PDA

View Full Version : The future of the Internet?


Spinflight
20th Sep 2006, 17:13
Could this (http://www.hacktivismo.com/) be the future of the internet?

Using TCP/IP and the present structure of the internet it is pretty much impossible to have either genuine security or anonymity.

Is onion routing the way forward or just a tool for child pornographers?

green granite
20th Sep 2006, 17:44
All I got was " This video has been removed due to terms of use violation"

Spinflight
20th Sep 2006, 17:58
That should sort it.....

Mr Lexx
20th Sep 2006, 19:34
hmmmm, I see your point. Although, they are not catching the paedo's for just looking at the pics, they are getting them for hosting or paying for access to illegal sites.

Spinflight
20th Sep 2006, 22:58
Well given enough onion servers the system appears fullproof to me, which is in stark contrast to the present internet.

It raises all sorts of questions, the first being who the hell needs that level of security? Having your buying and surfing habits watched is annoying but not a major inconvenience. I can see that the security of your private data is a big issue to people, but so too is your own personal security. Gifting almost completely secure communications to nefarious groups makes the security services' jobs far harder and reduces our collective security.

The computing power is there presently to enable web based surfing with decent enough encryption in each layer to prevent snooping. A child pornographers wet dream, amongst others.

UK law dictates that one must give up the keys to enable your communications to be decrypted if so asked. The penalty for not doing this is a hefty jail sentence. It strikes me that with this system you do not necessarily know the keys being used, which could therefore land you in serious bother. It would be interesting to hear a lawyer's point of view as I am not au fait with the exact wording of the legislation.

I deeply suspect that this is the way of things to come. Whilst the application of technology towards enabling the privacy of everyone is always to be applauded I feel that this is rather too good, too early.

Edited to add: They can and do prosecute paedo's for looking at obscene pictures, indeed downloading obscene pictures, even without your knowledge through blind links or through exploits, results in a charge of creating obscene images on your computer. It is not the act of taking the photos which is classed as 'creating images', you are considered to have created the image on your computer by downloading it.

Blacksheep
21st Sep 2006, 01:25
You can get a very high level of anonymity by using a 'netcard' dial-up to access the internet, never connecting through your own phone line, never using the same phone twice, and setting up a proxy on another (unprotected) computer - it slows down the already slow dial-up connection, but what the hell, if its privacy you're after. Its also surprisingly easy to do. Its no coincidence that one of those people recently detained in UK had dozens of cell phones in his possession.

Did I mention proxying? Your own computer is locked down as tight as a duck's backside, right? 'Cos if it isn't you have no idea what content someone might be routing through or even storing on your PC. I became very interested in personal security a few years ago when I discovered that 500 MB of space on my data partition had vanished. I reformatted and did a clean reload, then that nice Mr. Gibson (Google grc) helped me put things to rights. Lord only knows what was hidden on the stolen part of my hard drive, but I doubt if whoever did that was using it to store his document back-ups.

slim_slag
21st Sep 2006, 09:54
It raises all sorts of questions, the first being who the hell needs that level of security?Loads of commercial transactions and collaborations need to be kept quiet.

For instance. Lets say you are a large pharmaceutical company looking to purchase a small outfit with an interesting drug pipeline. The big company doesn't want its competitors to know who it is looking to purchase in case it starts a bidding war. The small company cannot let it be known that a big company is sniffing in case it affects it's stock price, and the directors might get into trouble.

Right now, you can intercept all the IP traffic coming out of the big/small company and see who they are communicating with - even if the data itself is encrypted and unreadable. With onion servers you wouldn't be able to do that.

So there is one example you seek. There are others.

Very good for crime syndicates as well, I would imagine.

green granite
21st Sep 2006, 10:07
Probably a stupid question but how do we know that this programme isn't the spyware to end all spyware? I know it's unlikely but...........:hmm:

Spinflight
21st Sep 2006, 10:10
Aye there are plenty of perfectly valid reasons why onion servers are a damned fine idea, although the fact that messages are sent as cleartext on the way back from the final server would worry me somewhat.

I always assumed that any drastic security improvements to t'internet would be based around new operating systems or hardware and therefore be nice and expensive, and easy to trace. This system however appears to be completely free.

Unfortunately this places it in the sticky paws of many undesirable groups. Child pornographers, terrorists, liberals, scousers and ginger people can all have access to untraceable communications and websites. It isn't going to be easy to even know how much traffic is going through the onion network, the backbone of the internet in the UK is all based around BT private circuits, which are unmonitored.

I'd be much happier if they were selling it for $100k a copy.

hasman
22nd Sep 2006, 14:30
Spinflight,

I think you're right, this model will probably become mainstream, how quickly it will do so depends on how secure and easy it is to use. As it is, I don't think people who truly value their anonymity, data integrity and security will use this service. To quote the Hacktivist website...

"However, users must understand that there are limitations to the anonymity. Torpark anonymizes the user’s connection but not the data. Data traveling between the client and the TOR network is encrypted, but the data between the TOR network and websites is unencrypted."

Ordinary Internet users like you and me don't really need that level of security, but when tracking becomes more intrusive and data security concerns increase, this sort of browser, albeit with better security, will be in demand.

Is it just a tool for paedophiles, terrorists and other undesirables? No, for the reasons I mentioned above, but it will certainly be used by them. This is not to say that this is a 'bad' invention, after all, I'd imagine it's only a few inventions that haven't been perverted or used for means other than what the inventor originally intended. Human ingenuity is marvellous. Besides, the hard core baddies out there are already using tools to mask their identity and to encrypt their data. I don't think this browser does anything new, it just packages previously disparate software and hardware together to make it easier to protect one's identity and data, though it doesn't do a thorough job of that.

I disagree about it making it harder for the security services to catch terrorists, at least not the ones they really want to catch --- the smart ones. If you were a smart terrorist, would you trust a service like this? I think not.

No, this is a tool that will make surfing easier for those living in repressive regimes. Yes, it may benefit the dregs of society to a certain degree (as it's not the sole such tool out there), but it won't empower them --- the Internet has already done that.
Has.

Spinflight
24th Sep 2006, 22:41
Its not so much the browser that I'm talking about, quite frankly the browser itself is fairly irrelevant.

It's the routing system, the onion servers. The fact that each router strips off a layer of encryption to determine the path of the packet.

Whatever you think about present internet security is not security, other than Kerberos its all very open to hacking, intercepts, traffic analysis or whatever.

This is different. I suspect that some day all 'internet' servers will be onion servers...