Earlier today we wrote that the Swedish Pirate Party introduced a completely anonymous internet service called relakks. However, how anonymous is it, and is it really a darknet?
Smirnov comments on Relakks at the US Pirate Party site”
First, both the Relakks site and the announcement make it very clear that the service is supposed to provide anonymous access to the Internet. What isn’t as clear is that Relakks is just a PPTP (VPN) provider. Customers sign up, pay â‚¬5 a month and get on their merry way. All of their traffic is encrypted to the Relakks servers, at which point it travels the Internet like regular traffic.
As far as I can tell, all your traffic carries a Swedish Relakks IP, presumably mapped to your real IP somewhere on a Relakks computer. Now you can’t connect to Relakks anonymously, because then they’d have no way of verifying you are a paying customer (plus VPN authentication is based on identity verification), so Relakks knows who you really are when all your traffic goes through them.
Let’s compare this to something that has been traditionally called an anonymous network — Tor, a program implementing onion routing. With Tor you connect to an onion router, which then builds a path for you through other onion routers to your destination, in such a way that it makes it very hard to determine both the sender and the receiver of an on-going communication. The entire link is encrypted, unless of course you are outproxying to the intenet (then traffic has to be decrypted either way when it leaves the outproxy). But at least with Tor, it is very hard for the outproxy to figure out where the real request came from.
Today, the Swedish Pirate Party launched a new Internet service that lets anybody send and receive files and information over the Internet without fear of being monitored or logged.
The problem is that since Relakks knows who I really am, and that any outgoing connections from them are unencrypted, I really do have something to fear.. Relakks. What is the difference between trusting them and trusting my own ISP not to give me away?
Relakks could be logging behind the scenes, turning on a silent switch without telling anyone. Even in a case where we do trust Relakks not to keep the logs of the actual data that goes through, they will still have mappings between Relakks IPs and Real IPs at any point in time — this is just begging for an organization such as the antipiratbyran or the MPAA/RIAA to set up honeypots across various torrent sites, until finally they have enough Relakks IPs information to be able to sue them in court if they have a real IP, at which point the Swedish police could raid the Relakks location and get those real IPs.
If Relakks did not have their own direct connection to the internet, their outgoing ISP could be tapped and then setting up such a honeypot would be trivial. Otherwise, multiple peers could actively participate in swarms on sites such as the Pirate Bay, logging actively all of the IPs of the seeds and the superseeds on such swarms.
Secondly, the Relakks service is called a “Darknet.” After reading the paper that originally introduced the term Darknet at http://www.bearcave.com/misl/misl_tech/msdrm/darknet.htm, I am hard pressed to understand what makes a VPN tunnel a Darknet.
The idea of the darknet is based upon three assumptions:
1. Any widely distributed object will be available to a fraction of users in a form that permits copying.
2. Users will copy objects if it is possible and interesting to do so.
3. Users are connected by high-bandwidth channels.
This seems to me to describe a subset of P2P services, perhaps F2P. A program such as Waste, facilitating connections to your friends would fit the bill, but a general-connectivity tunnel? Would that not be akin to calling IPSec or IPv4 a darknet solution because it allows programs such as Freenet to operate under it? Would that not make any low level Internet protocol a Darknet then?
The service allows people to use an untraceable address in the darknet, where they cannot be personally identified.
Yet I do not recall Darknets having to be anonymous. Pseudononymous, perhaps, but only because that is a side effect of keeping the connections limited to a group of friends. Even if a Darknet had to be anonymous though, as I said earlier, Relakks hardly keeps your identity safe — they have to know who you are at all times (unlike say Tor)!
Lastly, I have some less related comments I wish to share with you:
The PPS does not own Relakks, they seem to be affiliated and perhaps will get a share of each person they refer to Relakks? I wonder what political repercussions the PPS is hoping to achieve by actively promoting a network which will incentivize users to engage in illegal activities (such as unauthorized works distribution) behind the scenes of a “trusted” outproxy.
P.S. My views do not represent the official views, positions, standings or otherwise, of the Pirate Party US, unless otherwise stated by an appropriate party official.