New peer-to-peer technology called Six/Four System will raise anonymous Internet use higher on the list of security concerns for enterprise IT managers.
eWeek Labs evaluated a beta version of the developers edition of Six/Four, released last week by Hacktivismo, an offshoot of the Cult of the Dead Cow hacker group. Hacktivismo, which is dedicated to preventing state-sponsored censorship of the Internet, created Six/Four to make it possible to access information anywhere on the Internet, even through state filters such as Chinas Internet firewall.
eWeek Labs tests of the Six/Four beta (available at www.hacktivismo.com)show that it will be a while before we see widespread use of Six/Four-based applications because the system is still very raw. In addition, the P2P network, which relies on many node clients with some trusted peers that handle routing, is understandably very small right now.
Still, companies should be prepared for the eventual impact Six/Four might have.
Those who work toward employee and customer privacy will find much to like: Developers could build a wealth of messaging, collaboration and media applications that would leverage the technology for secure and anonymous communication. Six/Four will work with any TCP or UDP application—all it would take is a system call.
However, Six/Four will also make it possible for malicious hackers to attack systems without fear of detection. This means preventive security systems will be more important than ever.
Six/Four does have some safeguards against such usage: Trusted peer administrators must apply to Hacktivismo for a certificate that client peer nodes will use to identify legitimate trusted peers. At that point, trusted peers can block specific services and protocols that might be used maliciously.
The main application in the beta of Six/Four that we tested was the Web proxy. Once we set up Six/Four on a Linux system, we were able to define our local host as a proxy in our browser, then use the Six/Four network to anonymously go to Web sites.
This will be useful to those who want—or, due to restrictive governments or ISPs, need—to surf anonymously. However, in its current beta form, Six/Four will likely be too difficult for novices to install and use effectively.
Technical Director Jim Rapoza can be reached at [email protected]