Imagine if you could download from a list of popular standard protocols & configure your Darknet client to emulate most of these protocols (one at a time & announcing the new protocol to your group of file-exchange-buddies)- anytime you want.
I like this idea a lot, but the problem is that you need to build a model of a protocol in order to imitate it, and the eavesdropper can probably use the same model to determine that your traffic is fake. Let's say you want to make your darknet traffic look like HTTP. You observe a few thousand HTTP sessions and build a statistical model in the form of a state machine, with a distribution function for the number of bytes sent and received in each state, and a probability for each state transition. But there will always be a small gap between the behaviour of your model and the behaviour of real HTTP sessions, and given enough observations, the eavesdropper will be able to distinguish your model from reality.
How about changing protocols before the eavesdropper collects enough data to distinguish your traffic from real HTTP traffic? Unfortunately, constantly hopping protocols is suspicious in its own right: as well as perfectly modelling each protocol, you'd have to perfectly model the distribution of different protocols entering/leaving a typical host. This just re-creates the problem at a higher level. Fundamentally, you're trying to hide information in plain sight, and the problem with steganography is that it only works when people aren't looking for it.
It's interesting that you should mention the USSR, because one of the earliest examples of a darknet was the Russian samizdat (literally: self-publishing) network. Censorship in the USSR operated in a deliberately ambiguous and unclear way: rather than banning certain works outright, the authorities created a huge legal grey area, discouraging the expression of any political opinion that wasn't completely orthodox. Authors responded by circulating their works privately from reader to reader in samizdat: each reader would manually copy the work on a typewriter and exchange copies with trusted friends. While this isn't the same as being able to stand in the public square and express your opinion to anyone who passes, it still allows dissidents to express, exchange, and develop their thoughts in a way that wouldn't be possible in isolation.
Regarding your second point, it's true that private communication can exclude the people who are being discussed. Allegations (and conspiracies) are usually made behind closed doors. But the powerful will always have access to private communication. The question posed by Freenet and similar networks is whether the less-powerful should also be able to communicate privately. Comparing Freenet to the Gestapo (although required by Godwin's Law) misses the point: the secret police don't need to use Freenet, because they already have overwhelming power. It's the citizens of a police state who need private communication.
Adding manpower to a late software project makes it later.
That's why the only way to meet this deadline is to remove programmers from the project. In fact Microsoft has whittled the entire Windows team down to one intern, a crate of instant noodles and half an ounce of pharmaceutical-grade speed. The intern's strategy has three phases:
Add regular expression search & replace to Notepad
I wasn't suggesting that the query triggered by the NOTIFY would form the DoS. The NOTIFY is just used to get the slave server to query its master, at which point the attacker sends a forged response and replaces the slave's entry for some popular domain with the address of the victim. As you pointed out, this part of the attack is just IP spoofing (and DNS query ID spoofing). The recursive part of the attack comes later and doesn't even require the attacker to stay online: queries for the popular domain are recursed onto the victim by the slave server. The attacker doesn't need a botnet because innocent lookups for the popular domain generate the traffic.
As far as I know, Notify tells a slave server to contact its master for an update, even if the relevant entry is in the slave's cache and hasn't expired. Notify messages aren't authenticated because spoofed messages are supposedly harmless, but if you're on the same segment as the slave or the master or you can guess the ID number of the request (old versions of BIND), you can spoof the master's response and replace the entry in the slave's cache. If the slave has slaves of its own, it will push the new entry out to them too.
Recursion comes into play when someone asks the slave for the spoofed entry. You can list the victim as the authoritative source, so all requests will be recursed or iterated onto the victim.
But the question is, why would anyone look up my.spam.com? I think the attack might be based on spoofing DNS NOTIFY messages to change the authoritative server for a really popular domain. Specifying a short timeout would prevent the reflector from caching the response, so all requests would be forwarded to the victim.
Perhaps what you do is send a spoofed DNS Notify for a popular domain like msn.com, giving the victim's address as the authoritative server for that domain and using a very short timeout. Then every time someone looks up msn.com, the victim gets hit with a recursive request.
He must have been Catholic - what you believe for the first 99.99% of your life doesn't matter, but what you believe in the last 10 seconds lasts forever.
In Texas, for example, any unauthorized connection or attempt to connect to a computer is illegal.
Could you elaborate? I assume there's some kind of concept of 'implicit authorization' in the case of public servers, otherwise browsing the web would be illegal unless you first got permission from the owner of every webserver you intended to connect to... and you couldn't ask for that permission electronically because that would involve an unauthorized connection...
On the other hand if the law contains a concept of 'implicit authorization', how am I supposed to know whether I have implicit permission to connect until I've tried to connect and found out what's running on that port?
Or does the legal definition of 'connect' mean something closer to 'log in' than 'establish a TCP connection'? In which case port scanning wouldn't be illegal...
And just to get really pedantic, if my port scanner just sends a lot of SYN packets and looks for SYN/ACKs, but never completes the TCP handshake, can you really say I've attempted to connect? I don't have the intent and my software doesn't have the means...
Only if they made the elementary mistake of making the gibberish packets a different size from the data packets. We await silent Tristero's second protocol revision.;-)
Evolution put these processing centers within you for a reason
Evolution isn't goal-directed. It's the accumulation of millions of years' worth of short-term, backward-compatible hacks that happened to be well-suited to local conditions at the time. Since any change in an organism's phenotype affects the species around it and therefore affects what will constitute 'fitness' for the next generation, it's theoretically possible to evolve in a circle.
It doesn't have to be done in a privacy-invading manner (although I agree that it probably would be). For example, the DRM chip on the motherboard could contain its own clock, with clock skew being corrected on a weekly basis using signed updates from a network of time servers. You can also get a time signal anonymously from GPS, and there's a land-based radio time signal in the UK.
Sorry, I misunderstood your point - I thought you were arguing that recycled computers were an impractical alternative to the Microsoft proposal, not an impractical alternative to $100 laptops.
There's a big technological gap between "no electricity" and "no internet", and billions of people live in that gap right now. (You might remember growing up in it.) Electricity is available in much of the developing world, either through power grids or portable generators. California's a different story, of course.;-)
Does this phone plug into a clockwork TV? If you have power for a TV set then you have power for a PC.
This idea has nothing to do with power supplies. It's about how to use the investments people have already made (TV set, mobile phone) to bring them something of additional value (internet terminal).
Looking around at my middle-class friends I don't see the desperate struggle for survival that you portray (even if you regard a university education and a mortgage as bare necessities rather than calculated investments). Instead I see a lot of indecisive and rather self-indulgent people who'd prefer to carry on enjoying the good life of toys and takeaways and postpone growing up for as long as possible. There's nothing wrong with that per se, and I'm in the same situation myself, but when those people start complaining about "idiots" outbreeding them, I smell bullshit.
Slashdot Mirror
I like this idea a lot, but the problem is that you need to build a model of a protocol in order to imitate it, and the eavesdropper can probably use the same model to determine that your traffic is fake. Let's say you want to make your darknet traffic look like HTTP. You observe a few thousand HTTP sessions and build a statistical model in the form of a state machine, with a distribution function for the number of bytes sent and received in each state, and a probability for each state transition. But there will always be a small gap between the behaviour of your model and the behaviour of real HTTP sessions, and given enough observations, the eavesdropper will be able to distinguish your model from reality.
How about changing protocols before the eavesdropper collects enough data to distinguish your traffic from real HTTP traffic? Unfortunately, constantly hopping protocols is suspicious in its own right: as well as perfectly modelling each protocol, you'd have to perfectly model the distribution of different protocols entering/leaving a typical host. This just re-creates the problem at a higher level. Fundamentally, you're trying to hide information in plain sight, and the problem with steganography is that it only works when people aren't looking for it.
Regarding your second point, it's true that private communication can exclude the people who are being discussed. Allegations (and conspiracies) are usually made behind closed doors. But the powerful will always have access to private communication. The question posed by Freenet and similar networks is whether the less-powerful should also be able to communicate privately. Comparing Freenet to the Gestapo (although required by Godwin's Law) misses the point: the secret police don't need to use Freenet, because they already have overwhelming power. It's the citizens of a police state who need private communication.
That's why the only way to meet this deadline is to remove programmers from the project. In fact Microsoft has whittled the entire Windows team down to one intern, a crate of instant noodles and half an ounce of pharmaceutical-grade speed. The intern's strategy has three phases:
I wasn't suggesting that the query triggered by the NOTIFY would form the DoS. The NOTIFY is just used to get the slave server to query its master, at which point the attacker sends a forged response and replaces the slave's entry for some popular domain with the address of the victim. As you pointed out, this part of the attack is just IP spoofing (and DNS query ID spoofing). The recursive part of the attack comes later and doesn't even require the attacker to stay online: queries for the popular domain are recursed onto the victim by the slave server. The attacker doesn't need a botnet because innocent lookups for the popular domain generate the traffic.
Recursion comes into play when someone asks the slave for the spoofed entry. You can list the victim as the authoritative source, so all requests will be recursed or iterated onto the victim.
But the question is, why would anyone look up my.spam.com? I think the attack might be based on spoofing DNS NOTIFY messages to change the authoritative server for a really popular domain. Specifying a short timeout would prevent the reflector from caching the response, so all requests would be forwarded to the victim.
Perhaps what you do is send a spoofed DNS Notify for a popular domain like msn.com, giving the victim's address as the authoritative server for that domain and using a very short timeout. Then every time someone looks up msn.com, the victim gets hit with a recursive request.
You can, but you should use PGP to avoid the risk of a man-in-the-middle attack.
He must have been Catholic - what you believe for the first 99.99% of your life doesn't matter, but what you believe in the last 10 seconds lasts forever.
Could you elaborate? I assume there's some kind of concept of 'implicit authorization' in the case of public servers, otherwise browsing the web would be illegal unless you first got permission from the owner of every webserver you intended to connect to... and you couldn't ask for that permission electronically because that would involve an unauthorized connection...
On the other hand if the law contains a concept of 'implicit authorization', how am I supposed to know whether I have implicit permission to connect until I've tried to connect and found out what's running on that port?
Or does the legal definition of 'connect' mean something closer to 'log in' than 'establish a TCP connection'? In which case port scanning wouldn't be illegal...
And just to get really pedantic, if my port scanner just sends a lot of SYN packets and looks for SYN/ACKs, but never completes the TCP handshake, can you really say I've attempted to connect? I don't have the intent and my software doesn't have the means...
You're right about stealing the key, of course, but that isn't the problem they're claiming to solve.
Not when they're behind a firewall - I expect China will start blocking DNS traffic at the border once this system's operational.
Only if they made the elementary mistake of making the gibberish packets a different size from the data packets. We await silent Tristero's second protocol revision. ;-)
Evolution isn't goal-directed. It's the accumulation of millions of years' worth of short-term, backward-compatible hacks that happened to be well-suited to local conditions at the time. Since any change in an organism's phenotype affects the species around it and therefore affects what will constitute 'fitness' for the next generation, it's theoretically possible to evolve in a circle.
Where's my "-1 Corrosively Jaded" when I need it? ;-)
How would you define change without reference to the concept of time?
The standard unit is the milligoatse.
Maybe you should ask the members of the Trusted Computing Group.
It doesn't have to be done in a privacy-invading manner (although I agree that it probably would be). For example, the DRM chip on the motherboard could contain its own clock, with clock skew being corrected on a weekly basis using signed updates from a network of time servers. You can also get a time signal anonymously from GPS, and there's a land-based radio time signal in the UK.
Whereas comparing an analogy to another similar one is valid?
Sorry, I misunderstood your point - I thought you were arguing that recycled computers were an impractical alternative to the Microsoft proposal, not an impractical alternative to $100 laptops.
2. How much must he spend on batteries to store the power so he can stop cranking for long enough to watch a football match?
3. How much was that generator again?
There's a big technological gap between "no electricity" and "no internet", and billions of people live in that gap right now. (You might remember growing up in it.) Electricity is available in much of the developing world, either through power grids or portable generators. California's a different story, of course. ;-)
This idea has nothing to do with power supplies. It's about how to use the investments people have already made (TV set, mobile phone) to bring them something of additional value (internet terminal).
Looking around at my middle-class friends I don't see the desperate struggle for survival that you portray (even if you regard a university education and a mortgage as bare necessities rather than calculated investments). Instead I see a lot of indecisive and rather self-indulgent people who'd prefer to carry on enjoying the good life of toys and takeaways and postpone growing up for as long as possible. There's nothing wrong with that per se, and I'm in the same situation myself, but when those people start complaining about "idiots" outbreeding them, I smell bullshit.