A darknet is a covert, private computer network that's used for secure communications and, often, file sharing.
Darknets can be created using a variety of desktop software applications. Such programs, however, typically require a certain level of technical knowledge for proper configuration and use.
Billy Hoffman, manager of HP's Web security group, and Matt Wood, senior security researcher at HP, have developed a prototype browser-based darknet called Veiled as a proof-of-concept project.
They don't intend to release the software or make the source code available. Rather their aim is simply to show how capable the Web browser has become as an application platform and to discuss the technical challenges they had to overcome to make their prototype work.
Echoing Google's mantra of late, Wood says that browser-based applications are almost as capable as desktop applications.
"By putting it on the Web, we've lowered the barriers to participate in darknets," he said.
Architecturally, Wood describes Veiled as a hybrid model that's somewhere between the peer-to-peer model and client-server model. He says the system still relies on servers to negotiate communication, but the server acts mainly as a router. Veiled can merge servers together so that clients on different servers can communicate directly, he explains.
The browser-based clients can serve files and Web pages. And if a client leaves, files posted remain accessible to others on the darknet. Wood likens the model to that of Wikileaks.
Hoffman says that Veiled shouldn't be seen as a replacement for an anonymity tool like Tor. He says it would be irresponsible to suggest, for example, that Veiled could be used by political dissidents in Iran. "However, I do think that this is something that can aid where people are wanting to create communities quickly and take them down quickly," he said.
He describes Veiled as a tool for creating instant, online communities to serve a flash mob.
"You'd go to URL and that joins you to the darknet," said Wood. "When you close your browser, it's gone. There's no trace you're participating in this."
Wood said that business travelers face the risk of data seizure at border checkpoints all over the world and this technology, in conjunction with browser privacy modes like Chrome's Incognito, could be developed to prevent darknet sessions from being found.
Of course, one can easily come up with nefarious uses for Veiled, which may explain why HP has no interest in monetizing or patenting the technology.
InformationWeek Analytics and DarkReading.com have published an independent analysis of security outsourcing. Download the report here (registration required).
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.