Slashdot Mirror
Darknets Coming Soon?
Anonymous Stalwart writes "CIO.com is running a story on darknets and their implications for security. With the ruling against Grokster, darknets seem poised to become a reality. How this will impact the future of the workplace, from top-level IT/IS managers all the way to non-IT jobs will depend on how the tech community that is developing this technology treats it."
Shouldn't the first sign "something" is up be an increase in bandwidth?
Once you know its happening, you know you have to identify the problem.
Unless somebody can root all the routers and IDS systems for every OS along the way, these darknets will always be detectable.
liqbase
The "Grokster" ruling says that network operators can be liable for users illegal network abuse when operators promote abuse. It's a stupid ruling, but limited. And its standards for proving promotion are unfounded, really allowing just "appreciation" of abuse, without any evidence of public promotion. But operators which do not include even internal organizational acceptance of abuse, which promote only legal use, which offer even minimal protections of abuse, rather than any internal corporate policies which rely on the abuse, are not threatened. The sloppy evidential and jurisprudential standards in that landmark ruling will make it much more expensive for legit operators to remain safe, as they're sued willy-nilly by vengeful media corporations. But the mass media story that "P2P is now illegal" ought to get no promotion on geek sites like Slashdot. If you're going to run a darknet, why not just leave out the abuse promotion, and let your P2P flag fly?
--
make install -not war
by prosecuting unencrypted networks like eDonkey, bittorrent, etc. they're only enforcing users to search for encrypted ways to transmit data. And I don't think encouraging encryption is gonna be any good for national security.
Just a thought.
Well, only 3 comments posted, and the link is already hosed.
As reported by Darknet dot com, a darknet is nothing more than a place where illegal communication (filesharing/hacking talk/speaking badly of the US president) can take place.
I don't see how darknets will make things any different. For years we've had gopher, IRC and other communication channels that have been below the vision of the management elite.
I think lawyers are starting to learn that techies can't be bullied as easily as most, because techies are able to build new infrastructures. Instead of giving up, techies take threats as a challenge or motivation to dive further and further away from public vision.
What are you eating? isItVeg?.
A Darknet is a private virtual network where users only connect to people they trust. That's it. It can be used for good or evil.
http://www.cio.com.nyud.net:8090/archive/110105/tl _filesharing.html
---
FILE SHARING
Spies in the Server Closet
BY MICHAEL JACKMAN
The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology.
Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, "you don't know it's there in the first place."
All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. "The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down," says Cole.
He advises that the best--and perhaps only--defense against darknets is a combination of network security best practices (such as firewalls, intrusion detection systems and intrusion prevention systems) and keeping intellectual property under lock and key. In addition, he says, companies should enact a security policy called "least privilege," which means users are given the least amount of access they need to do their jobs. "Usually if a darknet is set up it's because an individual has too much access," Cole says.
---
What the heck is a darknet?
The first rule of the darknet is that you never talk about the darknet!
For those that are asking, a darknet is used in this context as a closed P2P system (i.e. you, your mates, your mates' mates and others by invitation only sharing what you have with each other over the internet).
Reminds me of something me and my brother used to do. We wanted to play a game online over the Internet but didn't want to sign up to yet-another online gaming service (The Zone or something it was called). We both had legit copies of the game, we both had internet connections and we just wanted to play online against each other. We couldn't do a straight TCP/IP connection for some reason or another so the only options left in the software were LAN, Modem or this Zone thing.
So what we did was set up PPTP between our routers, assigned nearby IP addresses on both sides that routed across the connection and played a "LAN" game over the Internet. As far as I can see this was a type of darknet if you like.
If we'd had non-legit copies, many games of the era would let you plan LAN without the CD so long as one player had the CD but not across the Internet. Or, say we'd cracked or VirtualCD'd the CD so that neither of us had a legit copy but could still play online. Then this sort of "PPTP darknet" would be used to let groups of friends without the legit CD to play over the Internet without needing the authorisation or intervention of the person running the gaming servers.
A further thought, bringing it up to the modern day, would suggest that things like Steam could be played over this sort of "PPTP darknet" as a LAN game (connecting to PC's spread over the internet, all disconnected from the "real" internet and bypassing restrictions on who / what is allowed to play)?
It's a interesting idea, sort of like a hidden black market for the internet (which I'm assuming is where the name comes from). As companies crack down on people lending movies to their friends and similar other quite legitimate activities, things like this are going to appear, translated from the real world where this happens all the time to the Internet.
It seems to me that these sorts of things have existed for a while, though. I've heard that things like paedophile rings are already using such tactics? Detection is much, much harder than for a centrally administered P2P network. The only way to detect is to infiltrate the network itself, which is basically social engineering?
You can't teach the RIAA anything. They think they can stop P2P file sharing but the truth is all their legal efforts are driving it underground...where it was before Napster appeared.
There are a lot of very talented techies out there who can come up with some astonishing new tech. A fully encrypted P2P service that masks a user's IP address would make it hard for "the man" to find those who are illegally filesharing. Also, the hacker community can adapt to changing situations faster than any corporation. This is because they aren't hindered by office politics, ethics, patant and copyright compliance and legal compliance. They operate above the law, so it was really no surprise to me when Slashdot ran the story of the trojan that exploited the cloaking ability of Sony's DRM.
I wasn't surprised one bit.
Because of Grokster and others the RIAA bring down a new, bigger, and better P2P service will emerge with multiple layers of custom encryption, IP address masking, and no central server that can be distrupted. You could even block ports at the ISP level and they'll adapt again to support multiple ports at once. Its a loosing battle they just don't get it yet.
Why do you think Internet Security and Antivirus Industies are racking in so much money these days. They DON'T want to see the hacker put in jail because if all the security threats cease and no more viruses are being made they are all out of a job. It a multi-billion dollar industry.
The RIAA is utter and completely out of their league.
Michael "TheZorch" Haney
thezorch@gmail.com
http://thezorch.googlepages.com/home
From TFA:
... And although [darknets are] attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage''
``The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets.
Am I the only one who thinks that if darknets are attractive vehicles for corporate espionage, they would be built no matter what the Supreme Court rules on filesharing?
Please correct me if I got my facts wrong.
Actually, If you establish the DarkNet in the right way, once you are connected to a trusted node you could connect to any other node by passing authentication and encryption keys the long way. This would allow for dynamic (re)routing.
Think of an IRC style web. Basically, a properly designed network would allow one party to inform another that it wanted to make a connection. Then it would make that connection. By pre-passing the keys and proof of identity, you would be able to make arbitrary connections within a "closed surface" of the net.
===
What I have been waiting to see make a comeback is the good old fashioned POTS modem. With all the internet wire-tap laws being generally weaker than the phone tapping laws, it would _really_ make sense to transfer authentications (etc) through a old-fashioned BBS style "drop sites" that were not really on the net.
So you downloaded some particular binary splash. To turn it into the song or whatever you would have to go get the key/completion-tidbit. Heck, the actual directores could be encoded so you _couldn't_ know what you were passing unless you were also in on the sideband/drop-site.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
HOST1: ping -c 1 -p facedead12349876 host2
PATTERN: 0xfacedead12349876
HOST2: tcpdump -x ip proto \\icmp and src host host1 .R....EP$-...lwC
.4.v.....4.v....
.4.v.....4.v....
11:41:51.646216 IP host1 > host2: icmp 64: echo request seq 0
0x0000: 4500 0054 0000 4000 4001 1af7 8752 0886 E..T..@.@....R..
0x0010: 8752 0888 0800 4550 242d 0000 cf6c 7743
0x0020: 25e5 0900 face dead 1234 9876 face dead %........4.v....
0x0030: 1234 9876 face dead 1234 9876 face dead
0x0040: 1234 9876 face dead 1234 9876 face dead
0x0050: 1234
Sure, you'll see a lot of icmp traffic, but odds are most network folks won't considering the pad data in a ping to be payload.
It's like the old ppp over email implementations. Connectivity means data transfer. If some journalist or newbie network admin thinks otherwise, then it's just that much easier.
Can You Say Linux? I Knew That You Could.