19 June 2008

Member Contribution - "Brightnets"

[Ed. Note: This is a contribution from one of our esteemed BlackNET members. Sometimes it's best to hide in the sunlight. US1/, US/12,
US/1056]

Brightnets - A new way to avoid censorship and control.

Currently; there is a lot of conversation about Peer-to-Peer (P2P) networks and their use in not only legitimate file sharing and distribution. but also their highly publicized; use in the distribution of 'protected content' of various types. Many people are familiar with the names of some of the original P2P environments, such as Napster; that was used to to share music, and more recent ones such as Limewire and Bittorrent. Then came the "Darknets"; private, invite only P2P networks that use the same types of technology. Now there is a new technology that moves into the space of Darknets; the "Brightnet", a tool that attempts to preserve the anonymity and security of Darknets, but also to combine security, open access abilities and 'plausible deniability' all in one.

Most of the traditional file transfers that occur are what is known as "Client / Server"; where all of the client machines (such as your PC) go to a single server machine (www.pbs.org/frontline/ as an example) and request a file like the video clip on the home page. The server then sends that file to the requesting client machine, which is a easy task, even for large files like video. However, if there are one hundred clients; they all must "wait in line" for that one server to have enough resources to send the file out one hundred times. As you can see; as the number of clients grows; the resource demands on that one server grow as well, and soon outstrip the abilities of any but the largest organizations to support.

Peer-to-Peer (P2P) systems were developed to get around that issue. They make all of the computers both a "client", and most importantly, a "server" as well. So if one hundred systems download that video, there are now one hundred servers as well that can distribute it as well, thus spreading the load.

What people may not know is that a number of the original environments had a 'single source' that could be monitored and eventually controlled. As with Napster; there was a central server that maintained an index of what files were available on the distributed network. This is what allowed the legal action to shut down the original Napster P2P network. Without the single source providing an index; there was no way for any new client to know what was available for download, and on what servers it could be found.

New P2P systems were developed in response to that vulnerability removed the 'single source' index of files; and made it a distributed system where the files were 'advertised' into the network. This is how systems such as LimeWire currently operate. When any system joins the network; it has the ability to 'advertise' what files it has available for distribution, and offer them to the network. While making the system harder to control, it still allows for the sources of 'protected content' to be identified and dealt with. Like a hydra, it may have many heads; but at least you can see where they all are.

The next stage was the development of systems that do not advertise their content throughout the network, but rely on individual systems to handle just what they know about. The protocol known as Bittorrent is used to distribute large files all across the spectrum of users. Content Publishers are using it to distribute Movie Trailers, Operating System Images (Linux distributions almost all use this protocol), and other large media files. Bittorrent systems support both "Index Servers" (a central listing of files) and "Trackers" which are the 'instruction maps' to find the referenced data.

From Wikipedia:

"A BitTorrent index is a list of .torrent files (usually including descriptions and other information), managed by a website, that is available for searching files to download through BitTorrent protocol. It should be differentiated from a BitTorrent tracker, which merely coordinates communication between peers attempting to download the payload of the torrents. Many BitTorrent websites act as both tracker and index. Sites such as these publicize the tracker's URL and allow users to upload torrents to the index with the tracker's URL embedded in them, providing all the features necessary to initiate a download."

It is this segmentation of the function of the protocol (Bittorrent, for example) from the content (SuSE Linux OS CD Image) on the network, in exactly the same way as Web servers are separated from having a 'central index' (although Google is trying hard to become so!) that has allowed for the creation of private, invitation only P2P networks (known as Darknets) by the use of tools such as VPN's and Private Trackers (and possibly index servers as well) to create a "covert" communications medium.

While harder to trace; private trackers and hosts still have the content in it's entirety located on their systems; thus providing enforcement possibility of violations of 'protected content'

Now; with the development of the tool known as a "brightnet"; that linkage itself has been broken. One of the current implementation of the 'brightnet' concept is the Owner-Free Filesystem (known as "OFF" for short) which is a distributed file system where all data is represented as randomized blocks of data. This means that any individual system only stores a set of blocks of truly random data; and has no actual content on it at all.

Files are "created" and "stored" by the creation of a 'formula' of many possible representations that recreates the information from those random blocks of data. So the "file" is assembled each time by the 'formula' (of which there could be any number).

In order to grasp this concept; understand that a digital file; any digital file is just a realy realy realy large number. To keep this simple; remember that digital files are just long strings of binary (0 & 1's) digits. Thus; the sequence of binary digits "1011 1110" is equal to the decimal number "190". Now if we were string a lot of those digits together; you could see that the digital file is just a long number.

Now; mathematically speaking; every number has an *infinite number* of representations; (192=190+2, 190=200-10, 190=95*2, 190=380/2, etc...) Therefore it is impossible to "protect" an *infinite* number of possibilities that all represent the same number. It is the same argument as saying that the entire english alphabet is unusable because it is possible to use it in some combination to arrive at the protected content word of "Microsoft(R)" which is obviously a protected trademark.

So in this way; the data transfer and storage of these random blocks of data is able to be wide open; in the same way that the alphabet can be completely open; as it's not the alphabet that is the 'protected content'; it is the "instructions" that create the 'protected content' out of it. Except that with a brightnet; there are now an infinite possible number of 'instructions' that can all lead to the same result, but each taking a total different path.

So with every new advancement; challenges arise for everyone. Like any tool, technology is almost never inherently "good" or "bad"; it's just the usage that we apply it to.

No comments:

CyBER-BlackSEC Debate

BlackNIGHT Target Practice

SEAL Team SIX - Iron Will from CBS News

The Devil's Advocate?

In 1991, [the late former Secretary of State Lawrence 'Just call me George'] Eagleburger explained to The Post why all of his sons were named Lawrence.

“First of all, it was ego,” he said. “And secondly, I wanted to screw up the Social Security system.”