The Ambitious Plan To Reinvent How Websites Get Their Names

When you type in a URL to your browser and press “enter,” your browser sends that name to a network of computers called the Domain Name System (DNS), which converts it into IP addresses. These numbers are what allow your browser to find the right server on the internet and connect to it. When you navigate to a website, you are trusting a handful of organizations that have been charged with keeping the DNS working and secure. “To people like Steven McKie, a developer for and investor in an open-source project called the Handshake Network, this centralized power over internet naming makes the internet vulnerable to both censorship and cyberattacks,” reports MIT technology review. “Handshake wants to decentralize it by creating an alternative naming system that nobody controls. In doing so, it could help protect us from hackers trying to exploit the DNS’s security weaknesses, and from governments hoping to use it to block free expression.” From the report: The system would be based on blockchain technology, meaning it would be software that runs on a widely distributed network of computers. In theory, it would have no single point of failure and depend on no human-run organization that could be corrupted or co-opted. Handshake’s software is a heavily modified version (“fork”) of Bitcoin, and just as Bitcoin’s network of miners protects the cryptocurrency from manipulation and makes it virtually impossible for authorities to shut down, a similar network could keep a permanent, censorship-resistant record of internet names. The Handshake team is far from the first to try to create a decentralized naming system for the web. But unlike previous efforts, Handshake isn’t trying to replace DNS but work with it. Besides ICANN, there’s yet another class of organization whose job Handshake aims to decentralize. See that little padlock icon in your browser bar, to the left of the domain name? That means your computer has verified that your connection to this website is encrypted and that the site is authentic, not a fake one designed by a criminal trying to steal your login credentials. It does that by checking the veracity of a string of numbers called the site’s digital certificate, issued by one of a number of so-called certificate authorities. These entities, many of which are for-profit companies, are crucial to internet security. They can also get hacked. And if one gets breached, and an attacker can start issuing fake certificates, it undermines the security of the whole internet. But if website names are managed on a tamper-resistant blockchain, then you don’t need certificate authorities; the naming system itself can provide the guarantee that the site you’re connected to is real. That’s what Handshake aims to do.