to encourage “data infrastructure literacy” for the ability to account for, intervene around and participate in the wider socio-technical infrastructures through which data is created, stored and analyzed. Our intent is to make space for collective inquiry, experimentation, imagination and intervention around data. Data as in binary information, suitable for processing by computers, recognizing it's intrinsic (human)labour conditions, maintenance and hence care. In becoming more literate, we cultivate our sensibilities around data politics and as well engage a wider public with digital data infrastructures.

• https://journals.sagepub.com/doi/10.1177/2053951718786316

For this reason we need to make servers visible and physical as a crucial/critical space, we need a room of our own and we need a ‘connected room’ of our own.*  or a network of one's own

• *(Spideralex) https://creatingcommons.zhdk.ch/wp-content/uploads/2020/06/Transcript-Femkespider.pdf.

• *referring to the paranodal periodic publication and series of events and worksession in rotterdam revisting of Virgina Woolf's classic eesay.

By making infrastructures visible with the aid of drawings, diagrams, manuals, metaphors, performances, gatherings, systerserver traverses technical knowledge with an aim to de-cloud (Hilfling Ritasdatter, Gansing, 2024) our data, and redistribute our networks of machines and humans/species.

• ( public interface anarchaserver /calafou: https://zoiahorn.anarchaserver.org/physical-process/ )

• ( are being served  - home is a server -  https://areyoubeingserved.constantvzw.org/Home_server.xhtml )

A connected room, network of one's own, with allies as co-dependencies, attributes collectivities interacting as radical references which evades hierarchies of cognitive capital based on individuals and underlines the collective efforts to resist within the hegemonic technological paradigm.

• https://www.roots-routes.org/hacking-maintenance-with-care-reflections-on-the-self-administered-survival-of-digital-solidarity-networks-by-erica-gargaglione/

politics of networks

Being part of the Internet, or internets, is a combination of vast, complex and opaque technologies. In this section we look at the technicalities of the Internet, such as IP address, Local, private and virtual networks, routing and subnetting and the politics of scarcity, economy and institutional control.

systerserver networking

The software Tinc functions with (private) networks, and in our public facing server, jean, we configured two named as internes and alliances. While the first is for our backup and etherpad servers, the latter is for some local servers fron our community. And there is the network systerserver as our first attempt to install and configure Tinc. The servers that are connected to these networks are home based with usually dynamic Ips that change. Hence for these servers to be accessible in the Internet they need a fixed (or static) IP. With the creation of the Tinc networks, these servers are accessed via the IP of jean which is a fixed IP. Tinc (and other VPN) tunnels operate within private networks (10.0.0.0), and the machines inside these tunnels can connect to each other with the private IP’s that we assign within these private networks. In that case, we as system admininistators of jean and their allied servers, we have the agency to configure these private networks without the necessity to be given a fixed IP by the internet providers, which most often is an expensive service.

lan/wan/van

To understand somehow more the private and public IP’s and networks, we can look at them from their naming conventions. LAN is an abbreviation for LOCAL AREA NETWORK, and the reserved addresses for these networks are either 192.x.x.x, 169.x.x.x (DHCP) and 172.x.x.x. These addresses are distributed within one room, building that has a router. The router that broadcasts the WiFi or provides ethernet cable connections is the interface between the local network inside the room, and the WAN (WIDER ARE NETWORK), basically the Internet.

The addresses 10.x.x.x are reserved for the private networks, that are also called virtual. Since Virtual Private Networks are more complex to comprehend, here we want to introduce a little bit of their history, hoping that it will illustrate their purposes and functions more.

history and topology of VPN

After the WWW and http protocol, the question of secure connections became urgent as the ability to connect beyond institutional networks became wider. AT&T Bell Laboratories developed an IP Encryption Protocol (SwIPe), implementing encryption in the IP layer. This innovation had a significant influence on the development of IPsec, an encryption protocol that remains in widespread use today.

"IPsec, introduced around the mid-1990s, provided end-to-end security at the IP layer, authenticating and encrypting each IP packet in data traffic. Notably, IPsec was compatible with IPv4 and later incorporated as a core component of IPv6. This technology set the stage for modern VPN methodologies." ref https://www.paloaltonetworks.com/cyberpedia/history-of-vpn

By end of 90s Microsoft worked towards implementing a secure tunnel protocol, creating a virtual data tunnel to ensure more secure data transmission over the web. The encryption methods used in the PPPP was vulnerable to advanced cryptographic attacks. the MPPE (Microsoft Point-to-Point Encryption), only offers up to 128-bit keys which have been deemed insufficient for protecting against advanced threats. Later together with Cisco, they developed another protocol, the L2TP, for serving multiple types of internet traffic.

"L2TP (Layer 2 Tunneling Protocol) works by encapsulating data packets within a tunnel over a network. Since the protocol does not inherently encrypt data, it relies on IPsec (Internet Protocol Security) for confidentiality, integrity, and authentication of the data packets traversing the tunnel." ref https://www.paloaltonetworks.com/cyberpedia/what-is-l2tp

A later tunneling protocol is the openVPN, which has been designed as a more flexible protocol allowing port configuration, and more security.

Tinc protocol follows here...

the drawing of encapsulation from tunnel up/down

While https is another way to secure traffic over the internet, it is distingue from IPSec in that IPsec secures all data traffic within an IP network, suitable for site-to-site connectivity. HTTPS, the secure version of HTTP, using SSL, and its successor TLS secures individual web sessions, typically used for secure remote access to specific applications via the internet.

geolocation and network infrastructures

Now that hopefully we have a clearer idea of the local/private networks vs the public networks aka Internet, it’s important to dive into the distribution of addresses and the politics that stem from this. According an online article about the state of the Internet as of 2023, several factors have contributed to the decline in IPv4:

   • Market Saturation: The Internet may have reached a point where there is no additional demand to drive further growth, leading to a natural plateau in IPv4 usage. 
     
   • Shift to Content Distribution Networks (CDNs): The transition to CDNs for digital services has reduced the demand for traditional content distribution methods, impacting IPv4 growth. 
     
   • IPv4 Address Exhaustion: The depletion of available IPv4 addresses has led to the adoption of address-sharing technologies and significant architectural changes in Internet services, further contributing to the decline. 
     

Despite these trends, the article notes that the majority of the Internet user base (slightly under two-thirds as of the end of 2022) still relies exclusively on IPv4. The future trajectory of IPv4 and IPv6 usage remains uncertain, influenced by technical developments, economic factors, and global events, such as pandemics, economic crises and communications technology in different parts of the word. IPv6 adoption is scant in most of Africa, the Middle East, Eastern and Southern Europe, and the western part of Latin America. Due to the market saturation and the smaller pace of network growth (double check) in those regions appears, for the moment, be adequately accommodated in the continued use of IPv4 NATs. This means that ISP can charge higher prices for a declined number of IPv4 and the need for self or community based hosting that relies on static and fixed IPv4s can be obtained through VPN tunnels and reverse proxies, or Tor onions.

ref https://blog.apnic.net/2024/01/09/measuring-bgp-in-2023-have-we-reached-peak-ipv4/

In the art research project A Tour of Suspended Handshakes, artist Cheng Guo physically visits nodes of China’s Great Firewall. Using network diagnostic tools, he identifies the geolocations mapped to IP addresses of these critical gateways, based on data published by other researchers. At times, these geolocations correspond to scientific and academic centers, which seem like plausible sites for gateway infrastructure. Other times, they lead to desolate locations with no apparent technological presence. While Guo acknowledges that some gateways may be hidden or disguised—for example, antennas camouflaged as lamp posts—the primary reason for these discrepancies lies in the redistribution and subnetting of IP addresses, as well as their resale. These factors make it difficult to pinpoint exact geographical locations. Additionally, online IP location tools provide coordinates in the WGS-84 system (the global GPS standard), whereas locations in China must be converted to GCJ-02 (an encrypted Chinese standard). This further complicates geographic identification, as mapping activities have been illegal in mainland China since 2002. In the case of the Great Firewall, the combination of IP redistribution and encrypted coordinates obscures the true locations of its gateways, rendering the firewall a nebulous and elusive system. Similarly, for mobile (ambulant) servers, geolocating individual servers—beyond the main public-facing ones—remains a challenge. However, unlike the Great Firewall, the mobility of such servers is not enforced through top-down government control. This decentralization has the potential to counteract centralized policies and provide a means of circumvention.

ref https://en.wikipedia.org/wiki/Restrictions_on_geographic_data_in_China