Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Transparent Secuity for Personal Internet Traffic

By dormando in News
Fri May 05, 2000 at 08:03:52 PM EST
Tags: Internet (all tags)
Internet

VPN: Virtual Private Network. VPNs are traditionally created by linking remote networks over the internet through an encrypted tunnel, or for tacking individual client machines onto the side of a remote network. They achieve security comparable to or better than a physically secured WAN at a fraction of the cost, and can often take advantage of commodity hardware and software. A currently unexplored application of VPN technology is gluing multiple distant machines together -- suddenly, there is no private network but the virtual one. People have done it casually from time to time, but few people have bothered to ask what such a network is really useful for...


The Internet of today isn't any less private a place than it was at its inception. Now, however, we have greater cause to be paranoid. The Real World and the Internet are beginning to intersect. For the same reason that houses have walls and doors have locks, we've been forced to start thinking about how to defend our own privacy (and indirectly, sometimes our property and even our lives) online.

Until end-to-end encrypted network connections become the norm, it is prudent to create virtual networks where smaller groups of people can congregate and communicate with each other. Normally unencrypted services offered by users on the same micro-Internet (e.g. POP mail) can be accessed relatively securely without requiring specially compiled crypto-enabled clients and servers.

A micro-net can provide a mutually-trusted nexus which people can use to contact each other and communicate. Even over a hypothetical network where traffic is encrypted end-to-end, intermediate nodes, either individually or collectively, still have to have the sources and destinations of the encrypted information availible to them.

In a micro-net, this information is theoretically availible only to the micro-net administrator, and this administrator will be someone whom everyone on micro-net has chosen to trust. It's the little bar where everyone knows your name, virtually.

Rydia.net's VN project is an effort to experiment with approaches for constructing useful micro-nets. We're certainly not the first, nor the only people doing this. We are, however, the ones pursuing it now, with off-the-shelf Free Software. This is an open invitiation to drop by and help with the beta; we need all the people we can get to put this idea (and our implementation of it) through its paces. More information can be found at the website: http://vn.rydia.net

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o http://vn. rydia.net
o Also by dormando


Display: Sort:
Transparent Secuity for Personal Internet Traffic | 34 comments (34 topical, editorial, 0 hidden)
Securing everyday use in a very sim... (none / 0) (#10)
by BPrice on Fri May 05, 2000 at 02:24:26 PM EST

BPrice voted 1 on this story.

Securing everyday use in a very simple fashion sounds like a Very Good Thing to me.

This looks familiar somehow. ... (none / 0) (#3)
by marlowe on Fri May 05, 2000 at 02:27:30 PM EST

marlowe voted 0 on this story.

This looks familiar somehow.
-- The Americans are the Jews of the 21st century. Only we won't go as quietly to the gas chambers. --

Is this really the place for recrui... (none / 0) (#8)
by leshert on Fri May 05, 2000 at 02:40:21 PM EST

leshert voted -1 on this story.

Is this really the place for recruiting ads and sales pitches?

rock on!!! this is an awesome idea... (none / 0) (#7)
by thelaw on Fri May 05, 2000 at 03:04:07 PM EST

thelaw voted 1 on this story.

rock on!!! this is an awesome idea... count me in.

Seems like a new inventive idea ... (none / 0) (#12)
by Gaidon on Fri May 05, 2000 at 03:16:25 PM EST

Gaidon voted 1 on this story.

Seems like a new inventive idea that ought to be explored.

Fun!... (none / 0) (#11)
by terra on Fri May 05, 2000 at 03:25:24 PM EST

terra voted 1 on this story.

Fun!

This was submitted previously and I... (none / 0) (#2)
by evro on Fri May 05, 2000 at 03:26:04 PM EST

evro voted 1 on this story.

This was submitted previously and I modded it down because I had no idea what a VPN was. Thanks for the explanation!
---
"Asking me who to follow -- don't ask me, I don't know!"

This is an ad. It may be an ad for ... (none / 0) (#4)
by pvg on Fri May 05, 2000 at 03:35:46 PM EST

pvg voted -1 on this story.

This is an ad. It may be an ad for a perfectly fine product but it's an ad and the writeup does not really offer any insight as to what this particular software or service does that is different from what can easily be accomplished by a group of users and existing free VPN software. It also seems that the service provider can access some of the information passed through the users VPN (feel free to correct me if this is inaccurate) so it introduces another 'trusted party' into the mix.

Trusted users, ads, and whatnot. (none / 0) (#16)
by dormando on Fri May 05, 2000 at 08:13:26 PM EST

This is not an ad. It is an article. Deity forbid that we mention a working implementation that the people who created the theory managed to make.

The article does mention what can be done. So does the webpage we told you to go to.

Note the FUD. Instead of having to trust the 18 routers between you and your best buddy in south dakota you get to trust one person. One person under contract. How horrible.


[ Parent ]
Re: Trusted users, ads, and whatnot. (none / 0) (#25)
by pvg on Sat May 06, 2000 at 03:47:34 AM EST

Yes it's an ad, no it's an article, is not, is too, is not... I think you're going to have a hard time convincing me of your point of view by simply insisting it's an article. Since you say 'we' I'm assuming you are associated with this project - some of your own coworkers seem to agree that the posting was distinctly ad-like.

The article barely mentions what can be done that's different from what can be done already. I don't know what 'theory' or 'people who created it' you are referring to. From what I understand, neither the encryption technology nor the tunneling software is something your project came up with (and you could actually make a good argument that this is desirable)- you are providing a service built with existing software. It's an interesting service and reducing the number of trusted parties is somewhat helpful. Since one of the trusted parties is your service, it seems reasonable to expect more detail as to why a user should give you that trust. One seems to be convenience. What else? Are there plans for further development that will reduce your 'trust involvement'? What guarantees are provided now? Are they legally enforcable? As you are a trusted party, what steps do you take to ensure the security of your router? I think a discussion these issues would have been appropriate for the posting.

A final (if rather obvious) point - getting stroppy with a potential customer (i.e. everyone you interact with) in a public forum is bad business especially if credibility is central to your business model. You may disagree with what I say but you do your company a disservice by responding somewhat non-constructively. Even if you think I've spewed forth nothing but idiotic flamage, do you think a gruff 'we told you to go to a website' is a good thing to be seen as representative of your venture?



[ Parent ]

pretty much (5.00 / 1) (#18)
by MenTaLguY on Fri May 05, 2000 at 10:27:26 PM EST

[ note: I'm one of the co-authors of the piece ]
Sorry about the tone; in retrospect, we could have spent more time in analysis (our original draft was even more depressingly ad-like). As it was, the article was kind of rushed because the original piece posted by teferi wasn't really that helpful (he's a good guy, though), and we figured we should try and do a better job of explaining ourselves.
As far as this being done with a group of users using existing VPN software, that's _exactly_ how it started with us, and basically what it still is (we're using vtun; look it up on freshmeat). It's nothing earth-shattering, it's just something that nobody's doing much of, but it's something which I think needs to be leveraged in this day and age. I feel like we (rydia) may as well be among the ones pushing it.
Maybe I should try to better explain _why_ I see this as an important thing: basically, I see it as the first step in wide-scale adoption of encryption over the internet.
The problem right now is that end-to-end encryption is there (e.g. SSL), but isn't automatically supported by most off-the-shelf software (need SSL-enabled builds, etc).
There's also the problem of group communication software, either client-to-client, or server-to-server. At the least, N-to-N key exchange can be a bitch, and you generally end up being forced to have some sort of trusted intermediate party at least for the purposes of key exchange. Most well-established systems (e.g. IRC, ICQ, or Jabber) aren't really set up to do encryption (or in many cases real authentication) either (although Jabber certainly allows for it). Not that it can't be done, but it really hasn't yet.
And yes, if you're stuck with an otherwise unencrypted protocol, the router admin in a micronet like this can sniff you, but a micronet like the Rydia VN still reduces the "chain of trust" to one person: the VPN router admin, rather than every admin along the route. If you're running an encrypted protocol over the micronet, you still gain the advantage that only the router admin, of all the people in between, knows who's connecting with whom... and you probably know the router admin a lot better than the rest of them. i.e. he's more personally accountable to you
Anyway, encrypted communication among a group of people with today's standard technologies, clients, and protocols is pretty much why we (rydia) are doing this. It's a pragmatic, rather than an ideal, solution, but it solves the problems pretty well. I just want to see the adoption of this kind of thing encouraged, because it'll put us well on the path to a much more secure (encrypted) Internet.
Getting back to the "service", the only thing is that we're on a fractional T1, and most likely eventually a T3 doing this (most likely creating multiple micronets). If someone wants to do this gratis for 20 users off a cable modem ... hey, it's not like we're patenting it :P
Now, the reason this article and the original article were posted is that we're looking for beta testers. To really shake this thing out, we probably need about 25, and we're not there yet. [ yes, any software we do for this will be GPLed ]
...ceterum censeo delendam esse X11.
[ Parent ]
Re: pretty much (none / 0) (#24)
by pvg on Sat May 06, 2000 at 03:11:33 AM EST

Thanks for the response. To clarify (mostly for the second responder) I have no problem whatsoever with commercial services or commercial software. Furthermore, building commercial services on free software and continuing to release improvements as free software is a developing business model which is worth discussing - I personally support it (my own company is moving in this direction) and I'd like to see it succeed.

As you point out, it would have been better if the post had the level of detail of your reply. I also think you should have directly stressed the fact that you are looking for beta testers and that the software used for the commercial service will be GPL'ed. This is a fairly technical forum so there really isn't any need for a 'hook' - describe you work and ask for the testing help you need.

In any event, I don't mean to harp on about this endlessly - I realize that time constraints affected the quality of the original post and I appreciate the detailed explanation.

I wonder if you're considering extending the capabilities of the service to provide communication where the service itself cannot decrypt the content - i.e. the provider can still do traffic analysis but can't directly eavesdrop. I think the hardest thing to sell about the service as it is now is not the technology or the usefulness but the trust - what is it about your organisation that makes a user entrust you with data that s/he wants encrypted in the first place. I'd be interested to hear your thoughts and plans.

[ Parent ]

Re: pretty much (none / 0) (#33)
by dormando on Sat May 06, 2000 at 10:29:19 AM EST

I'm sorry for my previous and brusque response. Huzzah.

I cannot remember if this was stated elsewhere, but we plan on continueing to improve the software through the beta and after the beta. The data itself will probably be made to be unencryptable, but we have to know where the source is from. Giving that responsibility to random users defeats half of our purpose.

I am not sure what would make people want to trust us. Perhaps telling a sad story by the admin about how he was crushed and could continually be crushed due to the lack of a convenience and generally, ignorance of security. Perhaps we can write up a really nice liscense which stops us legally from doing anything. Or perhaps I can spend all of my waking hours, and then some, trying to secure MYSELF out of the router, somehow feeding in new users and suspending new users without the ability to touch the software. The binaries and sources of which should be publicly available (the ones installed on the machine, not the ones we used it from). You really should help us realize that you're no longer trusting everyone and their grandmother between you and your destination. This goes with downloading any software. We want to mirror software internally, give you encrypted file storage, give you access to secured services, and help you with whatever you need to be secured and have a more private life.



[ Parent ]
This is interesting... (none / 0) (#9)
by jhillyerd on Fri May 05, 2000 at 03:41:14 PM EST

jhillyerd voted 1 on this story.

This is interesting

This was already posted... (none / 0) (#1)
by bmetzler on Fri May 05, 2000 at 04:03:24 PM EST

bmetzler voted -1 on this story.

This was already posted
www.bmetzler.org - it's not just a personal weblog, it's so much more.

Re: This was already posted... (none / 0) (#15)
by dormando on Fri May 05, 2000 at 08:11:10 PM EST

One of the beta testers mentioned to me that he had made a post about it here. A lot of the comments requested a writeup to be made.

I thank the other VN.Rydia members who helped make the article.




[ Parent ]
+1 for the VPN stuff in the write-u... (none / 0) (#6)
by Rasputin on Fri May 05, 2000 at 04:42:13 PM EST

Rasputin voted 1 on this story.

+1 for the VPN stuff in the write-up, -0.5 for turning into a project advertisement, round up. In general, VPN's are a good idea, although we've only just begun to examine the possibilities.
Even if you win the rat race, you're still a rat.

Interesting, but it looks like an a... (none / 0) (#5)
by dave0 on Fri May 05, 2000 at 04:45:02 PM EST

dave0 voted 0 on this story.

Interesting, but it looks like an advertisement to me...

As a Rydia.net member, I see the ex... (none / 0) (#13)
by Shinigami on Fri May 05, 2000 at 07:36:24 PM EST

Shinigami voted 1 on this story.

As a Rydia.net member, I see the existence of such a network on Rydia more than appealing, and would love similar things for other groups of users I belong to. The only problem I have at this time is lack of a secure way to connect from a Windows or BeOS machine. I plan to get Linux up and running eventually, but I don't feel like going out and grabbing a new HD or formatting this one. If software for all/most platforms becomes available, I see this as a great new path for vitual communities.

I really think that people could be... (none / 0) (#14)
by CheeseBro on Fri May 05, 2000 at 08:03:52 PM EST

CheeseBro voted 1 on this story.

I really think that people could be helped by this getting posted and other people reading it. You would be crazy not to try and help people out.

Re: Transparent Secuity for Personal Internet Traf (none / 0) (#17)
by fvw on Fri May 05, 2000 at 10:25:47 PM EST

Hmmm, personally I'd be for a no ads rule on kuro5shin....

Their model (none / 0) (#19)
by named on Fri May 05, 2000 at 10:33:15 PM EST

On the surface, this looked like a really cool experiment. The possibility for a (semi)private network layered on top of the public internet is something that I've been thinking about for some time, but have never tried in any large way to do it. I'm fascinated by the possibilities for a network structured something like the pgp web of trust, or a model for opportunisitic end-to-end encryption such as the freeswan project is working toward.

And that's where I think this offering (and make no mistake, it will be an offering for a commercial sercive once the beta phase is over) falls down: there is a single point of failure, whether the failure be one of availability, or of privacy. As far as I can tell, the encrypted tunnels all terminate at a single router. This does simplify things; one must only decide whether or not to trust the service provider. One downside is that the provider is exactly that -- a provider -- and if this service (or something similar) ever became popular, there is no doubt in my mind that the provider would be required to provide wiretap capabilities to various organisations if requested to.

Their service is based on a PPP connection which is tunneled using VTun. Cool. Simple, easy, and portable. All good things. This will easily provide sniffing protection for the members of this VPN. What it will not provide is security for the members, and may even provide the illusion of security, which is far worse than no security at all.

Users of this service must be clear on what they are signing up for. They will get the capability to route encrypted traffic traffic originating from their machine or LAN to another subscriber of this service. This does not ensure the privacy of said traffic. Either of the 3 places that the data being transmitted exists in unencrypted form (the two endpoints, and the router in the middle) could be compromised. This problem does not exist for this product alone, it exists for any service like this, whether the network be virtually private, physically private, and no matter what protocol is used (eg. PPTP, IPSec).

I have not explored the (imho) more interesting part of this story, most notably the social implicatoins implied by having many private groups of peole forming on the internet, nor have I touched on the possible services that could be implemented on top of a scheme where ther is some trust involved. It would take me hours to write my thoughts on that, and I don't really want to write an essay here, and I'm sure you don't want to read one. :)

(sorry about the rambling, looslely organized post, but I don't have time to tidy it up)
(for the record, I designed something like this for my company recently, but based on IPSec instead)

Re: Their model (none / 0) (#20)
by dormando on Fri May 05, 2000 at 10:53:12 PM EST

You do bring up some very good points. However, I believe most to all of this has been brought up in private discussion so far.

Yes, things do tunnel to a single router, and that router can see everything. I really wish there is a liscense that the users and the sysadmins can agree to which says your traffic will not be snooped, and if it is, you can freely jump on us legally.

Otherwise, I have no clue how to fit the said snooping software on the floppy disk containing the network drivers, VTun, PPP, and a wee bit of space for a large configuration file and minor error logging. If you come up with a method, or a small enough program, send me an e-mail. We'll talk back business.

I believe I put a warning about users on the VN still being on an open network, in fact, it is in the FAQ under the Help section of my site. Perhaps I should make that more apparent, however.

We could work with what we have to make it more secure. Perhaps a built-in firewall which gets turned on when you log in. Perhaps we can work with the creator of VTun to use a stronger model for encryption.

It is very difficult to cut off the ability to abuse the VN, but being the way it is, it is more easy to cut off an abusive user.

I'm not saying these are steady things to work with, or that we are indeed completely secure. But we are trying. We want to make this more wise-spread. We need some beta testers so we can figure this stuff out and plug as many holes as possible.

If bandwidth, housing, and food were free; this would be a free service.



[ Parent ]
Re: Their model (none / 0) (#22)
by named on Sat May 06, 2000 at 01:22:00 AM EST

Let me respond to your last point first. I'm sorry if I implied that people shouldn't use the service because you are going to charge for it, that's not what I meant. My bias was showing, though. I find it very hard to trust companies. *shrug* That's just me though.

I'm glad you've discussed all of my points previously. None of what I said was anything that hasn't been said many times before, in other places. I have some experience in this area, and thought it would be nice to share that knowledge.

I will say that I think that you have a good idea. I generally like anything that promotes privacy. I just wanted to make sure that people understood what you are offering, and to possibly address the notion that encryption is the solution to every evil. Perhaps I underestimated the knowledge the readership here.

As to securing the system, not a whole lot can be done to address the potential weaknesses I talked about. It's (as you well know, I'm sure) a matter of getting users to practise secure computing... a near impossible task ;)

[ Parent ]

well... (none / 0) (#21)
by MenTaLguY on Fri May 05, 2000 at 11:44:27 PM EST

I will note that users are still placing less trust in one person, than they would be placing in their own and their friend's ISPs (collectively) if the users weren't both on a micronet together. If you feel inclined to cut the middleman (router admin) out of the chain of trust by running an encrypted protocol over the micronet, you're certainly free to do so, too.
...ceterum censeo delendam esse X11.
[ Parent ]
Re: Transparent Secuity for Personal Internet Traf (none / 0) (#23)
by Inoshiro on Sat May 06, 2000 at 02:47:54 AM EST

"A currently unexplored application of VPN technology is gluing multiple distant machines together -- suddenly, there is no private network but the virtual one"

I think this is the funniest statement I have read today. "An unexplored application of bread heating technology is heating bread -- suddenly the bread is warmer" :-) Perhaps this needed a bit more peer review from the editors@kuro5hin.org, or a better qualification statement..



--
[ イノシロ ]
Re: Transparent Secuity for Personal Internet Traf (none / 0) (#29)
by dormando on Sat May 06, 2000 at 10:01:26 AM EST

Glueing multiple machines together. Normal VPN: Glueing networks together or tagging machines onto a network. VN: Creating a network out of thin air.

[ Parent ]
Re: Transparent Secuity for Personal Internet Traf (5.00 / 2) (#26)
by Anonymous Hero on Sat May 06, 2000 at 05:27:42 AM EST

Have you people not heard of IPsec? That uses encryption at the network layer. Several operating systems have supposedly built-in support for it right now - Windows 2000, AIX, Linux (FreeSWAN) and FreeBSD (Kame), although I hear that Kame is fairly buggy. If you want to hide it from the users, then they can have a bump-in-the-wire solution ("just plug this into your PC, and you can be sure that no-one will be reading your e-mail again"). It has had peer review, and been designed by experts across the world. It uses IKE negotiation - a well-known protocol. You can configure it so that traffic leaving your company's local network is encrypted from that gateway to it's other gateway on the other side of the world. The protocol is open. There is already an open source solution. I could set it all up now if I wanted (actually, I already have). So tell me, why should I adopt your project? It almost sounds like a death march open source project.

Re: Transparent Secuity for Personal Internet Traf (none / 0) (#30)
by dormando on Sat May 06, 2000 at 10:05:22 AM EST

We did seriously consider IPSec. However, it is more difficult to set up and distribute, we might move in that direction in the future. IPSec is the same thing this is doing, just a different protocol - you defined VPN in your reply. "You can configure it so that traffic leaving your company's local network is encrypted from that gateway to it's other gateway on the other side of the world." IPSec is not the only thing which does that. These are almost as secure, IPSec does key-rotation currently, where VTun does not. That can either be fixed by writing it into VTun or booting your connection once a day. Again, tacking two networks together is what this is traditionally used for, this is not tradition with VPN.

[ Parent ]
Better, cheaper security through disintermediation (none / 0) (#27)
by pvg on Sat May 06, 2000 at 05:31:34 AM EST

Suppose one took the software rydia releases and bundled it in a package that contains both the client and serverside components. An additional wrapper is provided which allows hosts to negotiate which one acts as router (all users have the combined client/server package). This can be done either through user interaction or by attempting to automatically determine the user with optimal bandwidth and latency. After one of the participants becomes the router, the clients are autoconfigured to talk to it - the users are now on a VPN. This has a number of interesting advantages:
- It can be made as convenient as the rydia.net
- It's more secure (no trusted third party needed)
- It's free

I assume the rydia people have considered this scenario. What additional value does the rydia service provide to attract paying users if their software were extended as described above? It seems likely that it would be.

Re: Better, cheaper security through disintermedia (none / 0) (#31)
by dormando on Sat May 06, 2000 at 10:09:38 AM EST

We might even release such software in the future. VN.Rydia hopes to help improve VPN solutions by making things simpler and as secure as possible on any end. We are also looking into making a windows client. This includes re-writing most of the underlying networking crap windows sits on - all because PPTP is insecure. If we were out to just make money, we would have slapped up an NT server and marketed the same thing over PPTP. As we (try) to state everywhere, nothing is going to stop you from creating your own little VN with your buddies over a cable modem. There is still need for a trusted host, the one with the most bandwidth still does the routing. That one knows the sources of all of the connections, and can possibly snoop. You're placing your trust in a friend, other than a paranoid sysadmin who decided to market something he was going to do anyway.

[ Parent ]
Forgot to note... (none / 0) (#32)
by dormando on Sat May 06, 2000 at 10:20:57 AM EST

What do we offer? Probably better support.

Also, if you are going to trust one router, you might as well trust another machine that we run for services. Trusted services which internal users can use to communicate with each other or just play with.

We are currently looking into a way to cryptographically store user files on one of our servers. We _want_ it to be encrypted on the machine and during transaction. We have no intention of drooling at the kiddie porn you decide to hide from the officials. Or turn you in for it.

We hope that running a services machine, and hopefully having enough bandwidth to support a large VN or multiple micro-nets will be what attracts people to our service.

[ Parent ]
Re: Transparent Secuity for Personal Internet Traf (none / 0) (#28)
by Anonymous Hero on Sat May 06, 2000 at 08:02:02 AM EST

"Mistrust authority, promote de-centralization"

Guess where it's from :-)

Re: Transparent Secuity for Personal Internet Traf (none / 0) (#34)
by benton on Mon May 08, 2000 at 01:44:53 PM EST

I ork at $CABLEMODEMISP and not too long ago, we were acting as ISP for doing distributed VPN for several large companies. It was a great boon for the companies, because their little drones got to stay at home with their laptops and be happy, and we were happy to take their money for awhile... It turned to be too much of a pain doing the upkeep for them, so we severed the contracts.

Also, I've been thinking of doing something like that with my domain as soon as I get my act together.

-- benton -- bentonsmith@mediaone.net
Transparent Secuity for Personal Internet Traffic | 34 comments (34 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!