[Clips] Spies in the Server Closet
If this most recent darknet-as-IP-bogeyman meme persists, Hollywood et al. is probably going to make Tim May famous. *That* should be interesting. :-) Cheers, RAH ------- --- begin forwarded text Delivered-To: clips@philodox.com Date: Sun, 13 Nov 2005 12:59:42 -0500 To: Philodox Clips List <clips@philodox.com> From: "R. A. Hettinga" <rah@shipwright.com> Subject: [Clips] Spies in the Server Closet Reply-To: rah@philodox.com Sender: clips-bounces@philodox.com <http://www.cio.com/archive/110105/tl_filesharing.html?action=print> NOVEMBER 1, 2005 | CIO MAGAZINE FILE SHARING Spies in the Server Closet BY MICHAEL JACKMAN The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video. Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology. Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, "you don't know it's there in the first place." All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. "The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down," says Cole. He advises that the best-and perhaps only-defense against darknets is a combination of network security best practices (such as firewalls, intrusion detection systems and intrusion prevention systems) and keeping intellectual property under lock and key. In addition, he says, companies should enact a security policy called "least privilege," which means users are given the least amount of access they need to do their jobs. "Usually if a darknet is set up it's because an individual has too much access," Cole says. -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen
One thing I've always wanted is a way to leverage "insider" information on possible large corporate takeovers via a darknet. Anyone know of a way I could buy stocks/futures/etc... purely anonymously? (And then, of course, cash in like a fuckin' bandit after Bigass Bank X buys Bank Y...) -TD
From: "R. A. Hettinga" <rah@shipwright.com> To: cryptography@metzdowd.com, cypherpunks@jfet.org Subject: [Clips] Spies in the Server Closet Date: Sun, 13 Nov 2005 13:37:27 -0500
If this most recent darknet-as-IP-bogeyman meme persists, Hollywood et al. is probably going to make Tim May famous.
*That* should be interesting.
:-)
Cheers, RAH ------- --- begin forwarded text
Delivered-To: clips@philodox.com Date: Sun, 13 Nov 2005 12:59:42 -0500 To: Philodox Clips List <clips@philodox.com> From: "R. A. Hettinga" <rah@shipwright.com> Subject: [Clips] Spies in the Server Closet Reply-To: rah@philodox.com Sender: clips-bounces@philodox.com
<http://www.cio.com/archive/110105/tl_filesharing.html?action=print>
NOVEMBER 1, 2005 | CIO MAGAZINE FILE SHARING Spies in the Server Closet BY MICHAEL JACKMAN
The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video.
Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology.
Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, "you don't know it's there in the first place."
All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. "The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down," says Cole.
He advises that the best-and perhaps only-defense against darknets is a combination of network security best practices (such as firewalls, intrusion detection systems and intrusion prevention systems) and keeping intellectual property under lock and key. In addition, he says, companies should enact a security policy called "least privilege," which means users are given the least amount of access they need to do their jobs. "Usually if a darknet is set up it's because an individual has too much access," Cole says.
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful!" --Alan Olsen
participants (2)
-
R. A. Hettinga -
Tyler Durden