Slashdot Mirror
Darknets Coming Soon?
Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."
Shouldn't the first sign "something" is up be an increase in bandwidth?
Once you know its happening, you know you have to identify the problem.
Unless somebody can root all the routers and IDS systems for every OS along the way, these darknets will always be detectable.
liqbase
The "Grokster" ruling says that network operators can be liable for users illegal network abuse when operators promote abuse. It's a stupid ruling, but limited. And its standards for proving promotion are unfounded, really allowing just "appreciation" of abuse, without any evidence of public promotion. But operators which do not include even internal organizational acceptance of abuse, which promote only legal use, which offer even minimal protections of abuse, rather than any internal corporate policies which rely on the abuse, are not threatened. The sloppy evidential and jurisprudential standards in that landmark ruling will make it much more expensive for legit operators to remain safe, as they're sued willy-nilly by vengeful media corporations. But the mass media story that "P2P is now illegal" ought to get no promotion on geek sites like Slashdot. If you're going to run a darknet, why not just leave out the abuse promotion, and let your P2P flag fly?
--
make install -not war
Aha! You just gave a proof that a darknet exists on Slashdot. We just can't see it. But this article got propably a thousand dark wannabe first posts already.
by prosecuting unencrypted networks like eDonkey, bittorrent, etc. they're only enforcing users to search for encrypted ways to transmit data. And I don't think encouraging encryption is gonna be any good for national security.
Just a thought.
Well, only 3 comments posted, and the link is already hosed.
As reported by Darknet dot com, a darknet is nothing more than a place where illegal communication (filesharing/hacking talk/speaking badly of the US president) can take place.
I don't see how darknets will make things any different. For years we've had gopher, IRC and other communication channels that have been below the vision of the management elite.
I think lawyers are starting to learn that techies can't be bullied as easily as most, because techies are able to build new infrastructures. Instead of giving up, techies take threats as a challenge or motivation to dive further and further away from public vision.
What are you eating? isItVeg?.
WOW! The media has discovered VPN's
If religous zealots don't believe in Evolution, then why are they so worried about bird flu?
I thought it was rather obvious from the article.- The Wolfkin
A Darknet is a private virtual network where users only connect to people they trust. Typically such networks are small, often with fewer than 10 users each. In its most general meaning, a Darknet can be any type closed, private group of people communicating, but the name is most often used specifically for file sharing networks.
Source: http://en.wikipedia.org/wiki/Darknet
A Darknet is a private virtual network where users only connect to people they trust. That's it. It can be used for good or evil.
That was a short, almost pointless article. Basically amounted to "use standard security practices."
I found this article about "darknets" that I found informative, even though it's a book ad.
Xbox reviews.. We think they're funny.
http://www.cio.com.nyud.net:8090/archive/110105/tl _filesharing.html
---
FILE SHARING
Spies in the Server Closet
BY MICHAEL JACKMAN
The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology.
Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, "you don't know it's there in the first place."
All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. "The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down," says Cole.
He advises that the best--and perhaps only--defense against darknets is a combination of network security best practices (such as firewalls, intrusion detection systems and intrusion prevention systems) and keeping intellectual property under lock and key. In addition, he says, companies should enact a security policy called "least privilege," which means users are given the least amount of access they need to do their jobs. "Usually if a darknet is set up it's because an individual has too much access," Cole says.
---
What the heck is a darknet?
The first rule of the darknet is that you never talk about the darknet!
For those that are asking, a darknet is used in this context as a closed P2P system (i.e. you, your mates, your mates' mates and others by invitation only sharing what you have with each other over the internet).
Reminds me of something me and my brother used to do. We wanted to play a game online over the Internet but didn't want to sign up to yet-another online gaming service (The Zone or something it was called). We both had legit copies of the game, we both had internet connections and we just wanted to play online against each other. We couldn't do a straight TCP/IP connection for some reason or another so the only options left in the software were LAN, Modem or this Zone thing.
So what we did was set up PPTP between our routers, assigned nearby IP addresses on both sides that routed across the connection and played a "LAN" game over the Internet. As far as I can see this was a type of darknet if you like.
If we'd had non-legit copies, many games of the era would let you plan LAN without the CD so long as one player had the CD but not across the Internet. Or, say we'd cracked or VirtualCD'd the CD so that neither of us had a legit copy but could still play online. Then this sort of "PPTP darknet" would be used to let groups of friends without the legit CD to play over the Internet without needing the authorisation or intervention of the person running the gaming servers.
A further thought, bringing it up to the modern day, would suggest that things like Steam could be played over this sort of "PPTP darknet" as a LAN game (connecting to PC's spread over the internet, all disconnected from the "real" internet and bypassing restrictions on who / what is allowed to play)?
It's a interesting idea, sort of like a hidden black market for the internet (which I'm assuming is where the name comes from). As companies crack down on people lending movies to their friends and similar other quite legitimate activities, things like this are going to appear, translated from the real world where this happens all the time to the Internet.
It seems to me that these sorts of things have existed for a while, though. I've heard that things like paedophile rings are already using such tactics? Detection is much, much harder than for a centrally administered P2P network. The only way to detect is to infiltrate the network itself, which is basically social engineering?
Not being a united states citizen so i dont know usa ammendments off by heart but arnet these supposed 'darknets' also protected by the 2nd ammendment, freedom to associate? I belive ever since the dawn of chatlines such as IRC this prohibited the FBI from overseeing private networks in the 1st place? Im sure there are someone can shed more light in this particular issue.
You can't teach the RIAA anything. They think they can stop P2P file sharing but the truth is all their legal efforts are driving it underground...where it was before Napster appeared.
There are a lot of very talented techies out there who can come up with some astonishing new tech. A fully encrypted P2P service that masks a user's IP address would make it hard for "the man" to find those who are illegally filesharing. Also, the hacker community can adapt to changing situations faster than any corporation. This is because they aren't hindered by office politics, ethics, patant and copyright compliance and legal compliance. They operate above the law, so it was really no surprise to me when Slashdot ran the story of the trojan that exploited the cloaking ability of Sony's DRM.
I wasn't surprised one bit.
Because of Grokster and others the RIAA bring down a new, bigger, and better P2P service will emerge with multiple layers of custom encryption, IP address masking, and no central server that can be distrupted. You could even block ports at the ISP level and they'll adapt again to support multiple ports at once. Its a loosing battle they just don't get it yet.
Why do you think Internet Security and Antivirus Industies are racking in so much money these days. They DON'T want to see the hacker put in jail because if all the security threats cease and no more viruses are being made they are all out of a job. It a multi-billion dollar industry.
The RIAA is utter and completely out of their league.
Michael "TheZorch" Haney
thezorch@gmail.com
http://thezorch.googlepages.com/home
Hell, they'll probably set up a few darknets of their own, as "loss leaders" in their quest to fuck as many people out of as much money as possible. And they'll start a terror campaign, too. Did I say terror? I meant public relations. As in "The Guy You're Sharing Files With Might Be A Cop."
This is not my sandwich.
Is it not obvious?
N Qnexarg vf n cevingr iveghny argjbex jurer hfref bayl pbaarpg gb crbcyr gurl gehfg. Glcvpnyyl fhpu argjbexf ner fznyy, bsgra jvgu srjre guna 10 hfref rnpu. Va vgf zbfg trareny zrnavat, n Qnexarg pna or nal glcr pybfrq, cevingr tebhc bs crbcyr pbzzhavpngvat, ohg gur anzr vf zbfg bsgra hfrq fcrpvsvpnyyl sbe svyr funevat argjbexf.
Gur grez bevtvangrq sebz Gur Qnexarg naq gur Shgher bs Pbagrag Qvfgevohgvba, na negvpyr ol Crgre Ovqqyr, Cnhy Ratynaq, Znephf Crvanqb, naq Oelna Jvyyzna, sbhe rzcyblrrf bs Zvpebfbsg. Gurl nethrq gung gur cerfrapr bs gur qnexarg jnf gur znwbe uvaqenapr gb gur qrirybczrag bs jbexnoyr QEZ grpuabybtvrf. Guvf grez unf fvapr frra hfntr va znwbe zrqvn fbheprf, vapyhqvat Ebyyvat Fgbar, Gur Rpbabzvfg, naq Jverq zntnmvar, naq vg vf nyfb gur gvgyr bs n obbx ol W.Q. Ynfvpn.
Jura hfrq gb qrfpevor n svyr funevat argjbex, gur grez vf flabalzbhf jvgu gur creuncf zber jvqryl hfrq Sevraq-gb-sevraq - obgu qrfpevovat argjbexf jurer hfref pbzchgref funer svyrf bayl jvgu gehfgrq sevraqf. Gur zbfg jvqrfcernq svyr funevat argjbexf yvxr Xnmnn, naq rira urnivyl rapelcgrq argjbexf yvxr Serrarg, ner abg qnexargf fvapr crref jvyy pbzzhavpngr jvgu nalobql ryfr ba gur argjbex. Gur creuncf zbfg jvqryl hfrq qnexarg fbsgjner vf Ahyyfbsg'f JNFGR. Gur qrirybcref bs Serrarg unir fgngrq gung gurl ner jbexvat ba n arj irefvba gung jvyy or n qnexarg, juvpu hayvxr glcvpny Qnexargf, jvyy or pncnoyr bs fhccbegvat cbgragvnyyl zvyyvbaf bs hfref hfvat na nccyvpngvba bs fznyy jbeyq gurbel.
Rneyl irefvbaf bs Nccyr'f vGharf nyybjrq hfref gb fcrpvsl gur VC bs n erzbgr fhoarg naq funer gurve zhfvp jvgu hfref va gung fhoarg va n Qnexarg yvxr snfuvba. Arjre irefvbaf qvfnoyr gung shapgvbanyvgl, ohg fgvyy nyybj hfref gb fgernz zhfvp jvguva gurve bja fhoarg; unpxf fhpu nf bheGharf nyybj hfref ba gur fnzr vGharf argjbex gb qbjaybnq rnpu bguref' zhfvp jvgu ab ybff bs dhnyvgl.
Gur pbzchgre tnzr Fcyvagre Pryy: Punbf Gurbel zragvbarq n vagrerfgvat pbaprcg sbe n jveryrff Qnexarg gung hfrq aba-fgnaqneq serdhrapvrf, cbffvoyl vyyrtny hayvprafrq barf, gb znxr vg irel qvssvphyg sbe nal fvtany gb or vagreprcgrq. Jvgu fbcuvfgvpngrq uneqjner naq hfr bs fcernq-fcrpgehz enaqbz serdhrapl ubccvat bire n ynetr serdhrapl onaq bs, fnl, 900ZUm gb 10 be rira 50TUm, guvf pbhyq or n irel rssrpgvir zrgubq bs frphevgl, naq vaqrrq vf fvzvyne gb gur enaqbz serdhrapl ubccvat gung vf hfrq ol zvyvgnel enqvbf gb znxr fvtany vagreprcgvba irel qvssvphyg.
So simple...
md5sum
d41d8cd98f00b204e9800998ecf8427e
It's the way things were and they way they should have stayed. p2p has been a huge mistake, finally giving authorities and companies good reasons to invade the net, attempt to control it, and even put rootkits on our media to "protect" it.
Small affinity groups always have and always will be more successful at this type of activity than the general public, even when "competition" from the public draws attention, making it difficult for everyone.
Honestly, I love watching p2p networks fall.
vk.
From TFA:
... And although [darknets are] attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage''
``The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets.
Am I the only one who thinks that if darknets are attractive vehicles for corporate espionage, they would be built no matter what the Supreme Court rules on filesharing?
Please correct me if I got my facts wrong.
One definition is an encrypted protocol over the Internet. The other definition is using wireless technologies off the Internet. Oddly, the person quoted in the CIO article was trying to claim that encrypted, closed file sharing over the Internet was nothing like a VPN. That makes no sense to me, especially given the other definition of a darknet (the wireless one off the Internet) really is nothing like a VPN.
A wireless-off-the-Internet darknet could serve Thomas Paine purposes if the U.S. government ever shuts down the Internet in response to a terrorist attack. An encrypted, closed information sharing network on the Internet could not.
I'm talking about snailmail. If it gets right down to it you can fall back to this time honored completely private way of transporting any files you wish to share. It also has the advantage of carrying a federal criminal violation against anyone who attempts to stop your mail. If things gat so bad in this country that even this becomes too troublesome we can all move to eastern europe or china as they will become the beacons of freedom much as our country used to be.
Gnunet is here and working. Fully usable as a P2P network, not as fast as unencrypted but close. I haven't tried using it in pure friend-to-friend mode but the functionality is there. And of course it has all the things you'd expect from an advanced P2P network, searches for automatically extracted keywords, signed namespaces where you can publish content anonymously but show that it's all from you, directories, etc.
I am trolling
Gunaxf sbe gur rkcynangvba, ohg qbrf rirelguvat ba n qnexarg unir gb or EBG-13 rapbqrq?
``These private, invitation-only networks can be invisible to even state-of-the-art sleuthing.''
Invisible or incomprehensible? Seems to me that as long as you're sending data over the same Internet as everybody else, others can see that there's traffic. In that case, this is just like a VPN (invite only, encrypted traffic between endpoints), right?
Please correct me if I got my facts wrong.
Actually, If you establish the DarkNet in the right way, once you are connected to a trusted node you could connect to any other node by passing authentication and encryption keys the long way. This would allow for dynamic (re)routing.
Think of an IRC style web. Basically, a properly designed network would allow one party to inform another that it wanted to make a connection. Then it would make that connection. By pre-passing the keys and proof of identity, you would be able to make arbitrary connections within a "closed surface" of the net.
===
What I have been waiting to see make a comeback is the good old fashioned POTS modem. With all the internet wire-tap laws being generally weaker than the phone tapping laws, it would _really_ make sense to transfer authentications (etc) through a old-fashioned BBS style "drop sites" that were not really on the net.
So you downloaded some particular binary splash. To turn it into the song or whatever you would have to go get the key/completion-tidbit. Heck, the actual directores could be encoded so you _couldn't_ know what you were passing unless you were also in on the sideband/drop-site.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Conclusion: many connections suck the Dark out of a Darknet.
#define HAVE_nanosleep#define HAVE_personality
there was a wired article on this very topic several months ago.
C erb-y gbe.poyabew ,day-o yday .bjpflycrb frg-p. gocbiZZ s[)
Please correct me if I got my facts wrong.
[Fuck Beta]
o0t!
advertisements will state:
Coming soon...to a darknet near you.
Please correct me if I got my facts wrong.
The article says it's not a VPN.
Maybe a darknet is UUCP running on voice-line modems.
September 2011: Looking for Cocoa/iOS work in Boston area Cocoa Programmer Quincy, MA
And, by the way, the whole thing that starts in tr is a single line.
Please correct me if I got my facts wrong.
You're really talking about a SneakerNet. "the bandwidth of a station wagon full of HDs" The FBI can request (for National Security) that the Post Office make a copy of "any data appearing on the outside cover of any sealed mail or unsealed mail delivered to an address, forwarding address, or Post Office box" Translation: really labor intensive packet sniffing of an encrypted network. Your postal mail is effectively encrypted because they're not allowed to look inside, but if they spend enough time watching where all those packets go, they can perform the same type of analysis they'd use on any computer network.
[Fuck Beta]
o0t!
There is already a well used "dark net". Search around for "meta-net". There are some public entry points. Once you're in you need to know how to setup and configure a VPN client and routing software.
Then... you're in on a 10/8 IP.
There is no technology reason that I know of why someone would need a invatation only darknet to practice their right to share information freely. But this is the exact kind of orginisation that government people are trained to infilterate. The government is notorious for creating, or infilterating various gangs or club like groups so they can draw in suckers and arrest them in big sting opperations from time to time to justify their over paid budget.
This method also has the advantage of not hooking people who are 13, or grandpas whose kids did what they didn't want them to do, or people who had their computer hacked and didn't even know they were sharing files. Instead they get willing cooperating knowing accomplices who are easier to sue and prosicute and these structures also naturally form a leadership hierachy that they can attack.
So my question is, is this really the way things are going, or is this just the system trying to direct the flow in a way that they want it to go? Is it really going to be the next natural social structure, or is it designed to create a hireachial structure that government bureauocrats can infilterate and understand?
Ancient. But one of the better lightbulb jokes.
The first rule of the darknet is that you never talk about the darknet!
The second rule is that all articles about it will be slashdotted.
And the third rule is that you cannot ask for a server mirror.
Table-ized A.I.
HOST1: ping -c 1 -p facedead12349876 host2
PATTERN: 0xfacedead12349876
HOST2: tcpdump -x ip proto \\icmp and src host host1 .R....EP$-...lwC
.4.v.....4.v....
.4.v.....4.v....
11:41:51.646216 IP host1 > host2: icmp 64: echo request seq 0
0x0000: 4500 0054 0000 4000 4001 1af7 8752 0886 E..T..@.@....R..
0x0010: 8752 0888 0800 4550 242d 0000 cf6c 7743
0x0020: 25e5 0900 face dead 1234 9876 face dead %........4.v....
0x0030: 1234 9876 face dead 1234 9876 face dead
0x0040: 1234 9876 face dead 1234 9876 face dead
0x0050: 1234
Sure, you'll see a lot of icmp traffic, but odds are most network folks won't considering the pad data in a ping to be payload.
It's like the old ppp over email implementations. Connectivity means data transfer. If some journalist or newbie network admin thinks otherwise, then it's just that much easier.
Can You Say Linux? I Knew That You Could.
Whatever devices are between the nics (no crossover cable) leave an opportunity to see whatever traffic is going between them. Even ntop will tell you what types of traffic it's seeing - not to mention if you are inside a bunch of hubs. 'Darknet' sounds spectacular, but it just comes down to another stupid protocol running on a non-standard port. If you're lucky, your best luck is to invent your own protocol, encrypt it, and don't share the source with anyone. Good luck getting anyone to trust you though.
Join the Slashcott! Feb 10 thru Feb 17!
That group has lists of what they have rather than the items themselves, so it's fairly easy to check for particular files. Sometimes they'll collaborate on new movies coming out. You bought Batman last month, we'll buy Mr. & Mrs. Smith next month. Maybe one of them has a coupon or gets a copy from a neighbor. And so on. They IM back and forth, but never the FTP address which everyone already knows.
It's not exactly a darknet but the principle is similar. Trusted users, encrypted files. If corporate snoops were going to try and catch that group they'd have to hack their way on to an FTP server, pull files pretty much at random then spend days trying to crack the PGP wrapper. Good luck with that. You might be surprised at how much material five or six different families actually have. Movies, music the differing tastes produce quite a wide selection. They save hundreds, maybe thousands a year and the risk is pretty minimal. And there's no special clients required, just a copy of PGP tools. If that group were 10 people or families instead of five, imagine how much more material would be available?
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Darknets - the Dark Side of the Internets!
Try monitoring a campus network where you have several thousand users and an obscenely large amount of bandwidth. Oh, and you have live research data being generated on campus and moved to places like the NCSA etc... Bandwidth consumption may vary by tens of megabytes by the minute. So I ask you, in that situation (which I work in) what is an "increase in bandwidth" a sign of?
;)
Effective monitoring is actually quite achievable with freely avalible software.
On a properly managed network you should be able to tell exactly who is using how much traffic and what type of traffic (and where it's coming in and out from) and to spot suspicious changes in usuage patterns, with historical data avalible in a format appropriate for a quick visual comparison. All of this should be fed in to your monitoring platform with alerts raised once set thresholds are reached.
In practice though, it's usually not cost effective to actually clamp down on misuse of bandwith and it's more prudent to let it slide (and/or go for the low hanging fruit if spot anyone taking the mickey) and just pickup the tab afterwords.
(Disclaimer: The next part of this post drifts away from this specific thread
I'm not sure why so many people imagine monitoring traffic by source and type is difficult and that they can't be spotted and rate limited on a per user basis, in an entirely automated fashion.
Using tools like jflow and cflowd (and various other commerical purpose built tools) to do detailed traffic profiling, and to a limited extent shaping, is something a few carriers and large providers do already. Even if your provider doesn't do this, there is a really good chance their transit providers do it.
At the moment, the majority of providers mark P2P traffic as the lowest priority for QoS purposes as it is, because (a) it's so all consuming and disproportionately resource intensive (compared to far more common tasks like legitimate HTTP traffic and FTP data transfer) and (b) it's hard to complain about slow transfer speeds of what is almost certainly Warez between you and an anonymous DSL/Cable subscriber in another state/country. This is partly why P2P transfer rates can be very crummy (the other major reason being of course the limited upstreams of most users).
Once you have profiling data for a given port or IP on your network, all you need to do is send a trigger to the switch/router/DSLAM/etc. to either trottle the traffic for that port on the TCP/UDP ports required (as the hardware permits - ideally on a per-TCP/UPD-port basis), or - if your feeling adventurous (or your hardware is crummy) - dynamically re-route traffic for that destination seperately, though a series of systems that are capeable of enforcing very fine grained QoS controls (on appropriate hardware, the 2.6 kernel with iptables and some appropriate modules is actually capeable of impressive work in this area).
If users start tunneling large amounts of traffic down other ports (and disguising it as as regular HTTP, SSH, HTTPS, etc. traffic) then it's going to be really obvious to spot using automated software, and those those users will find that providers will just impliment systems to nobble that specific type of traffic on their connection while they persist in doing that, and if they want unnobbled connection, they'll have to pay a real premium to compensate. It's also entirely possible providers will start enforcing QoS based on destination too, so that transfers to systems that are common P2P traffic destinations are effectively crippled (and traffic to network ranges used by Cable/DSL/College dorms/etc. could even be rated by default).
If any users imagine they can 'sneak around' by tunneling P2P traffic and making it look like encrypted VoIP traffic (and warzing to their hearts content at the expense of the rest of legitimate users) they are in for a big shock. They are going to find that suddently their VoIP traffic starts having specific (weekly/monthly) transfer limi
No, of course not. ROT-13 is the crypto equivalent of leaving the key under the doormat. The biggest use of it I've seen is in discussion groups to "hide" spoilers like movie endings or some such. A real darknet requires reasonably strong crypto. If the RIAA can pick up your traffic with a packet sniffer and trivially decode it, what's the point of doing it in the first place?
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
I don't think the Great Firewall would be particularly effective at blocking content that is designed not to be blocked.
Why is everybody acting like these "darknets" are some new and dangerous threat? Christ, the Lockheed Martin guy sounds like he's angling for a job in the Bush administration.
Just because some random article suddenly applied a new word to a private invitation-only network of individuals doesn't make them new. In the mid-90's when I first went online, I would (try to) hang out with the hacker/phreaker/warez types. Because a lot of what they did was illegal (and btw, they got punished back them just as they do now), they tended to form close tight-knit, invitation-only groups. The medium then was/is IRC and via it, they shared knowledge and data. Another thing that hasn't changed is that more often than not, you have to contribute to the group in some significant way in order to both gain admittance and remain part of it.
"Darknets" have always been around and always will. By their very nature, you don't see them. You can't tell how many there are, and you certainly don't know what's going on inside them because you won't get invited without proving that you're one of them first.
Without being able to know at least these basic things about them, they simply can't be fought against. You basically have to make sure your own networks are secure and pretend the darknets don't exist because for all purposes, they don't.
If you think that the authorities needed a new or good reason to invade the net the you need to brush up on your american history. Specifically Harry Truman's creation of the NSA and the related creation events of the national security state.
None of this matters. The RIAA is trying to impose an outdated idea on a population too numerous and clever to stand for it. I don't particularly like the idea of warez (and that IS what 95% of P2P traffic is) as a Free Software zealot, but we passed a tipping point years ago. The average person today (especially among the 30 population) no longer considers swapping files to be immoral.
Eventually the law will catch up to practice, but until it does the [RM]PAA will continue to drive it underground. I predict they will be increasingly successful at driving it underground and totally ineffectual in achieving their goal of stopping it from occuring. Consider: twenty years ago the local 'computer clubs' were essentially nothing more than groups of folks bringing their computers together for the purpose of trading vast quantities of software. Or put bluntly, as soon as the commom man was given a printing press he set forth printing with a vengence.
RMS was again spot on. Copyright law made sense when it was regulating the select few wealthy enough to own a printing press because THEY could agree it was in their longterm best interest. Now that everyone has one the game has changed and either the law changes regarding copyright or the law changes to eliminate our representive form of government because longterm, the government cannot continue to have the consent of the governed and keep locking vast numbers of registered voters.
And while twenty years ago it was only software being copies, technology has marched ever onward and there will never agian be a seperation between computer software, music and video. And those old swapmeets show the logical end path of this game.
In the olden days you had a few 'yo ho ho pirates' in every town that essentially had EVERYTHING. We will soon see affordable storage systems to make that sort of thing possible with music, with video only a few years later. Imagine a world when the top level pirates have a couple of portable USB drives with every song that charted on Billboard's charts since they began, trading it out in every town, on every college campus, etc. in perfect flac format or 320Kbps mp3. In exchange they get every NEW song that is released so that their collection stays complete. (These obsessive compulsive collectors gotta have em all after all and THEY won't pay for a CD, hence they trade.) For the RIAA, the RIAA's days will become numbered. Sure they can try to sting a few of them, but it won't work in the end. And remember, a generation or two in drive storage later the same thing happens to video. The top level traders will have EVERY hollywood release, every episode of every telivision show, etc. Then it is the MPAA's turn to know real fear.
The end game comes as storage continues it's increase. To the point where EVERYONE can afford an iPod large enough to hold essentially everything. Then some wit will release a sync program. So that every time you get to know someone well enough to figure they ain't a Fed you will 'sync' your media collection, each of you getting what the other has, replacing lower quality rips with higher quality, etc. Then it IS over.
What that world looks like, where copyright has been totally rendered comic, I can't really imagine. But it IS coming and we had better be thinking about ways to survive the whirlwind of change it will bring with it because there is only one other option. That would be the dark distopia of DRM and pay for play that THEY have planned for us.
Democrat delenda est
I dont want to be a CIO.
What a croak of bullshit. Darknets. Yah. If someone in my office sets up a "darknet" [holy shit what a name, is this guy with the government], its not going to be because they want to talk to their friends from the neighbourhood al qaida cell, its because they want to download content. So next time I am billed for traffic/look at the management console -- I *will* notice that something is going on. Just like the time some tard on our team wrote a script that generated 6k email messages a day.
Please mod parent up. It's nice to a) read this glimpse of the real world of larger scale network ops, and b) see it mentioned that PtoP, which IMHO is still used primarily for illegal purposes, costs us all.
/. posts I've read (I read at -1) don't strike me as coming from particularly noble people. I think of theft as theft. If you don't like music label policies, etc., get the word out, boycot, etc. Stealing makes you, guess what, a friggin' *thief*.
b) is gonna cost me karma, big-time.
I'm aware that torrents are a legitimate and effective means of getting that latest Linux distro out, that there are other legitimate uses for PtoP, etc. But I suspect the number of packets in transit at just about any given time carry a lot more illegal films and music than legal software, etc.
Before a lot of people pile in with how they're stealing music, etc., for some noble purpose, let me say that the vast majority of
Maybe legal things you can do won't have any affect, because people don't care. That sad state of affairs would then simply be the reality of our society. People with the morality of a thief are a part of the problem, not a part of the solution. Perhaps you have a wonderful future ahead of you, as a record company executive.
What you do with a computer does not constitute the whole of computing.
Back in the day, when the mighty gophers roamed the planet, university students would string ethernet cable window to window in the dorms as a peer to peer "darknet". It couldn't be seen or controlled by the administrators because it wasn't on the school network. Of course, it didn't last long at all because the universities excerised their property rights and had the cables removed. Today, it can be done without wires using wifi in their place. A true darknet, maybe even a global one, is feasible. That would be interesting.
Once you have profiling data for a given port or IP on your network, all you need to do is send a trigger to the switch/router/DSLAM/etc.
Is that all you need to do? Ok, as I pointed out it is a university. People pay to be on that network. People who do things that you may find unacceptable are given grants to do those things. This means that when ou see 'bad' traffic, a certain amount of institutional knowledge has to be applied and perhaps investigative skills to determine if said traffic is bad or not. Also, bear in mind that as universities are the hold outs of free speech you must make the good or bad decision based on knowledge of or about the user without EVER getting to see the data payload on the packet. Still sound simple? Your method in our environment would take our small security team and turn it into abattalion. No university wants a battalion of people looking at their packets. Your proposal is nice though for corporate type networks and does show a great deal of network sophistication, so if I sounded sarcastic... that's just me. kudos to you.
There are some things that the government and the courts have no business getting involved with.
If you are doing traffic on our network that I need to know what it is, I'll go to your computer and check. In a managed environment, like a corperation, you don't have privacy of your data. You can encrypt traffic, and should (we fight all the time to get the last few telnet users to switch to SSH) but that's to keep random malicious users out, not your IT staff. Your IT staff can come and ask to see what's happening on your computer and "no" isn't a legit answer, as the computer is company property.
I personally don't see any problems with Darknets that didn't already exist with SSH. If I work in an environment where we don't care what you do, unless it's a problem, then we'll ignore your traffic unless it's excessive. If I work in an environment where we restrict what you can do, then we'll monitor your traffic and if we see unknown encrypted traffic, you'll be asked what it was and your computer will be checked.
So I see Darknets as a problem for the RIAA maybe, and frankly I don't give a shit about them, but not for corperate IT.
I don't think they've been told of the wonders of Britney Spears, Nickelback, and Democracy!
That's the wrong question - The question is:
What the heck is Google?
If the intent is to keep a company's bandwidth from being consumed with traffic unrelated to the company, doesn't it stand to reason that the AUPs that companies develop should be fully adhered to, and properly understood by the employees?
I am astounded at how much companies show interest in a particular skillset for employees, yet how little they admonish employees for the kinds of traffic they generate. And arguments such as those created when discussing "darknets" (whatever these things are) become useless, if the AUP has a good set of teeth.
Darknets are just the latest "OH MY GOD WE MUST ALL FEAR" line the computer industry is going to use to field a "solution" (probably some kind of sniffer for corporations, which tries to detect traffic which it cannot categorize and produces reports for suits).
Say it with me: darknets have always been here, and they will always be.
Hackers have IRC and other invite-only forums, and all the ways in which they've used them to secretly pass information around without the squares being in on it. P2P networks are darknets (for YOU, anyway) if you don't have software which uses the protocols and don't know anyone who knows about them. ANY new network protocol can be a darknet. You can roll your own anytime you want.
Darknets are the modern equivalent of the Captain Midnight Secret Decoder Ring. They are NOT the Beginning Of The Fall Of Civilization(tm).
Don't believe me? Fine. Be that way. Try this fun experiment:
Write yourself a Java suite that:
CLIENT SIDE:
1. Briefly touches a server, downloads the current list of IP addresses that have announced themselves to the server, announces ITSELF to the server, and then logs off. The server IP is probably best implemented as one of a list of possible server sites, so that if one is compromised (doesn't give the correct handshake or whatever) you just move on to the next one. All communication should be encrypted using the server's public key and YOUR public key (RSA between the two points, or whatever is fashionable in your circle of friends).
2. Lets you compose messages, or file transfers, or whatever, destined for whatever IP address you want to communicate with, again encrypted with both public keys. Maybe you even compress the data first, to reduce bandwidth usage.
3. Lets you "blackball" any IP address you think is compromised. You could implement this as "My PC Only" or as a common blackball pool, which everyone could vote on, or as a common blackball pool which people could consider provisional and accept or not accept.
SERVER SIDE:
1. Manage lists of IP addresses and their status.
2. Provide a handshake which is meant to test whether your software is authentic and you are in fact an approved node. If you're not, you get sucked into a honeypot and studied. You are NOT given an actual IP address list; rather you are given a fake list full of false leads.
3. Allow certain admins to control the system to some extent, ousting problematic members (bans) and so forth. This could alternately be implemented on the client side, with a voting scheme, or whatever.
Bam. Instant darknet. And it's a piece of cake for anyone who's passed the junior-level networking course at any public university. THINK about it -- why do you think anyone studies computer science these days? It sure ain't to find a job... People study computer science to build themselves cool, weird things that stiff, stick-up-their-ass types don't approve of.
Deal, people. The world is not all simple and sparkly, like an amusement park. We are all grown-ups, and we can do grown up things even if it frightens The Man(tm). And, really, computer science is the closest thing any of us gets to wielding supernatural power. Us geeks can do things NOBODY else can do. Why not do them? Why be a boring square if you don't have to? Build something freaky, get yourself one of those weird, off-kilter cover photos in Wired that makes you look like Dr. Evil. Why not? You weren't put on this earth to make Sheeple feel comfy and warm. Fuck 'em.
Farewell! It's been a fine buncha years!
At which point, you either have a) no scalability (all must trust all) or b) no trust, which negates the entire point of the darknet
/arbitrary
Recognizing that there is no such thing as an entirely trustworthy network (unless you know and implicitly trust each individual involved, and their security) couldn't you just implement a scalable trust level? By this I mean limiting the number of hops, or degrees of separation from who you implicitly trust (your 'friends'), to who they implicitly trust, and so on to the unknown computer. In this way you could come to a trade off between data available, and the level of insecurity you consider acceptable. In the case of highly sought after information we would see a trickle-down sort of effect... There are lots of possible variations on this theme.
How would the degree of trust-separation be tracked? I am not entirely sure, but perhaps a public key encryption of each individual's friends list could work. Files searched for in levels - first your friends, then their friends, etc until the file is found or the security limit reached?
Not sure if the "national security" sentence was intended as a troll, but no, encouraging encryption, everywhere, in everything, is *good* for national security, even if governments don't like not being able to wiretap everybody. The real strength of democratic countries comes from freedom of speech and association and strong economies that come from freedom of internal and external trade, and encryption strengthens that by preventing thieves from stealing everybody's stuff and thugs from attacking people they disagree with, regardless of whether those thieves and thugs are wearing stinkin' badges or not.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
How is speaking badly about the US President illegal communication? Short of calling for his assasination.
I can't think of a time in my life when it hasn't happened in *every* newspaper I read.
To say nothing of Jay Leno. He will sometimes do two or three presidents in a night...
``It is bad law, admittedly written by a bunch of lawyers (collectively known as "Congress")''
And this, again, is a symptom of a much larger problem, which runs as deep as the foundations of the USA. The number of problems I observe is so great it makes my head swim, but I'll try to point them out somewhat coherently.
The tip of the iceberg are the politicians who write these bad laws. But then, the USA is a democratic country, right? So these politicians have been elected. How come?
Allegations of faulty voting machines aside, the fact is that there is major support for the parties these politicians belong to. I think most of them are Republicans, but that could just be because I am rather left-leaning. Either way, there is major support for them; the republican party is very popular, and if there are bad politicians who are democrats, well, the democratic party is very popular, too.
So how come these parties are so popular? Well, part of the reason must be that they are the only two parties one could realistically vote for. This is because the winner-take-all system makes it so that a third party getting votes would take these votes away from the party closest to it, thus increasing the chances of the other party (that these votes wouldn't have gone to in any case) of taking the cake.
Another problem is the ignorance of the voting public. This is not meant as an insult, but rather an observation, and one I think many will be able to second. I think this ignorance is largely due to the media not doing their job right (again, an observation I've made that I think many can confirm). Of course, the media are large corporations, and large corporations tend to favor political parties that look after their interests, and the interests of those with lots of money.
Yet another factor is the fact that vast amounts of money are used to finance election campaigns, and this money comes in largely through donations from people and organizations who have a lot of money to donate. Even if no strings were explicitly attached to this money, it's not hard to imagine that politicians would be inclined to look after the interest of their donors. After all, it wouldn't be good form to turn your back on your benefactors.
So what do we have? We have a society where there are two political parties, with no room for a third party; the parties' election campaigns are being financed by the rich and large corporations, the same group who controls the mass media, which provides the means of keeping the public uninformed or even misinformed.
As far as I can see, this is a terrible situation (one group pulling strings in politics and the media), which most people don't want to change (people don't know/care about politics), and which others can't change (you could vote for a party that would do better, but that party wouldn't win).
Let me make one thing very clear: this post isn't meant to bash Americans, just to point out the situation the way I see it.
Please correct me if I got my facts wrong.
This kind of thing drives me nuts. I realize it makes your job easer as a security guy if nobody is allowed to do anything, but I wonder if companies are even thinking about what they're losing by putting all their technical employees in a box. Where I work we lose days at a time to simple problems the guys in the trenches could have dealt with in ten minutes if they had the right access.
Anyway the whole article reads like RIAA generated FUD. Companies have a lot less to fear from "darknets" than the music industry does.
Im confused, i always understood a darknet to be a segment of ip addresses with no services on it that captures all packets to a monitoring computer. They use them to track malware attacks. see http://www.cymru.com/Darknet/ Now they are using it to describe covert channels, whats the deal?
Of course most of us know this but some of us don't...
We should note this can be attacked by frequency analysis: Look for the most common letters used in the language, such as AEIOU and substitute those - then the most common components such as sh, th, ch, etc. and substitute those. Then subtitute letters for their frequency of appearing in words with their frequency of appearing in the message. Then do the spell checking thing.
Also, bear in mind that as universities are the hold outs of free speech you must make the good or bad decision based on knowledge of or about the user without EVER getting to see the data payload on the packet. Still sound simple? Your method in our environment would take our small security team and turn it into abattalion.
Entirely coincidentally I've actually had to as it happens (that is, doing weird, secret things to high volumes of unobservable traffic, and without knowing the source or type of traffic and without making it obvious) and am in the middle of finishing a requested paper on it, and I think the task pretty straightforward when approached with due consideration. There are actually a whole number of different approaches you can take to monitor traffic by type (independant of what port it's on), and it's possible using both commercial purpose built hardware and software, and using commodity hardware and more flexible FOSS.
'Simple' very much depands on the current network, the staff avalible, their workload and the budget you have to work with. This solution is the sort of thing one or two people can impliment though (two is nice, as then you can have a really good developer and a really good network engineer and have them work together), and it can be easily looked after by one person (not even full time) - even for many thousands of users.
That said it really ought to be simple to spot bad traffic off the bat, as I'd hope that traffic from the likes of dorms and public terminals would be entirely seperate from traffic from departments and sanctioned projects (that is, seperately switched, and with different QoS levels) and that they'd all have their own usage reports & graphs and they'd all have stated requirements for expected usage for the year.
Taking whatever measures you deem fit on systems in facilties used by doms and public terminals (and to a lesser extent in labs) to ensure a generally high level of service should be a no brainer - just as existing ISP's do they ought to be treated as 'low rent' consumers and their service is going to have to be contended and so subject to certain limitations.
All that you have to do then is meet the needs of the formal projects, which really ought to be easy with their agreed SLA's (with max burst limits, bandwith allowances, levels of resiliance, etc.) agreed and previsioned for in advance.
Anyone with 'special needs' or who is unhappy with the level of service in the labs or doms should just make a case as they would with a project. If they demand that all students and public terminals should have unrestricted access (because it's a 'Right!') and as a result someone senior comes to your department and says 'Make it so!' all you have to do is crunch the numbers and say "Sure we can, but to do that, would cost us N $ to ensure we have sufficent capacity and infrastructure in place." and allow those in charge of the budget decide how much they want to spend, dependant upon the contention ratios and service level they want to be able to offer.
"City hall" in German is "Rathaus" Kinda explains a few things......
The second rule of the darknet is that you do NOT talk about the darknet!
In theory there is no difference between theory and practice.
In practice, however, there is.
Can someone explain to me who would trust the security of software written in C?
I'd that by now people would know better than to use C when security matters.
Take that up a notch:
Create a software modem to connect through a VoIP service like Skype and you can get free dial-up over broadband(!). I'm not sure how useful this would be, but you've gotta admit, it's nerdy as hell. The first one to do it will totally get slashdotted.
In that case you'll simply be fired. Remember: This isn't talk about what you can or can't do at home, this was a talk about corperate IT. Well in a corperate environment, you play by their rules. If you don't they can (and will) fire you. So if I worked in an environment where encrypted traffic was prohibited out of the company and I saw a bunch comming from your machine I'd come and question you about it. If you said "I wasn't doing anything go ahead and check" I would. I'd find nothing but that would only alert me. I'd then go back and setup more extensive monitoring on your connection. Next time the traffic started, I'd get you boss and we'd both show up. We'd find you doing something not allowed with a company PC, and having lied about it, and you'd probably be terminated on the spot.
Now, thankfully I don't work for a company like that. Where I work, we don't give a shit what you do so long as it isn't illegal or virus/spam traffic, and we don't even monitor for that, just respond if someone complains. So if you ran a darknet client we wouldn't know or care any more than if you were using SFTP to transfer files to your home computer.
However, my point stands: Darknets are not a problem to corperate IT. If the envrionment is one such as where I work, they get ignored like everything else. If the environment is one where there are restrictions on what you can and can't do, they'll be caught as something you can't do. Doesn't matter if IT can see what the payload is, they can see that you are doing something not allowed and you'll be dealt with.
I know you freshman CS students are heavy in to the Hackers-the-movie renegade mode in thinking you can stick it to the man because you are so much smarter, but that's not how it goes in the real world. When you work for a company, you obey their rules on computers. It's not a matter of if you can find a way around their security, you have physical machine access, of course you can. However, if you don't do as you are told, they'll just get rid of you and replace you with someone who will.
Unfortunately noone can be told what the darknet is :)
3.243F6A8885A308D313
Create a software modem to connect through a VoIP service like Skype and you can get free dial-up over broadband(!).
I imagine that the connection speed will be totally old-skool as well!
If your comment title says 'Re: Foo', I'm not likely to read it.
W.A.S.T.E.
Aha! You just gave a proof that a darknet exists on Slashdot.
I've know about that one for a long time. If you want to join the party, click here.
We just can't see it. But this article got propably a thousand dark wannabe first posts already.
I wonder how they compare to this post?
Warez traffic (let's drop this "darknet" term, I always think that it's an end-user-empowered network run over dark fibers) doesn't follow the typical 24-hour cycle in the traffic pattern. The number of legitimate hosts with such a traffic pattern is pretty small in my experience, so it's quite possible to spot the offenders.
An individual could still adjust his speed throttles during the day, forcing his client to follow a typical traffic pattern, as long as he knows what that pattern is. He'd have to be patient, but any eMule user already is.
Visual IRC: Fast. Powerful. Free.
This confusion in terms drives me nuts. P2P is technology, not crime, and darknets are simply ways of communicating with your peers that some other person doesn't know about.
Should everything you do at work be inspectable by your boss? Normally the answer would be "no" -- you certainly can write a political protest letter during your lunch hour. But with the ways the courts have been ruling, it seems the assumption is that corporations have to know everything you are doing, if it involves a computer. This is completely unenforceable, in my opinion, and will go the way of the Dred Scott decision.
This is my blog
I'm aware, but you gotta admit, it would be a pain in the ass for the feds to tap it. Not saying they couldn't do it, but it's nice to know you'd be wasting a couple hours of their time. :D
It's designed to get around NATs and firewalls, but this is not the same as creating a protocol that's designed to be difficult to see.
For instance, WASTE, IIRC, sends a random n-byte encryption key the moment a client connects. The client and server then use this key to obscure the handshake of public keys. To the outside observer, it looks like a stream of random bytes; there isn't any substrings to recognise.
To stop WASTE, you'd either need to implement a whitelist, or spend a large amount of computing power checking for keys if no pattern is found. You improve this further by embedding a hard-coded password in each new release; to block this type of protocol, one would need to alter your firewall each time a new client version is released.
One could go even further by masking your protocol using a HTTPS handshake. You'd then either have to ban HTTPS and thus prevent people from shopping and banking online, or you'd have to maintain a whitelist of trusted sites, which again would seriously hamper Internet business growth.
Unless you're willing to set up a carefully audited whitelist of trusted sites, you can't stop a protocol designed not to be stopped.
A very well written en correct analysis, sir.
Thus, what the USA should do is:
1)forbid or severly limit the financial ties between (or 'legal sponsoring' of) the corporations and politicians/parties
2)get rid of the two-party system
3)put effort in creating an independend media
Alas...the self-serving nature of corporations and politicians alike means this is unlikely to happen anytime soon.
--- "To pee or not to pee, that is the question." ---