Staying hidden online is a very difficult, if not impossible to do. Yes, there are cumbersome steps you can take to substantially muddy the digital waters, with respect to your identity; but, nothing is digitally bulletproof. If a determined adversary is intent on finding you digitally, and they have the time, talent, and resources available to enable them — then, more than likely they will unmask your digital identity at some point in time, People and organizations are constantly seeking ways to communicate digitally, anonymously. No wonder the Dark Web has become so popular, though even with the encrypted Tor router, prying eyes can still find you. Now comes word that the Defense Advanced Research Projects Agency, the Pentagon’s research arm that created the Internet — is seeking to create a new, anonymous communications program/platform.
Dividbyo posted an April 14, 2019 article to the cyber security and technology website, DeepDotWeb noting that last summer/2018, DARPA quietly announced a new research program known as the Resilient Anonymous Communications for Everyone (RACE) program. The program aims “to develop a completely anonymous, and undetectable method for communicating over the Internet,” the site said. “It appears the RACE program will utilize network stenography to hide messages in other Internet traffic. The proposed distributed messaging system would allow for messages and metadata to be exchanged; and, it would not be possible to alter the information while it is in transit over the network. The RACE program seeks to avoid large-scale targeting, and large-scale compromises, through the use of a combination of stenography (or obfuscation) and encryption,” Dividedbyo wrote.
According to a Proposers Day briefing document for researchers which is dated July 24, 2018, DARPA plans to integrate the technologies in the RACE system into a prototype, mobile messaging app for the Android mobile operating system,” Dividedbyo noted. “The code is expected to be made available as open source software by the end of the development process. By the end of the RACE research program, it is expected a full demo will be ready, which should consist of around 1,000 servers, which can support 10,000 users. The research program is expected to take 48 months to conclude, and includes three phases. The bandwidth of outgoing obfuscated client-to-server transmissions is expected to be up to 500kbps, and obfuscated server-to-server bandwidth is expected to be up to 10Mbps.”
Dividedbyo notes that “a special notice explains that the “RACE program will a) research technologies for a distributed messaging system that can exist completely, within a given network; b) provides confidentiality, integrity,and availability of messaging; and, c) preserves privacy to any participant in the system. Compromised system data, and network associated communications should not be helpful to compromise any additional parts of the system.” The special notice, goes on to describe the RACE program as being capable of avoiding being detected or compromised, through large-scale, real-time, deep packet inspection. The briefing document adds that “the fact that the user is using the RACE mobile app, should not be possible to infer, unless the user’s device is compromised. Any compromising of one part of the system, should not enable the attacker to compromise further parts of the system. The end-to-end communications time is expected to be approximately one minute.”
“Theoretically,” Dividedbyo wrote, “the RACE program could be used to send, and receive anonymous crypto-currency transactions.”
Aside from the fact that this network would practically ensure anonymous digital communication for the individual, the creation of such an entity has huge implications for law enforcement, intelligence agencies, the military, people living in oppressed societies like North Korea, and of course the criminal element and/or the darker digital angels of our nature. The off-the-griders of course would also be interested. I hope DARPA has wargammed the pros and cons of such a system/network, and what some of the unintended consequecses — both good and bad — are likely to be. Being able to communicate clandestinely digitally, as well as download and transmit information without the host knowing that you were ever in their network is a big advantage. Especially being able to download and transmit the info in an encrypted manner — without the data being corrupted in some fashion during the transfer — would also have significant intelligence, law enforcement, and other benefits. But, what is the downside of this technology? and, are we opening some kind of digital Pandora’s Box that could come back to haunt us in ways we do not expect or understand very well. The digital adversary…..gets a vote. And my guess is, the United States isn’t the only nation-state that is working on this kind of technology. China, Russia, and a few other nation states, not to mention some of the larger social media conglomerates are probably also pursuing similar technologies. And of course, I would guess that the Trusted Insider Threat would not be solved by this new technology/technique — so, the network or system would still have some vulnerability — beyond the threat that a user’s device might be compromised. One wonders if there is a way to include the ability to ferret out denial and deception, stay-behinds, and digital time bombs as well. What happens, if the anonymous network is breached in any significant fashion? Are stand-alone networks, dummy networks, infected networks, armored networks, hijacking networks, and so on — emerge? RCP, fortunascorner.com
No comments:
Post a Comment