HP Innovation : Private Networks Accessible Via Browser
Traditionally darknets have always been regarded as the dark underbelly of the internet, but now it seems as if accessing a darknet will be as simple as having a web browser. HP researchers recently demonstrated a darknet - essentially a closed private network - that can be accessed through a browser. Some earlier darknets such as Freenet, Tor and WASTE have gained notoriety for having all sorts of objectionable content supported by the veil of anonymity they provide. These darknets need a client to access them. Finding such clients installed on laptops would often raise alarm bells for security authorities as they can be used for virtually untraceable communication aiding even terrorists.
The HP researchers however say darknets have their legitimate uses. Their creation aptly named ‘Veiled’ can be used for anonymous whistle blowing and will also bring anonymous communication to the mainstream. Darknets maintain anonymity by scattering files as fragments across thousands of servers. They also use something known as onion routing that tunnels communication through a network of relays so web sites can’t determine your location. In a podcast with Security Wire Weekly, Matt Wood one of the developers of Veiled said, “We’re leveraging what browsers have become lately, to access some of the functionality offered by darknets”.
A simple PHP file is supposed to connect the client to the rest of the darknet. The user on the other hand has to just go to a URL. The PHP file downloads JavaScript code into the browser. To understand this concept imagines a whole bunch of servers with this one PHP file on them. All of these PHP files together create the infrastructure for the Veiled darknet. Clients will then connect to each one of those nodes. The PHP files act as repeaters to all the JavaScript clients out there. The JavaScript is the one doing all the communication between clients. If, for instance, a chat were to be sent out, it would be dispersed among the darknet users. There is going to be encryption involved too. The best part is once you close your browser, your footprint vanishes instantly. It should be interesting to keep an eye on this to see if any productive applications do come out of it.