/tech/ - Technology★

>>808376 (OP)

> home-brewed darknets just for friends and family?

sounds like you want to create subnets that communicate via VPN tunnels. look into openvpn

>close-sourced

you'll have a CIAnigger within one day pushing backdoors

>secret encryption algorithms

you're not building a new encryption. Blowfish, pgp, and others havn't been cracked in over 20 years, no reason not to use them.

Sounds like you want to chain multiple subnets together that use VPN tunnels. Trouble is, once one part of that gets compromised the whole subnet is compromised, then anyone who connects to that. At least with tor there's a possibility the secret service you connect to isn't tied to one that is compromised, assuming it isn't compromised itself.

>>808376 (OP)

>national socialism is the most efficient system of government ever devised by man

I agree Spock.

If you want a semi-secret darknet for your friends and family then set up TOR servers running GNUnet and IPFS. That way you can just point the tor servers to eachother as bridges while ignoring the main tor servers. Use obfs4 as a tactic to make all the traffic look like https. With gnunet you can set up webpages. With IPFS you can do filesharing.

>closed source, secret encryption algorithms

Don't. That will get you targeted faster then a kike looking for goyim to scam of shekels. Like you could make your own software, and maybe even your own encryption algorithms. But it would be easier to just use existing software because you might as well re-write everything in ada or rust at that point.

Also fuck off if you are a pedoshit.

>>808385

>you'll have a CIAnigger within one day pushing backdoors

>>808419

>That will get you targeted faster then a kike looking for goyim to scam of shekels

What if I shared it via sneakernet and never spoke of it on the open Internet? Would the nature of the traffic itself somehow draw attention?

>>808431

>Would the nature of the traffic itself somehow draw attention?

Exactly. That's why I recomended what I did with TOR + GNUnet + IPFS. Because tor bridges can use OBFS to make all traffic between you and your friends servers look like https traffic to ISP's. Just make sure to disable all tor servers but your friends and to set TOR to bridge mode pointed towards your friends.

Technically your could replace GNUnet with whatever software you wanted to for encrypting traffic beneath the TOR layer. Like your own custom software + encryption scheme or even a ssh tunnel. But unless you use tor bridges with obfs to make it look like https traffic, then the nature of the traffic lights you up like a candle.

GNUnet is a ready to go https serving webpages pile of FOSS software. You don't even need DNS servers for it. That's why I recomended it for a private usage. But if you can communicate without dns servers using other software then all the more power to you.

>I'm imagining a proliferation of many small, compartmentalized darknets, close-sourced with secret encryption algorithms and radically different approaches to privacy.

well i'd say you're retarded

The fastest way to be compromised is to use your own home brew encryption. It's not something for casual hobbyists. Even serious developers screw it up sometimes. That's why people use luks and gpg. Even that's not retard proof.

>>808446

Sounds good. As usual the tools already exist.

>>808449

What? There are other approaches to privacy in addition to encryption. Like steganography (https://github.com/desudesutalk/desudesutalk). You could run a darknet inside of a darknet with this.

>>808376 (OP)

>close-sourced with secret encryption algorithms

This is retarded for all of the reasons pointed out already. It would be nearly impossible for cliques of amateur "cryptographers" to create protocols and ciphers that weren't fundamentally broken from the outset. Closed-source is not a good model for implementations of cryptography. Also, read

https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle

Groups of "friends and family" wanting to create their own darknet could use cjdns.

https://github.com/cjdelisle/cjdns

I think that the only possible way to do decentralized roll-your-own crypto like this would be to generate a lifetime's supply of OTP's between you and your friends. There are obviously huge drawbacks, but it's dead simple. All you need is XOR and an RNG. Assuming you can find or write your own statistically random RNG, really, anyone could do it.

Could you communicate securely with something like that? Considering how everything seems to be compromised or broken today, the human aspect of security seems the most important, and in that respect this isn't any worse than current technology. If anything it's more secure on that ground because there doesn't have facilitated third-party. Of course some people will use shitty RNGs, use compromised software, leave their keys somewhere stupid, etc., but in a decentralized network that kind of thing should be weeded out.

The question is really what kind of infrastructure could you build with it? Can you reasonably devise a system to break out of the closed circle of friends and create larger networks? Do things somewhat on par with an imageboard or forum? Would it just be a waste of time that could never be useful?

>>808504

>it doesn't have to be facilitated by a third party.

>>808446

apparently obfs is deprecated and they recommend obfs3, scramblesuit, fte, and obfs4 now

>>808376 (OP)

>close-sourced with secret encryption algorithms

What the fuck are you doing, nigger? Get off this board!

https://en.wikipedia.org/wiki/Kerckhoffs's_principle

There are already existing mesh vpns like tinc, or darknets like i2p, freenet, retroshare, zeronet. They all allow friend-to-friend networks. Just wrap the traffic into something similar to TLS, and no one will be bothered since you are not downloading copyrighted materials from one of the exits in clear.

>>808485

Steganography is exactly what security through obscurity is.

If you know it exists, you can find it easily or look for odd file properties like 10mb size of 200x200 Kristen Stewart picture.

>>808504

Fucking share your keys in person and diffie-hellman the rest. What's the problem, matey?

>>808581

> like 10mb size of 200x200

You're not supposed to touch the file size, like some dumb catenation. Use one or two low bits from each color byte.

>>808585

> kristen-stewart-1.jpg

h-hot

>>808587

>Use one or two low bits from each color byte

And end up with suspiciously noisy picture and key size equal to picture size?

[spoiler]

>newfags don't know about n@noboard

>>>/9gag/

[/spoiler]

oh fugg DDD

>>808581

>you can find it easily or look for odd file properties like 10mb size of 200x200 Kristen Stewart picture

See >>808587

>>808616

>And end up with suspiciously noisy picture and key size equal to picture size?

Just have a network that inserts noise into everything, whether it's actual file content or just random noise. A scheme like Bit Chute could do this. It could incentivize people to help with hosting by doubling as a steganographic darknet.