Slashdot Mirror
Darknets Coming Soon?
Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."
Shouldn't the first sign "something" is up be an increase in bandwidth?
Try monitoring a campus network where you have several thousand users and an obscenely large amount of bandwidth. Oh, and you have live research data being generated on campus and moved to places like the NCSA etc... Bandwidth consumption may vary by tens of megabytes by the minute. So I ask you, in that situation (which I work in) what is an "increase in bandwidth" a sign of?
I don't understand why this article has such a tin foil hat slant to it. Darknets tell nothing about acceptable use, they primarily identify malware and misconfigurations.
For those that are asking, a darknet is used in this context as a closed P2P system (i.e. you, your mates, your mates' mates and others by invitation only sharing what you have with each other over the internet).
Reminds me of something me and my brother used to do. We wanted to play a game online over the Internet but didn't want to sign up to yet-another online gaming service (The Zone or something it was called). We both had legit copies of the game, we both had internet connections and we just wanted to play online against each other. We couldn't do a straight TCP/IP connection for some reason or another so the only options left in the software were LAN, Modem or this Zone thing.
So what we did was set up PPTP between our routers, assigned nearby IP addresses on both sides that routed across the connection and played a "LAN" game over the Internet. As far as I can see this was a type of darknet if you like.
If we'd had non-legit copies, many games of the era would let you plan LAN without the CD so long as one player had the CD but not across the Internet. Or, say we'd cracked or VirtualCD'd the CD so that neither of us had a legit copy but could still play online. Then this sort of "PPTP darknet" would be used to let groups of friends without the legit CD to play over the Internet without needing the authorisation or intervention of the person running the gaming servers.
A further thought, bringing it up to the modern day, would suggest that things like Steam could be played over this sort of "PPTP darknet" as a LAN game (connecting to PC's spread over the internet, all disconnected from the "real" internet and bypassing restrictions on who / what is allowed to play)?
It's a interesting idea, sort of like a hidden black market for the internet (which I'm assuming is where the name comes from). As companies crack down on people lending movies to their friends and similar other quite legitimate activities, things like this are going to appear, translated from the real world where this happens all the time to the Internet.
It seems to me that these sorts of things have existed for a while, though. I've heard that things like paedophile rings are already using such tactics? Detection is much, much harder than for a centrally administered P2P network. The only way to detect is to infiltrate the network itself, which is basically social engineering?
I have no problem with uniformly enforcing product liability laws. My problem is with the insanity of today's copyright laws. TFA was very sloppy starting off with a falsehood like
The Supreme Court said no such thing. But the RIAA/MPAA will of course do everything they can to take a mile from this very straightforward inch.
This is not my sandwich.
From TFA:
... And although [darknets are] attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage''
``The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets.
Am I the only one who thinks that if darknets are attractive vehicles for corporate espionage, they would be built no matter what the Supreme Court rules on filesharing?
Please correct me if I got my facts wrong.
Try monitoring a campus network where you have several thousand users and an obscenely large amount of bandwidth.
I have done this and it is much easier than you think. Warez traffic (let's drop this "darknet" term, I always think that it's an end-user-empowered network run over dark fibers) doesn't follow the typical 24-hour cycle in the traffic pattern. The number of legitimate hosts with such a traffic pattern is pretty small in my experience, so it's quite possible to spot the offenders.
Of course, as a network admin, there isn't much you can do when the host admin says that periodic transfers of multiple GB are perfectly legitimate and done for research purposes. But detection is not the real obstacle.
Part of the real issue is that so much traffic on research networks is filesharing and warez crap. If you started to enforce an AUP, the bandwidth would drop to minuscule levels, and you wouldn't have any plausible justification whatsoever for those fat pipes. And people feel they need them because of the dick size wars at some research conferences.
The Supreme Court found that Grokster "promoted" abuse solely on evidence that Grokster employees planned to use growth from abuse in scaling their network, and considered ways to use that abuse. They did not find any evidence that Grokster publicly promoted abuse. They found "intent" by a corporation, which is not a person who can "intend" (even if you believe that a person's intent can ever be proven). Hence my comment that Grokster "appreciated" abuse, but did not promote it.
I don't believe that people who promote illegal acts, whether advertising products or mere advocacy, are liable for the actions of those who take them up on their promotion. I do believe that their free speech can be found to be contributory, a lesser liability, when they have either demonstrated expectations of satisfaction of their promotion, clearly reasonable expectations, willful neglect of developing prior expectations, or even negligent passive ignorance of such expectations. Yelling "fire" in a crowded (nonburning) theater is a lesser crime than shoving someone down the stairs. Liability, especially liability for speech to people with freedom of choice, is not quite so simple. The Supremes have made such speech even more complicated, by ignoring its absence, and finding liability where criminals act without even the speech, just the benefit. That's an economic argument, but not a legal one. And the economics of the industry now employ the prohibitive expense to keep new distributors they don't control out of the competition. With the Court as their enforcer.
--
make install -not war
blame the US for producing way too many of the vermin.
That's the most reasonable bit of U.S.-bashing I've heard yet on Slashdot. At least you didn't single out all of us as being warmongers or evil or Bush-lovers or whatever. And you're right: we're becoming a remarkably litigious society. Not that I have any idea how to cure the problem.
But your average corporate attorney isn't the problem, he or she is simply a tool, and a symptom of a larger problem. It is bad law, admittedly written by a bunch of lawyers (collectively known as "Congress"), combined with corporate executives who see nothing but dollar signs. Corporate lawyers just don't sit around suing people and companies for fun: somebody has to pay them to do it, and pay them handsomely. Those people are the ones you need to worry about.
You know, like the good folks in charge of Lexmark, Diebold and DirecTV. Laws like the DMCA just gave them an opportunity to put their lawyers to work. All Congress did was give a loaded gun to a bunch of idiots.
The higher the technology, the sharper that two-edged sword.
That group has lists of what they have rather than the items themselves, so it's fairly easy to check for particular files. Sometimes they'll collaborate on new movies coming out. You bought Batman last month, we'll buy Mr. & Mrs. Smith next month. Maybe one of them has a coupon or gets a copy from a neighbor. And so on. They IM back and forth, but never the FTP address which everyone already knows.
It's not exactly a darknet but the principle is similar. Trusted users, encrypted files. If corporate snoops were going to try and catch that group they'd have to hack their way on to an FTP server, pull files pretty much at random then spend days trying to crack the PGP wrapper. Good luck with that. You might be surprised at how much material five or six different families actually have. Movies, music the differing tastes produce quite a wide selection. They save hundreds, maybe thousands a year and the risk is pretty minimal. And there's no special clients required, just a copy of PGP tools. If that group were 10 people or families instead of five, imagine how much more material would be available?
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Umm... NO.
Unless you are actually ENGAGED IN RACKETEERING, you will not be charged with it. Wielding the equivalent of a Captain Midnight Secret Decoder Ring is still not illegal.
Here's some clarification of "racketeering" from Dictionary.com:
Main Entry: racketeering
Pronunciation: "ra-k&-'tir-i[ng]
Function: noun
1 : the extortion of money or advantage by threat or force
2 : a pattern of illegal activity (as extortion and murder) that is carried out in furtherance of an enterprise (as a criminal syndicate) which is owned or controlled by those engaged in such activity --see also Racketeer Influenced and Corrupt Organizations Act in the IMPORTANT LAWS section --compare ORGANIZED CRIME
Farewell! It's been a fine buncha years!