RSS Alerts

Share

More services

Related Links

Related Stories

  • Organizations Counsel New President on Privacy Issues
    President Obama has yet another set of technological recommendations to mull over following his inauguration today. The National Institute of Standards and Technology (NIST) published a draft set of recommendations for protecting personal information, while the Future of Privacy Forum (FPF) provided its own list of requirements for protecting consumer privacy.
  • The battle of the internet browsers
    Browsers are the hackers’ window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and why user education is one of the primary solutions for increased security
  • Battle of the Internet Browsers
    Browsers are the hacker’s window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and looks at why user education is one of the primary solutions for increased security
  • Google Chrome OS: no viruses, malware or security updates…
    As Google announced the future launch of its Google Chrome operating system (OS) based on an open source Linux kernel, it also claimed that “users don’t have to deal with viruses, malware and security updates. It should just work”, but is that possible?
  • Catch me if you can
    These days, malware writers are in it for the money. In order to maximise profit, discretion is imperative so stealth technology has been adopted as a rule, rather than an exception. Danny Bradbury looks to the cat and mouse game that researchers and attackers are playing to see who’s coming out on top

Top 5 Stories

News

Researchers build browser-based darknet

23 June 2009

Researchers have developed technology that enables users to participate in an anonymous, private communication session using nothing but an HTML 5-compliant web browser.

Billy Hoffman, manager for HP Security Labs at HP Software, and Matt Wood, senior security researcher in HP's Web Security Research Group, will present the findings at the Black Hat conference in Las Vegas next month. They will demonstrate how the system can be used to build a 'darknet', which is a private virtual network running over the public internet.

The researchers say that web browsers are becoming so highly functional that it is now possible to build a darknet using nothing but JavaScript to encrypt communications between the browser and a web server. This contrasts with other darknet systems, such as the Tor technology created by Roger Dingledine at MIT. Tor needs software to be installed on a client computer, and must be taken through a complex set of configurations before it can be used.

Hoffman and Wood's system requires a simple PHP script to be installed on a web server. This script is used to communicate with the JavaScript used in the client browser. It could be used for applications such as anonymous forums and suggestion boxes.

There are some limitations inherent in the system, including restricted bandwidth. Because a client communicates with a single server, it is restricted by the amount of bandwidth available to let server. However, PHP scripts could be installed on multiple servers, which would help alleviate some of the load.

Darknets are becoming an increasingly popular way of making communications private as people become more concerned about online behaviour and identity tracking. Even piracy-focus groups such as The Pirate Bay are becoming interested in building darknets that would enable people to share files with each other without having their IP addresses tracked online.
 

This article is featured in:
Application Security • Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012