Slashdot Mirror
Researchers Build a Browser-Based Darknet
ancientribe writes "At Black Hat USA next month, researchers will demonstrate a way to use modern browsers to more easily build darknets — underground private Internet communities where users can share content and ideas securely and anonymously. HP's Billy Hoffman and Matt Wood have created Veiled, a proof-of-concept darknet that only requires participants have an HTML 5-based browser to join. No special software or configuration is necessary, unlike with darknets such as Tor. Veiled is basically a 'zero footprint' network, in which groups can rapidly form and disappear without a trace. The researchers admit darknets are attractive to bad guys, too, but they say they think these more easily set-up and dismantled nets will be more popular for mainstream (and legit) users." In somewhat related news, reader cheesethegreat informs us that version 0.7.5 of FreeNet has hit the tubes.
The researchers admit darknets are attractive to bad guys, too.
Yeah, I would be worried about all those sock hat wearing pedophiles out there.
Of course maybe Craigslist could use it to advertise their wares.
Beer is proof that God loves us and wants us to be happy.
Is anyone in Iran reading this right now? OK, don't respond but do pass it on to your friends.
Ditto China.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Now get it out to the protesters in Iran and spread it in China for that matter.
I'm not surprised that this functionality is able to be implemented. Essentially, Web browsers are operating systems that not just parse HTML and render that, but pass a lot of items off to subsystems to execute, such as Java, Flash, Google Gears, or other plugins.
So legitimate users in Iran or China might be able to hook into a darknet that has a portal to the real world outside? Kinda like good old packet HAM radio used to.
meh
Of course secrecy is attractive to bad guys. Problem is according to current legislation we are all bad guys, always crossing some obscure irrelevant law we don't know about.
So one man's secrecy is another man's privacy and protection from overreaching criminalization.
Oh, and anything you write or view on the internet, say over the phone, purchase, sms about, dial on your phone, etc. is saved and archived forever, by default, unless you make a special effort to enforce your right of privacy. Even that special effort does not guarantee protection and furthermore, that effort is not difficult to notice, and boom, you are someone with something to hide, i.e. one of the bad guys.
War is peace. Doublegood peace.
FTA: "It connects the user's HTML 5-based browser to a single PHP file[...]"
Sod it - I've got karma to buuuurn!
(Ok I checked the anon button...)
BUT seriously folks, I've been using I2P for a year now (just upgraded to 0.7.4 seconds before I read this post) and it blows the crap out of FreeNet for sheer speed and ease of use. Just make sure to have a lot of RAM on your machine and crank the bandwidth up real good. The more the give, the more you get!
Which browsers (please include note if it's beta) support HTML 5?
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
I'm not sure how much use it is for people to talk in secret. They probably do that now, with family etc. As we can see in Iran right now, it takes people to have the guts and will to take to the streets and make their feelings known before things change.
I'd (almost) rather use a darknet built over SMTP than use Freenet, which is horribly, horribly, painfuly, agonizingly sloooooow!
TOR, to me, seems to be about the right sort of level of speed and security. I know of no obvious problems with it (other than you can't use applets that call home). This is not to say it's perfect, or that people shouldn't do research, but if there is a benchmark that systems should reach or exceed, I'd consider TOR to be the one to beat, not Freenet.
There are other overnets and underlays which, if you added encryption and randomized routing, would become darknets. Very interesting stuff and very useful in this paranoid age.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
If its easier to use, you will definitely see more people using it who are legitimate. Tor and other darknets are a pain in the ass to use, and they clearly have a larger proportion of people using it for more nefarious purposes. The reason is simple: they *need* to use it because they are bad guys. Good guys, unless they fully comprehend the threats against them, are less likely to go to the effort. Hopefully this works out and is secure. It would be a big plus for people who don't want to deal with the hassle, not to mention, they don't want instantly incriminating software on their machine. My guess is that the Chinese and Iranian government minders don't like you if they see you getting your hands on anything like a Tor/Freenet software package.
v-- people below will point out that Tor provides no security but group anonymity.
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
Is this a late April Fools' joke? How does this supposed system work? It seems there must be a hosted PHP file somewhere - that server needs to have logs, at least if it's inside the EU and however you slice that you're toast.
Basically it seems to work sort of like a BitTorrent tracker that directs your client to other clients. So by what mechanism do you choose who to include in the "net"? If I understand correctly you sort of create channels for different purposes or groups. By using a introductory key? And how do you communicate that key? By encrypted e-mail? So any agencies that listen in on you very easily can see who you communicated with prior to your request for so and so domain holding the darknet PHP file? And how tough is that encryption? Ordinary SSL?
It connects the user's HTML 5-based browser to a single PHP file, which downloads some JavaScript code into the browser. Pieces of the file are spread among the members of the Veiled darknet. It's not peer-to-peer, but rather a chain of "repeaters" of the PHP file, the researchers say.
Spreads the file onto multiple peers? Is it possible for this file to run out of entropy in any way??
Fight for your digital freedom, join the EFF *now*: http://www.eff.org/support/
just ctrl alt backspace and type in lynx :D
Politics is Treachery, Religion is Brainwashing
So, according to The Fine Article, you need to share a PHP file between members of the ephemeral darknet. Now, where did I read about sharing files between peers easily???.... Yes, of course, it was Opera Unite, released just today! Plus Opera 10 supports HTML 5.
So Opera Unite + HTML5 + this technique = immediate and easy darknet
Much easier that setting up TOR if you asked me.
AC
What do you mean "you people?"
The researchers admit darknets are attractive to bad guys, too
So is encryption. So is privacy. So are knives. So is food. So is living another day. It's not wrong just because it can be used to ill ends.
Or, to be all profound and Latin and stuff: abusus non tollit usum.
That video was entirely disappointing.
Gosh, I just see a fair many obstacles to this tech which has many similarities to other systems (judging by the many references to other similar systems in TFA) and thus doesn't sound very revolutionary. But this one is browser based, so I guess, as TFA points out, it lowers the barriers to entry to a darknet. To me, this sounds like what it's about. Just click the link and be one with the dark side? Otoh the question is how it's supposedly used.
I admit I may look like an ass, but unless you've been hiding under a stone lately you'll have noticed that anything having to do with browsers and built-in tools is the shit of the century. So I guess my bullshit-o-meter gave a red reading. For some reason I'd rather like a solution below the application layer, so I can use all protocols while being anonymous. But we have that already. Almost at least, TOR has exit nodes that can easily be hosted by Bad Men.
Another interesting tech is OneSwarm, but it's not browser based and so not revolutionary.
Fight for your digital freedom, join the EFF *now*: http://www.eff.org/support/
In case you didn't notice, the latest trend is that there are Corporations and Consumers. You are probably part of the Consumer segment and so a product of Society and can be sold to the Corporations.
That's where we're headed people!
Fight for your digital freedom, join the EFF *now*: http://www.eff.org/support/
Currently to do shared chat/video chat/audio/documents... most systems are dependent on servers of one sort or another. Making something that could work on a more peer-to-peer level would be very useful indeed as it would help alleviate (though probably not entirely eliminate) the reliance on servers that are often under someone else's control. If you doubt the usefulness of this, just look at what is happening in Iran right now.
an artificial one. The main job of every efficient government is to make us ALL feel guilty and scared. In other words, to make us all "bad guys", so they can legally go after us and manipulate us at will.
The efficiency of a government is strongly related to the number of citizens it perceives as the "bad guys", such as "copyright violators, patent infringers, software pirates, tax evaders, road speeders, people parking wrongly, walkers on grass, flashers, hackers, elevator farters"... The more categories of such "outlaws" a government can come up with, the more efficient it is.
Modern governments have become quite cunning in that they will consistently deny all that: they will explicitly assert that they are furthering feelings of pride and civil courage as opposed to feelings of guilt and fear, and they will try to hide behind memes such as "rule of law" or "democracy". But words are easy. We should always judge them by their deeds.
Intellectual Property: an immaterial non-entity, most fiercely contended by those with no proper intellect to speak of.
When it works with lynx.
Sig this!
If something like Opera Unite or Azureus jump on this particular privacy/security bandwagon, then you will have gazillions users on the darknets doing the same non-pedophilic things they do.
It would be very hard to push the case for dealing in child porn.
I don't understand the technology correctly, but if it's anything like Freenet or i2p you only would carry the porn bits ocasionaly, that is, at random, because you are just a carrier for something you don't even know what it is because it's encrypted to your eyes and system. Pushing a court case like that is fucking crazy. Just throw away Western civilization for the last 200 years...Well, Bush tried...
Ninety-two point four per cent of juvenile delinquents have eaten tomatoes.
Eighty-seven point one per cent of the adult criminals in penitentiaries throughout the United States have eaten tomatoes.
Informers reliably inform that of all known American Communists ninety-two point three percent have eaten tomatoes.
Eighty-four per cent of all people killed in automobile accidents during the year 2004 had eaten tomatoes.
Those who object to singling out specific groups for statistical proofs require measurements within in the total. Of those people born before the year 1850, regardless of race, color, creed or caste, and known to have eaten tomatoes, there has been one hundred per cent mortality!
In spite of their dread addiction, a few tomato eaters born between 1850 and 1900 still manage to survive, but the clinical picture is poor-their bones are brittle, their movements feeble, their skin seamed and wrinkled, their eyesight failing, hair falling, and frequently they have lost all their teeth.
Those born between 1900 and 1950 number somewhat more survivors, but the overt signs of the addiction's dread effects differ not in kind but only in degree of deterioration. Prognostication is not hopeful.
Exhaustive experiment shows that when tomatoes are withheld from an addict, invariably his cravings will cause him to turn to substitutes-such as oranges, or steak and potatoes. If both tomatoes and all substitutes are persistently withheld-death invariably results within a short time!
The skeptic of apocryphal statistics, or the stubborn nonconformist who will not accept the clearly proved conclusions of others may conduct his own experiment.
Obtain two dozen tomatoes-they may actually be purchased within a block of some high schools, or discovered growing in a respected neighbor's back yard! - crush them to a pulp in exactly the state they would have if introduced into the stomach, pour the vile juice into a bowl, and place a goldfish therein. Within minutes the goldfish will be dead!
Those who argue that what affects a goldfish might not apply to a human being may, at their own choice, wish to conduct a direct experiment by fully immersing a live human head* into the mixture for a full five minutes.
* It is suggested that best results will be obtained by using an experimental subject who is thoroughly familiar with and frequently uses the logical methods demonstrated herein, such as:
(a) The average politician. Extremely unavailable to the average citizen except during the short open season before election.
(b) The advertising copywriter. Extremely wary and hard to catch due to his experience with many lawsuits for fraudulent claims.
(c) The dedicated moralist. Extremely plentiful in supply, and the experimenter might even obtain a bounty on each from a grateful community.
THE DREAD TOMATO ADDICTION Mark Clifton This essay originally appeared in the February 1958 edition of Astounding. The dates in this version have been modified (all dates plus 50 years).
My favorite quote doesn't fit into 120 characters. Now no one will like me.
You guys seen Opera Unite? It's kinda like that I think. The only parts missing are the crypto design.
The point being that darknets and p2p small-clouds are here. They are here.
What will The Powers That Be do? Outlaw html? Outlaw crypto? You can't. Crypto is mathematics. There's no way you can outlaw math or science. Unless they want the Middle Ages back - and some politicians in Europe (particularly UK and Germany) and the US would like that very much.
What worries me is the well-meaning politician (who doesn't want to protect children, right? Or people against terrorism?) who is a moron in tech terms and thinks such things are feasible. No they aren't. Unless you take my right to write (source code, maths, etc.)
But beware. Knowledge is to be outlawed in the near future. They have tried this before with Phillip Zimmerman's PGP. They will do it again.
Funny how you dismiss America as "christofucks" and attempts at high morals, then disdain on Europe (which has a much lower religious attendance rate) as a bunch of lazy perverts. What do you want? Atheistic anarchy? That surely is a better way!
Since there are zero details in TFA, i'm just going to speculate that one of three things is going on, in order of increasing probability:
1. HTML 5 creates all sorts of fantastic new ways to communicate anonymously through a central server. In that case, please fill me in. In genuinely interested.
2. The researchers have implemented something like the dining cryptographers protocol in js and php.
3. TFA is utter bullshit
Perhaps he saw that the terrorists have already won by getting our governments to take all our freedoms away.
Yes I said it.
The terrorists have won.
A seriously important requirement for any darknet is the ability to conceal your IP address from the other participants. I don't yet see how that happens here.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I had to turn off the stylesheet to be able to read TFA. That site is broken in all browsers except IE. And they want to be HTML5 advocates?
I really, really, don't want to know what was in that video you posted
Wait, whats wrong with Atheistic Anarchy? A world full of people who aren't willing to kill for a figment of someone elses imagination and don't rule over each other with an iron fist is a bad thing?
Cool !!11!!
JMule user : http://www.jmule.org
It doesn't matter which form of government they are in or which religion they follow, people will still try to rule over each other and will be willing to kill for a figment of their imagination.
They don't even need malicious intent for that matter. They just need to believe their opinion is "the best" or "for the good of all" regardless of other people agreeing or not. Any kind of belief (or government or even knowledge) will cause conflict.
When someone is defending its beliefs it might not even notice when it's crossing the line and going too far. It is subjective, after all. Then add self-justification and hidden interests...
Humility is an actual virtue.
The good, the evil and the vacuum tubes.
the US is populated by Christofucks. It is a backwards place.
I was with you until you made this remark. It is both unfounded and counterproductive to your otherwise maturely-worded, well-thought-out point.
US [...] UK [...] Germany
If you're highlighting Western Democracy's actions regarding Internet censorship, you can't leave out Australia.
Many countries have these kinds of issues which need to be more closely scrutinized, though.
I just wanna comment on what you said. So often, when discussing anonymity and darknets, people assume, incorrectly, that there are no scenarios where a law-abiding netizen would need Freenet, etc. That's not true.
Here's my Good Guy Needs Freenet scenario. Its about porn. There are legit reasons someone might wanna use Freenet for porn. I wouldn't wanna be a lawyer from a famous office and at the same time have a blog where I'd post my favorite HARD ANAL SEX videos.
With Freenet, you can do that.
BTW, there's no child porn on Freenet, that I know of. Or, there's very little. Apparently, if there is, there's very little. I've never seen it. If you don't believe me, install Freenet. So let's not get hysterical.
> the terrorists have already won by getting our governments to take all our freedoms away.
That's an insightful definition of "winning". They let governments get away with anything under the excuse (which might be justified or not) of national security, and that's the only fruit they bear. "By their fruit you will recognize them".
---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
If people can't see the potential value for legitimate use of such a network after witnessing the abuses of power that have been happening recently in Iran and chronically in China, then they really are hopeless.
The only thing necessary for the triumph of evil is that good men do nothing.
It is too early on Wednesday morning for truth here on /. Please wait until I am not drunk in the future if you don't mind. The terrorists won when we started gutting the Constitution, the Bill of Rights and the accumulated body of laws that had established our freedoms in this country. When little hick towns like the one I live in started x-raying all people entering the courthouse, and making them remove their belts, a sign of loss. When arriving two hours early at the airport, having to remove your shoes, the lists of forbidden items, another sign of loss. When the NSA and other alphabet soup agencies coerced the phone companies in letting them tap the lines of almost the entire nation, another loss. When we stopped protecting American interests with the full force of the military and started doing the limited war bullshit, another loss. When the perception of other countries became more important than our country's safety and well-being, we were pretty much done at that point.
You got me 'til the point with the war. Sorry, but that's not the reason behind limited warfare.
You see, it takes a lot of effort and propaganda to get a war running. It's not like you can start one with, say, Canada, just because it's Tuesday and colder than outside. You need a reason, then you have to sway public opinion, you have to spin and you have to forge documentaries... that's not cheap.
And then you finally have your war... and you have no real opponent. You know, the likes of Nazi Germany or Japan, an army that deserves the name, where you can go full scale. But that's not really the kinda war we want, hey, it was anything but certain how that ends! Well, at least 'til about 43.
Today, the US is unparalleled in firepower. Well, aside of Russia and China maybe, but why'd we want to bomb our resources and manufacturer? Instead, we need some small country that can't sensibly defend itself and make it the big boogeyman. Dunno why anyone believed that Iraq or Afghanistan could pose any threat to the US, but behold, it worked. Now, of course either country could have been reduced to rubble in less than a week, but that's not the goal here. Profit is in waging war, not in winning it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.