Darknets Coming Soon?

Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."

Ok, real response

[LiquidCoooled]

Shouldn't the first sign "something" is up be an increase in bandwidth?
Once you know its happening, you know you have to identify the problem.

Unless somebody can root all the routers and IDS systems for every OS along the way, these darknets will always be detectable.

the RIAA needs to be careful...

[Spy+der+Mann]

by prosecuting unencrypted networks like eDonkey, bittorrent, etc. they're only enforcing users to search for encrypted ways to transmit data. And I don't think encouraging encryption is gonna be any good for national security.

Just a thought.

Darknets? Blame the RIAA!!!

[ThatGeek]

Well, only 3 comments posted, and the link is already hosed.
As reported by Darknet dot com, a darknet is nothing more than a place where illegal communication (filesharing/hacking talk/speaking badly of the US president) can take place.
I don't see how darknets will make things any different. For years we've had gopher, IRC and other communication channels that have been below the vision of the management elite.
I think lawyers are starting to learn that techies can't be bullied as easily as most, because techies are able to build new infrastructures. Instead of giving up, techies take threats as a challenge or motivation to dive further and further away from public vision.

They'll Never Learn!

[TheZorch]

You can't teach the RIAA anything. They think they can stop P2P file sharing but the truth is all their legal efforts are driving it underground...where it was before Napster appeared.

There are a lot of very talented techies out there who can come up with some astonishing new tech. A fully encrypted P2P service that masks a user's IP address would make it hard for "the man" to find those who are illegally filesharing. Also, the hacker community can adapt to changing situations faster than any corporation. This is because they aren't hindered by office politics, ethics, patant and copyright compliance and legal compliance. They operate above the law, so it was really no surprise to me when Slashdot ran the story of the trojan that exploited the cloaking ability of Sony's DRM.

I wasn't surprised one bit.

Because of Grokster and others the RIAA bring down a new, bigger, and better P2P service will emerge with multiple layers of custom encryption, IP address masking, and no central server that can be distrupted. You could even block ports at the ISP level and they'll adapt again to support multiple ports at once. Its a loosing battle they just don't get it yet.

Why do you think Internet Security and Antivirus Industies are racking in so much money these days. They DON'T want to see the hacker put in jail because if all the security threats cease and no more viruses are being made they are all out of a job. It a multi-billion dollar industry.

The RIAA is utter and completely out of their league.

Can't stop the signal

[macemoneta]

There are so many ways to abuse TCP/IP that it's impossible to stop data exchange unless you block all traffic. Heck, you can even communicate using ping, as in:

HOST1: ping -c 1 -p facedead12349876 host2
PATTERN: 0xfacedead12349876

HOST2: tcpdump -x ip proto \\icmp and src host host1
11:41:51.646216 IP host1 > host2: icmp 64: echo request seq 0
0x0000: 4500 0054 0000 4000 4001 1af7 8752 0886 E..T..@.@....R..
0x0010: 8752 0888 0800 4550 242d 0000 cf6c 7743 .R....EP$-...lwC
0x0020: 25e5 0900 face dead 1234 9876 face dead %........4.v....
0x0030: 1234 9876 face dead 1234 9876 face dead .4.v.....4.v....
0x0040: 1234 9876 face dead 1234 9876 face dead .4.v.....4.v....
0x0050: 1234

Sure, you'll see a lot of icmp traffic, but odds are most network folks won't considering the pad data in a ping to be payload.

It's like the old ppp over email implementations. Connectivity means data transfer. If some journalist or newbie network admin thinks otherwise, then it's just that much easier.