Darknets Coming Soon? 288
Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."
Re:I know the question we're all asking ourselves: (Score:3, Interesting)
Re:Ok, real response (Score:5, Interesting)
Try monitoring a campus network where you have several thousand users and an obscenely large amount of bandwidth. Oh, and you have live research data being generated on campus and moved to places like the NCSA etc... Bandwidth consumption may vary by tens of megabytes by the minute. So I ask you, in that situation (which I work in) what is an "increase in bandwidth" a sign of?
I don't understand why this article has such a tin foil hat slant to it. Darknets tell nothing about acceptable use, they primarily identify malware and misconfigurations.
Darknets (Score:5, Interesting)
Reminds me of something me and my brother used to do. We wanted to play a game online over the Internet but didn't want to sign up to yet-another online gaming service (The Zone or something it was called). We both had legit copies of the game, we both had internet connections and we just wanted to play online against each other. We couldn't do a straight TCP/IP connection for some reason or another so the only options left in the software were LAN, Modem or this Zone thing.
So what we did was set up PPTP between our routers, assigned nearby IP addresses on both sides that routed across the connection and played a "LAN" game over the Internet. As far as I can see this was a type of darknet if you like.
If we'd had non-legit copies, many games of the era would let you plan LAN without the CD so long as one player had the CD but not across the Internet. Or, say we'd cracked or VirtualCD'd the CD so that neither of us had a legit copy but could still play online. Then this sort of "PPTP darknet" would be used to let groups of friends without the legit CD to play over the Internet without needing the authorisation or intervention of the person running the gaming servers.
A further thought, bringing it up to the modern day, would suggest that things like Steam could be played over this sort of "PPTP darknet" as a LAN game (connecting to PC's spread over the internet, all disconnected from the "real" internet and bypassing restrictions on who / what is allowed to play)?
It's a interesting idea, sort of like a hidden black market for the internet (which I'm assuming is where the name comes from). As companies crack down on people lending movies to their friends and similar other quite legitimate activities, things like this are going to appear, translated from the real world where this happens all the time to the Internet.
It seems to me that these sorts of things have existed for a while, though. I've heard that things like paedophile rings are already using such tactics? Detection is much, much harder than for a centrally administered P2P network. The only way to detect is to infiltrate the network itself, which is basically social engineering?
Re:Dark Ambition (Score:5, Interesting)
I have no problem with uniformly enforcing product liability laws. My problem is with the insanity of today's copyright laws. TFA was very sloppy starting off with a falsehood like
The Supreme Court said no such thing. But the RIAA/MPAA will of course do everything they can to take a mile from this very straightforward inch.
Re:Ok, real response (Score:3, Interesting)
Wrong Premise (Score:5, Interesting)
``The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets.
Am I the only one who thinks that if darknets are attractive vehicles for corporate espionage, they would be built no matter what the Supreme Court rules on filesharing?
Re:Ok, real response (Score:4, Interesting)
I have done this and it is much easier than you think. Warez traffic (let's drop this "darknet" term, I always think that it's an end-user-empowered network run over dark fibers) doesn't follow the typical 24-hour cycle in the traffic pattern. The number of legitimate hosts with such a traffic pattern is pretty small in my experience, so it's quite possible to spot the offenders.
Of course, as a network admin, there isn't much you can do when the host admin says that periodic transfers of multiple GB are perfectly legitimate and done for research purposes. But detection is not the real obstacle.
Part of the real issue is that so much traffic on research networks is filesharing and warez crap. If you started to enforce an AUP, the bandwidth would drop to minuscule levels, and you wouldn't have any plausible justification whatsoever for those fat pipes. And people feel they need them because of the dick size wars at some research conferences.
Re:Dark Ambition (Score:5, Interesting)
I don't believe that people who promote illegal acts, whether advertising products or mere advocacy, are liable for the actions of those who take them up on their promotion. I do believe that their free speech can be found to be contributory, a lesser liability, when they have either demonstrated expectations of satisfaction of their promotion, clearly reasonable expectations, willful neglect of developing prior expectations, or even negligent passive ignorance of such expectations. Yelling "fire" in a crowded (nonburning) theater is a lesser crime than shoving someone down the stairs. Liability, especially liability for speech to people with freedom of choice, is not quite so simple. The Supremes have made such speech even more complicated, by ignoring its absence, and finding liability where criminals act without even the speech, just the benefit. That's an economic argument, but not a legal one. And the economics of the industry now employ the prohibitive expense to keep new distributors they don't control out of the competition. With the Court as their enforcer.
Re:Darknets? Blame the RIAA!!! (Score:4, Interesting)
That's the most reasonable bit of U.S.-bashing I've heard yet on Slashdot. At least you didn't single out all of us as being warmongers or evil or Bush-lovers or whatever. And you're right: we're becoming a remarkably litigious society. Not that I have any idea how to cure the problem.
But your average corporate attorney isn't the problem, he or she is simply a tool, and a symptom of a larger problem. It is bad law, admittedly written by a bunch of lawyers (collectively known as "Congress"), combined with corporate executives who see nothing but dollar signs. Corporate lawyers just don't sit around suing people and companies for fun: somebody has to pay them to do it, and pay them handsomely. Those people are the ones you need to worry about.
You know, like the good folks in charge of Lexmark, Diebold and DirecTV. Laws like the DMCA just gave them an opportunity to put their lawyers to work. All Congress did was give a loaded gun to a bunch of idiots.
Re:Not necessarily illegal (Score:1, Interesting)
i use anonet (a collaboritive, trusted, encrypted vpn, peer to peer network) to bypass government censoring, this would make my actions illegal right? yes, illegal to that country i'm bypassing their censorship.
Darknets have been around a long time (Score:4, Interesting)
That group has lists of what they have rather than the items themselves, so it's fairly easy to check for particular files. Sometimes they'll collaborate on new movies coming out. You bought Batman last month, we'll buy Mr. & Mrs. Smith next month. Maybe one of them has a coupon or gets a copy from a neighbor. And so on. They IM back and forth, but never the FTP address which everyone already knows.
It's not exactly a darknet but the principle is similar. Trusted users, encrypted files. If corporate snoops were going to try and catch that group they'd have to hack their way on to an FTP server, pull files pretty much at random then spend days trying to crack the PGP wrapper. Good luck with that. You might be surprised at how much material five or six different families actually have. Movies, music the differing tastes produce quite a wide selection. They save hundreds, maybe thousands a year and the risk is pretty minimal. And there's no special clients required, just a copy of PGP tools. If that group were 10 people or families instead of five, imagine how much more material would be available?
Re:Ok, real response (Score:2, Interesting)
A friend was streaming music at his new job recently. In less than a day they came to find out what he was doing. His 128kbit stream was 30% of the total bandwidth in use at the location, which has 300 people. Bandwidth heavy activity is noticed fast. These companies aren't running your typical consumer level 5 Mb cable modems. They are paying thousands of dollars a month for two or three megabit connections.
Finally what exactly do people think will happen when they start participating in these "darknets" (which is a stupid fucking use of the name since it already has a definition)? You cross from being a generic p2p open and free music/warez/porn swapping activity into being an invitation only secret cartel. You end up pissing off one of your members and he rats you out to the local federal prosecutor. Instead of having to make the decision to settle with the RIAA for $3,000 you get to make the choice of pleading guilty to racketeering charges and going to prison for three years and paying a $250,000 fine. You will have to get permission to leave the state, forget about travelling out of the country. And the prohibition from working in several large industries might make it hard to get a job.
Re:Not Really (Score:3, Interesting)
The BBS's sysop is god, he sees all. But on a dialup BBS, no one other than the sender and recipient can see the content of a given local email. (Barring subpoena, of course.)
Conversely, any node along the internet could intercept and have its way with regular internet email packets.
Nasty thought: you've got BBS software on your computer? obviously you're supporting terrorism, by offering email that can't be snooped from outside the system! Off to jail with you!!
Darknets have always been around, and always will. (Score:3, Interesting)
Say it with me: darknets have always been here, and they will always be.
Hackers have IRC and other invite-only forums, and all the ways in which they've used them to secretly pass information around without the squares being in on it. P2P networks are darknets (for YOU, anyway) if you don't have software which uses the protocols and don't know anyone who knows about them. ANY new network protocol can be a darknet. You can roll your own anytime you want.
Darknets are the modern equivalent of the Captain Midnight Secret Decoder Ring. They are NOT the Beginning Of The Fall Of Civilization(tm).
Don't believe me? Fine. Be that way. Try this fun experiment:
Write yourself a Java suite that:
CLIENT SIDE:
1. Briefly touches a server, downloads the current list of IP addresses that have announced themselves to the server, announces ITSELF to the server, and then logs off. The server IP is probably best implemented as one of a list of possible server sites, so that if one is compromised (doesn't give the correct handshake or whatever) you just move on to the next one. All communication should be encrypted using the server's public key and YOUR public key (RSA between the two points, or whatever is fashionable in your circle of friends).
2. Lets you compose messages, or file transfers, or whatever, destined for whatever IP address you want to communicate with, again encrypted with both public keys. Maybe you even compress the data first, to reduce bandwidth usage.
3. Lets you "blackball" any IP address you think is compromised. You could implement this as "My PC Only" or as a common blackball pool, which everyone could vote on, or as a common blackball pool which people could consider provisional and accept or not accept.
SERVER SIDE:
1. Manage lists of IP addresses and their status.
2. Provide a handshake which is meant to test whether your software is authentic and you are in fact an approved node. If you're not, you get sucked into a honeypot and studied. You are NOT given an actual IP address list; rather you are given a fake list full of false leads.
3. Allow certain admins to control the system to some extent, ousting problematic members (bans) and so forth. This could alternately be implemented on the client side, with a voting scheme, or whatever.
Bam. Instant darknet. And it's a piece of cake for anyone who's passed the junior-level networking course at any public university. THINK about it -- why do you think anyone studies computer science these days? It sure ain't to find a job... People study computer science to build themselves cool, weird things that stiff, stick-up-their-ass types don't approve of.
Deal, people. The world is not all simple and sparkly, like an amusement park. We are all grown-ups, and we can do grown up things even if it frightens The Man(tm). And, really, computer science is the closest thing any of us gets to wielding supernatural power. Us geeks can do things NOBODY else can do. Why not do them? Why be a boring square if you don't have to? Build something freaky, get yourself one of those weird, off-kilter cover photos in Wired that makes you look like Dr. Evil. Why not? You weren't put on this earth to make Sheeple feel comfy and warm. Fuck 'em.
Scalable Trust Levels (Score:2, Interesting)
Recognizing that there is no such thing as an entirely trustworthy network (unless you know and implicitly trust each individual involved, and their security) couldn't you just implement a scalable trust level? By this I mean limiting the number of hops, or degrees of separation from who you implicitly trust (your 'friends'), to who they implicitly trust, and so on to the unknown computer. In this way you could come to a trade off between data available, and the level of insecurity you consider acceptable. In the case of highly sought after information we would see a trickle-down sort of effect... There are lots of possible variations on this theme.
How would the degree of trust-separation be tracked? I am not entirely sure, but perhaps a public key encryption of each individual's friends list could work. Files searched for in levels - first your friends, then their friends, etc until the file is found or the security limit reached?
Re:Ok, real response (Score:4, Interesting)
Unless you are actually ENGAGED IN RACKETEERING, you will not be charged with it. Wielding the equivalent of a Captain Midnight Secret Decoder Ring is still not illegal.
Here's some clarification of "racketeering" from Dictionary.com:
Main Entry: racketeering
Pronunciation: "ra-k&-'tir-i[ng]
Function: noun
1 : the extortion of money or advantage by threat or force
2 : a pattern of illegal activity (as extortion and murder) that is carried out in furtherance of an enterprise (as a criminal syndicate) which is owned or controlled by those engaged in such activity --see also Racketeer Influenced and Corrupt Organizations Act in the IMPORTANT LAWS section --compare ORGANIZED CRIME
Re:Darknets? Blame the RIAA!!! (Score:3, Interesting)
Another thing that sets the USA apart in a legal sense is that the losing party is not generally made to pay (part of) the winning party's legal costs. This makes it less costly to start a lawsuit that you're not sure you will win, and favors those with lots of money; they can simply make the case drag on until the other party runs out of money to pay their lawyers.
I (being a rather know-it-all European) perceive these two things as problems of the American legal system. Perhaps correcting these issues will lead to a saner legal climate.
The Problem Runs Very Deep (Score:2, Interesting)
And this, again, is a symptom of a much larger problem, which runs as deep as the foundations of the USA. The number of problems I observe is so great it makes my head swim, but I'll try to point them out somewhat coherently.
The tip of the iceberg are the politicians who write these bad laws. But then, the USA is a democratic country, right? So these politicians have been elected. How come?
Allegations of faulty voting machines aside, the fact is that there is major support for the parties these politicians belong to. I think most of them are Republicans, but that could just be because I am rather left-leaning. Either way, there is major support for them; the republican party is very popular, and if there are bad politicians who are democrats, well, the democratic party is very popular, too.
So how come these parties are so popular? Well, part of the reason must be that they are the only two parties one could realistically vote for. This is because the winner-take-all system makes it so that a third party getting votes would take these votes away from the party closest to it, thus increasing the chances of the other party (that these votes wouldn't have gone to in any case) of taking the cake.
Another problem is the ignorance of the voting public. This is not meant as an insult, but rather an observation, and one I think many will be able to second. I think this ignorance is largely due to the media not doing their job right (again, an observation I've made that I think many can confirm). Of course, the media are large corporations, and large corporations tend to favor political parties that look after their interests, and the interests of those with lots of money.
Yet another factor is the fact that vast amounts of money are used to finance election campaigns, and this money comes in largely through donations from people and organizations who have a lot of money to donate. Even if no strings were explicitly attached to this money, it's not hard to imagine that politicians would be inclined to look after the interest of their donors. After all, it wouldn't be good form to turn your back on your benefactors.
So what do we have? We have a society where there are two political parties, with no room for a third party; the parties' election campaigns are being financed by the rich and large corporations, the same group who controls the mass media, which provides the means of keeping the public uninformed or even misinformed.
As far as I can see, this is a terrible situation (one group pulling strings in politics and the media), which most people don't want to change (people don't know/care about politics), and which others can't change (you could vote for a party that would do better, but that party wouldn't win).
Let me make one thing very clear: this post isn't meant to bash Americans, just to point out the situation the way I see it.
Re:not a new thing! (Score:3, Interesting)
Sorry, but if you're using the same network and infrastructure as the rest of us then those connections can be monitored, your endpoints mapped, and your packets and traffic patterns analyzed.
I'm quite sure, however, that the NSA appreciates your spreading your "totally secure" viewpoint around...
Re:Ok, real response (Score:3, Interesting)
However, as I was previously involved with such logging (as an admin for a small student network) I toyed with the idea of making a more advanced darknet. Usually logging and tracking are based on the assumption that the darknets are operating on usual IP adresses, naturally this isn't necessary. Eg you could let multiple computers on one subnet create a new virtual host together. You would then load balance the darknet over all of these hosts. And this loadbalancing could be made using non-standard IP packets. The idea is that if you were to look at any specific stream of traffic it wouldn't make sense. Only when you correctly put them together are they correct.
I mentioned previously that you only log the actual data lengths. Theoretically you can make communication channels using elaborate port knocking which would circumvent this. Eg you could use port knocking to transmitt data, in a similar manner as morse code. So you are not really sending any data in packets, you are just "knocking on the ports" of the other computer in a manner which signifies a message. Inefficient as hell, that's for sure, but hard to detect unless you know what to look for.
The extreme version of this would be to hook up one computer to a central switch on a logging port and hide it. The idea is that this computer would be able to intercept all network transmission on a network and furthermore to allow it to send data on all these ports. That would allow for a pretty extreme variant of the above "multiple computers on a subnet" as suddenly you really have one computer that is hooked in on the entire subnet. This allows it to loadbalance over all of the subnet essentially making it "invicible" to most basic data logging analysis.
I'm sure people who actually spend a lot of time analysing IP data can think of even more subtle and hard to find ways of creating hidden communication channels.