Veiled: A Browser-based Darknet - Not for Porn, Says HP - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
7/29/2009
04:00 PM
Adam Ely
Adam Ely
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Veiled: A Browser-based Darknet - Not for Porn, Says HP

For those living in a box, Black Hat is currently underway in Las Vegas. The first talk of the day I attended was by Bill Hoffman and Matt Wood from HP's Security Labs. They discussed their browser-based darknet called Veiled. Billy is best known for his web security research while working for SPI Dynamics, acquired by HP, and authoring a book on AJAX security. Matt leads development on HP's Scwaler and SWFScan security tools.

For those living in a box, Black Hat is currently underway in Las Vegas. The first talk of the day I attended was by Bill Hoffman and Matt Wood from HP's Security Labs. They discussed their browser-based darknet called Veiled. Billy is best known for his web security research while working for SPI Dynamics, acquired by HP, and authoring a book on AJAX security. Matt leads development on HP's Scwaler and SWFScan security tools.The idea is fairly straightforward. "A World Wide Web built on top of the World Wide Web", says Hoffman while on stage. Encrypt and upload files to a "routers" that split and store the files across the browser based network. The idea is to provide a way to store files remotely inside the darknet in a secure and distributed manner. P2P meets PGP meets distributed storage - sorry no P acronym for that.

The first usage case that came to many minds is illegal porn. The authors are very clear that this is not for illegal porn. After watching the presentation though, it is obvious that if an implementation of this went mainstream it would be used for all kinds of illegal activities.

Online storage of files for later retrieval by the owner, recipient or a group of recipients are examples of legitimate usage. Since files are encrypted and split across multiple members of the darknet, the files are not under the single control of any one party and they are secure from access by anonymous parties.

This research came out of HP's Security Labs but HP will not release the technology to make this a reality. The researchers are free to discuss and present the technology, but not release this technology into the wild.

Follow my random thoughts of Black Hat on twitter @adamely.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
IBM Puts Red Hat OpenShift to Work on Sports Data at US Open
Joao-Pierre S. Ruth, Senior Writer,  8/30/2019
Slideshows
IT Careers: 10 Places to Look for Great Developers
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/4/2019
Commentary
Cloud 2.0: A New Era for Public Cloud
Crystal Bedell, Technology Writer,  9/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll