Darknets Coming Soon? 288
Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."
Ok, real response (Score:5, Insightful)
Once you know its happening, you know you have to identify the problem.
Unless somebody can root all the routers and IDS systems for every OS along the way, these darknets will always be detectable.
Re:Ok, real response (Score:3, Insightful)
Re:Ok, real response (Score:5, Insightful)
the RIAA needs to be careful... (Score:5, Insightful)
Just a thought.
Darknets? Blame the RIAA!!! (Score:5, Insightful)
As reported by Darknet dot com [darknet.com], a darknet is nothing more than a place where illegal communication (filesharing/hacking talk/speaking badly of the US president) can take place.
I don't see how darknets will make things any different. For years we've had gopher, IRC and other communication channels that have been below the vision of the management elite.
I think lawyers are starting to learn that techies can't be bullied as easily as most, because techies are able to build new infrastructures. Instead of giving up, techies take threats as a challenge or motivation to dive further and further away from public vision.
Re:Ok, real response (Score:5, Insightful)
Technically, they can look like any kind of encrypted connection, HTTPS, SSH or whatever. Besides, I think the idea of Darknets is flawed to begin with. It is taking current anonymous P2P networks (Freenet, Ants, I2P etc.) and tying both hands behind their back by no longer allowing all-to-all connections, but only connections to people you trust. That pretty much precludes any sensible routing and load balancing because people are selecting the available routes, and you can't create new connections. Say you are the only person with access to two different social groups, all info must flow over your connection creating a huge bottleneck that the software is not allowed to compensate for.
Not necessarily illegal (Score:4, Insightful)
Re:Darknets? Blame the RIAA!!! (Score:2, Insightful)
Oh, a place like say...
They'll Never Learn! (Score:5, Insightful)
There are a lot of very talented techies out there who can come up with some astonishing new tech. A fully encrypted P2P service that masks a user's IP address would make it hard for "the man" to find those who are illegally filesharing. Also, the hacker community can adapt to changing situations faster than any corporation. This is because they aren't hindered by office politics, ethics, patant and copyright compliance and legal compliance. They operate above the law, so it was really no surprise to me when Slashdot ran the story of the trojan that exploited the cloaking ability of Sony's DRM.
I wasn't surprised one bit.
Because of Grokster and others the RIAA bring down a new, bigger, and better P2P service will emerge with multiple layers of custom encryption, IP address masking, and no central server that can be distrupted. You could even block ports at the ISP level and they'll adapt again to support multiple ports at once. Its a loosing battle they just don't get it yet.
Why do you think Internet Security and Antivirus Industies are racking in so much money these days. They DON'T want to see the hacker put in jail because if all the security threats cease and no more viruses are being made they are all out of a job. It a multi-billion dollar industry.
The RIAA is utter and completely out of their league.
And the MPAA/RIAA's response will be... (Score:2, Insightful)
Hell, they'll probably set up a few darknets of their own, as "loss leaders" in their quest to fuck as many people out of as much money as possible. And they'll start a terror campaign, too. Did I say terror? I meant public relations. As in "The Guy You're Sharing Files With Might Be A Cop."
We could fall back to the true Darknet (Score:2, Insightful)
Comment removed (Score:4, Insightful)
Re:Ok, real response (Score:4, Insightful)
TFA was focused on corporate espionage, which wouldn't necessarily consume huge bandwidth. Besides corporate types thnk nothing of sending huge files (video presentations, eg) around, so even sneaking out big files wouldn't necessarily make a blip. Of course, USB dongles and such are a much easier and right-now threat in that regard.
Can't stop the signal (Score:5, Insightful)
HOST1: ping -c 1 -p facedead12349876 host2
PATTERN: 0xfacedead12349876
HOST2: tcpdump -x ip proto \\icmp and src host host1 .R....EP$-...lwC
.4.v.....4.v....
.4.v.....4.v....
11:41:51.646216 IP host1 > host2: icmp 64: echo request seq 0
0x0000: 4500 0054 0000 4000 4001 1af7 8752 0886 E..T..@.@....R..
0x0010: 8752 0888 0800 4550 242d 0000 cf6c 7743
0x0020: 25e5 0900 face dead 1234 9876 face dead %........4.v....
0x0030: 1234 9876 face dead 1234 9876 face dead
0x0040: 1234 9876 face dead 1234 9876 face dead
0x0050: 1234
Sure, you'll see a lot of icmp traffic, but odds are most network folks won't considering the pad data in a ping to be payload.
It's like the old ppp over email implementations. Connectivity means data transfer. If some journalist or newbie network admin thinks otherwise, then it's just that much easier.
nah.. this is bunk (Score:2, Insightful)
Re:Ok, real response (Score:1, Insightful)
(As an aside, the recent expansion of CALEA to include private institutions like libraries and universities means I very well might be compelled to facilitate spying on people. I will become a de-facto informant working for the federal government. As an American, I find it extremely unsettling to experience what it must have felt like to live in post WWII East Germany.)
I really wonder how long it will be before some patronizing judgemental network administrator (or their employer) gets sued for abridging their user's rights. Sure, there's the "it's a private network, we have the right to rule with an iron fist" argument. There's also the argument that there are in fact limits to the control private enterprises can exert on their employees. Never mind paying students.
As a rule, it seems students have too many other obligations and distractions to get too caught up in how school administrators sometimes walk all over them. Too bad.
Re:Ok, real response (Score:4, Insightful)
Interesting line of thought. But I don't think it's compelling. Contemporary file sharing protocols (especially the search component) are often rather inefficient. Making file sharing clearly legal would make it possible to offer more centralized services supporting it (where it makes sense), which would increase efficiency and reduce bandwidth usage.
On the other hand, if you outlaw file sharing completely and enforce it rigorously, as a user, you'd have to tunnel all file sharing traffic over secure anonymization networks (similar to what Tor does). Each packet would run back and forth through the network, in order to obscure its sender and receiver, tremendously increasing bandwidth requirements. So, following your argument, truly fascist copyright laws would advance networks even more.
But that's not a problem for IT managers (Score:4, Insightful)
I personally don't see any problems with Darknets that didn't already exist with SSH. If I work in an environment where we don't care what you do, unless it's a problem, then we'll ignore your traffic unless it's excessive. If I work in an environment where we restrict what you can do, then we'll monitor your traffic and if we see unknown encrypted traffic, you'll be asked what it was and your computer will be checked.
So I see Darknets as a problem for the RIAA maybe, and frankly I don't give a shit about them, but not for corperate IT.