The Pirate Bay's Plans To Encrypt the 'Net

Keeper Of Keys writes "According to newteevee.com, The Pirate Bay, those fun- and freedom-loving Swedes, have embarked on a project to encrypt all internet traffic, probably by means of an OS-level wrapper around all network connections, which would fall back to an unencrypted connection when the other end is not similarly equipped. The move has been prompted by a recent change in Swedish law, allowing the authorities to snoop on network traffic. This will be a boon to filesharers and anyone else concerned about authorities and trade groups' recent moves towards 'policing' network traffic at the ISP level."

Re:But all decent pirating services...

[wstfgl]

Looks like they thought of that... FTFA:

NewTeeVee alumn Jackson West pointed out back in March that long-planned projects like The Video Bay, the music site PlayBle and a new and secure P2P protocol have yet to be launched

Admittedly "secure internet" would be more useful to file sharers than "secure P2P" (better plausible deniability); but if they've failed to even do the latter so far, I wouldn't hold out too much hope...

Not just about pirating

[Anonymous Coward]

For over 2 years I have been encrypting my internet connection using a roll-my-own solution. I trust my ISP implicitly - they are one of the few good guys left in the ISP arena. I don't trust my government.

The sad thing is I don't even have anything to hide. But I detest the idea that someone, somewhere, might be monitoring what I'm doing. I use an anonymous email service with PGP encryption, I do all my browsing over a VPN connection to a (cheap) VPS server in another country. For added protection I can then tunnel using SSH to another server in another country which then uses tor to make my final connection.

Security is cheap (the whole setup probably sets me back around $50/mo including my 8mbit dsl line), but it just requires the time, persistence and knowledge to set it up in the first place. If an end-to-end solution can be built-in to the OS AND we can be certain as can be there are no back doors, then this can only be a good thing.

For those who in the meantime who want to protect themselves but are not too sure where to begin, get yourself a cheap VPS (hundreds of providers out there), set up OpenVPN and off you go. You can even use SSH to tunnel a SOCKS connection for an easier option. I would suggest OpenVPN as a starting point though, as it makes it easier to expand later, e.g. tunneling an SSH connection to another server through the VPN, which can then connect to tor running on localhost on the second machine. Should your connection be intercepted at the ISP level (the most likely?) then they'll have a double-encrypted tunnel to deal with, and then probably an ssl-encrypted https stream inside that as well if you're careful about where you surf.

Anonymous Coward for obvious reasons ;)

Re:SSL over Tor with Pivroxy

[WingedHorse]

Won't work like that, I'm affraid.

When Finland started "Filtering the internet to protect the children" and among other sites filtered a website that criticized quality of the work that police was doing with the internet censoring it got difficult for me to get to that site by using TOR. Why? Because with so many tor servers in Finland it often took several extra reloads to get a server outside the borders of the censorship.

The last thing I want to do now is add more anonymous and uncontrolled hops, which could be to servers in countries that watch the traffic too closely or even ran by such governments. Every hop is an extra chance to MitM attack. Unless I first aquire the Public Key directly in which case anyone monitoring already knows what site I'll access to and makes TOR needless.

Or is there something I have missed?

Re:Pirating or not

[Hal_Porter]

Makes you wonder what the internet would look like if you had real privacy actually. Hope you like /b/

Re:SSL over Tor with Pivroxy

[Shadow-isoHunt]

You cannot trust the exit node in tor, it's still plain text most of the time and you're vulnerable to MITM attacks. If you look at your traffic on tor you'll find lots of sneaky shit going on like ad replacement, swapped out cookies, and there's certainly more curious people out their watching the node traffic out of curiosity with wireshark/driftnet/snort than just me. Mind you I behave and I'm simply curious, where as most of the nodes out there will attempt to profit in some way from your ignorance that gets perpetuated repeatedly throughout the internet.

Not to be a dick, just sayin'.

Re:But all decent pirating services...

[CrazedWalrus]

I don't know how this would work specifically (didn't bother to RTFA), but it seems to me that the current model of connecting to application ports is broken from a privacy perspective.

The solution is a hopefully cheaper version of setting up a vpn tunnel and using THAT to connect to the application port. That way all traffic appears to be going to the same port, regardless of service. Because it's encrypted, no DPI can be applied.

Of course, I could just go to that site's web site and see what they advertise, assuming that most people are going there for that purpose. If I'm sniffing the user's connection at their ISP, I could also see if they're connecting to 10-20 other user sites simultaneously, which would look a lot like bittorrent.

The advantage to using end-to-end encryption by default would be plausible deniability. If the site carries both legal and illegal content, then it would be difficult to prove that the user was downloading one or the other by simply inspecting their traffic patterns. Because encryption is used by default, the argument of "Why encrypt if you have nothing to hide" goes out the window.

I hope this made sense. I'm still waiting for the coffee to perk. :-)

Re:SSL over Tor with Pivroxy

[jetxee]

SSL over Tor with Pivroxy What more do we need?

More exit nodes in the Tor network controlled by the governments and malicious parties (directly or indirectly with hidden remote administration tools). And then all we, Tor users, are screwed. The last hop is unencrypted and usually contains some information which helps to identify the user.

SSL

[Idimmu Xul]

Surely what they're proposing is basically SSL, everywhere, if a handshake shows that they support it?

Re:Speaking of unfinished projects

[Anonymous Coward]

Possibly, or it may have been a testament as to who people would rather give money to - the Piratebay or the RIAA.

Solved problem!

[Anonymous Coward]

Better yet, they could find use for an existing proposal, complete with code: OTCP [google.com]. It transparently encrypts TCP sessions in a way that would defeat Comcast's (and China's) eavesdropping/RST forging; if they wanted to defeat OTCP, they'd have to intercept and rewrite all SYN packets, which is a lot more burdensome. It can't guarantee perfect security, but perfect security is mutually exclusive with providing full backwards compatibility with the existing Internet.

FAQ:

Q: Can't this be broken by man-in-the-middle attacks?

Yes. However, note that this would require interception of traffic which is much more costly than sniffers in parallel and legally more troublesome for the attacker. Additionally, userland crypto protocols could be extended to include the shared secret in their certified handshakes, thus giving them MITM-proof security which includes the TCP layer.

Q: Doesn't this break NATs?

NATs rewrite the IP addresses and port numbers in the packets, which we don't include in our MAC protection, so everything should work. If the NAT happens to rebuild the whole packet, the OTCP offer in the SYN packet will be removed. In this case we loose OTCP but, most importantly, we don't break any users.

NATs which monitor the application level and try to rewrite IP address in there will be broken by this. However, the number of protocols which do this is small and clients may be configured by default not to offer OTCP when the destination port number matches one of these protocols (IRC and FTP spring to mind). This is a hack, but the downside to users of OTCP must be as small as possible.

Q: So can't I break this by filtering the offer from the SYN packet?

Yes. Application level protocols could be extended to sense this downgrade attack and stop working, but mostly see the points above: it's much more expensive to do this since it needs to be done in the router and it's legally more troublesome for the attackers.

Q: Won't this take too much time?

It's additional CPU load, certainly. The Crypto++ and OpenSSL benchmarks suggest that a full core should be able to handle this at 1 Gbps. Most servers don't see anything like that traffic. Maybe more concerning is the DDoS possibility of using ObsTCP to add additional load via a SYN flood. Since we're using curve25519, no computation is needed to answer a SYN. The shared key computation only occurs when the handshake completes and an optimised curve25519 can do that in about 250us (2.33GHz Core2)

Q: What about my high-performance network?

Obviously this makes no sense for "inside the datacenter" and other, high-performance networking environments. ObsTCP is disabled by default for destinations in the private IP address ranges and root can disable is for any CIDR range.

Q: But then I'm wasting CPU time and packet space whenever I'm running SSH or HTTPS

Right. Userland can turn off OTCP using a sockopt if it wishes, or it could just not enable itself for the default destination ports which these protocols use. (Again, that would be an ugly intrusion of default port numbers into the kernel, but this idea wasn't that beautiful to begin with.)

Re:But all decent pirating services...

[CastrTroy]

I think something like Tor would be useful also. Because even if your communications are encrypted, they can tell a lot about you just by the people you are communicating with, even if they don't know what you are saying. Also, things like bittorrent encryption are only good for getting past your ISPs traffic handling services, and do nothing to disguise your identity from other people connected to the same swarm. Another possibility, since Tor is so horribly slow, would be to have encrypted communication of non-sense information between you and a bunch of random parties. That way they wouldn't be able to tell who you were really communicating with, and who you were just sending random garbage to.

Re:Watt?!

[Woy]

That sounds good but its just not true. I run on encrypted root and home and there is no noticeable performance difference, even in big file copies. Network encryption is very very little work for the cpu.

Re:Not just about pirating

[Atti K.]

Let's suppose I host VPSs on some big iron. While each of my VPS customers has root on their own VPS, I have root on the VPS host. Can I easily snoop on their network traffic, their files on the VPS, etc?

Yes.

Now let's suppose my customer rents the whole big iron as it is, they do whatever they want on it. They have root on it, I don't. Can I snoop on their network traffic? Yes I can, though it's not that trivial like with the VPS. Can I take a look at their files? I could, but not that easily. I guess they would notice.

I'm just saying that a remote VPS (or virtual machine or whatever) is just less secure than a remote server on plain hardware.

Re:SSL over Tor with Pivroxy

[Anonymous Coward]

It isn't SSL between nodes. It is SSL between you and your destination. SSL is an application layer protocol so it does not affect IP traffic (the message is encrypted, not the IP headers). If you are worried about the exit node you can access sites on the onion ring itself and bypass that problem. And if you want to access a site off of the onion ring, with SSL you are no worse than any other method. If the onion network grows as large as the P2P networks (which is a logical extension), then the governments/corporations won't be able to keep up tapping exit nodes.

Re:Clean up your act first, encrypt later.

[justleavealonemmmkay]

I'll use the Larry Flynt defense here: by protecting pirates' (and for all it matters terrorists' and pedophiles') right to use crypto, you de facto protect yours.

Re:But all decent pirating services...

[Anonymous Coward]

Honestly, the best possible route is not this hack upon TCP or UDP (did you read the part about how it opens and closes connections while doing the handshake?), but rather an opt-in private network like anonet [anonet.org].

What about Anonet?

[Anonymous Coward]

There's a project called Anonet [anonet.org] that has developed a similar wrapper infrastructure.

Anonet [anonet.org] is a "virtual Internet" that utilizes OpenVPN [openvpn.org] and Quagga [quagga.net] to provide a layer of anonymity and deniability on top of the Internet. It uses a chaotic yet cooperative routing scheme which allows any one to use any IP address while still maintaining their existing Internet connection.

It has everything on it that the Internet does: torrent trackers, web servers, FTP servers, DNS infrastructure, PGP keyservers, IM, IRC, streaming audio, game severs, etc. All Internet-aware applications should work fine as Anonet [anonet.org] is simply an addition to your operating system's routing table.

Re:But all decent pirating services...

[Craig Ringer]

The FreeS/WAN guys were working on transparent IPSec negotiation for just this reason. It prevents many types of traffic analysis, spoofing, packet injection, etc just as you want.

They've given up because nobody cared :S

Re:But all decent pirating services...

[xalorous]

TOR is not robust enough to handle P2P traffic. PLUS IT DOES NOT HIDE THE DATA YOU ARE TRANSFERRING. This plan by TPB is designed to encrypt the traffic. A separate TOR-like plan would be required to anonymize source/destination IP's. Or a third option that does both.

TOR was designed to help people remain anonymous and communicate safely on the web. Misusing it for illegal purposes will cause TOR to become unavailable for its original purpose, which will be sad.

Re:Man in the Middle

[socsoc]

While only Peter Griffin knows the true size of Rhode Island, we have gov installations that are close... White Sands [wikipedia.org], Cheyenne Mountain [wikipedia.org] and MGAGCC [wikipedia.org] come to mind. Although, they hide all of their datacenters in an underground lair.

You all are forgetting

[iminplaya]

You are still dependent on BIGCO's wire for your internet access. If the ISP wants to spy on you and they can't read the packets, they will simply drop them. What are you going to do about that? Switching ISPs is not an option when they all engage in the same behavior. So, c'mon, cough it up. What's your solution now?

Why encrypt?

[slughead]

Why encrypt pirate traffic?

AFAIK, they "get you" by joining the network as a peer and then writing down all the IPs that send them pieces of the torrent.

I don't think they do it by monitoring network traffic--that would be a pain in the butt.

It's not hard to gain access to many of these networks, and their real goal is just to slow piracy (stopping it is a little far out). All they really need to do to slow it is start suing users and the rest will run scared, like they did with Kazaa et al. Real pirates will go underground, for sure, but they wont have as much of an impact on sales as say, Napster.

Re:What... wait... IPsec, is that you?

[MikeBabcock]

OpenSwan also supports doing encryption with peers based on certificates. Assuming we geeks agreed on a set of certificate authorities, we could have our opportunistic encryption.

See my thoughts [slashdot.org] from earlier.

Re:Why encrypt?

[joleran]

Because the serious pirating networks are very much personal-friend invite-only. The only way to break a group like that, other than from the inside by a betrayal, is if they didn't use encryption. The stream of information goes from crack group, FXP to scene release, ultra-private trackers (as above), private trackers (invite only, more lax on how they let users invite), semi-private (registration required), and public.

Re:But all decent pirating services...

[PigleT]

That way all traffic appears to be going to the same port, regardless of service. Because it's encrypted, no DPI can be applied.

Maybe not but your local friendly government of choice could legislate something like the RIP Act and demand keys to the traffic on that one port.

A sensible solution would be to promote the spread of IPv6 which I gather has scope for IPSEC built into the specs.

Re:Why encrypt?

[nexuspal]

There are other routes as well, such as crack group-->FXP to scene release-->Other Routes...

Re:But all decent pirating services...

[zix619]

http://www.tfr.org/wiki/index.php?title=Technical_Proposal_(IPETEE) [tfr.org] explains the protocol. Mainly, it does Diffie-Hellman to establish a session key and then encrypts everything. If the peer doesn't accept DH then it switches back to clear text. Simlpe but doesn't provide any peer authentication.

Re:But all decent pirating services...

[vsync64]

Clearly the answer is to set up a honeypot. Create a torrent with a plausible filesize and a tempting filename, like a popular movie or whatever. Then make a giant and entirely false list of peers, preferably including IP addresses from government, educational institutions, and lawyers' home computers. Let the *AAs do their lazy work and send notices to everyone. Sit back and laugh at the blowback to them for their false complaint.

Internet 1.0

[Baseclass]

I use Tor occasionally for political rhetoric because I don't want to be seen as a dissident and end up on some government watchlist. There are also anonymous proxy servers which are often backdoored and darknets such as Freenet that seem to be fairly secure but slower than molasses.
 
I wouldn't mind seeing another player on the scene with some fresh ideas and maybe even mainstream support.
 
I've been using the internet for 2 decades and I've watched it morph from the geek sector to explosive innovation (my favorite period) to the current commercial state. Big business largely controls the content now.
Although I'm certainly glad I can bank and do business on the internet, I think something like this could help us bring the power back. I for one don't trust the government or their corporate bedfellows.