Unlike its predecessors, Veiled doesn’t require much technical know-how to join, either. “The coolest thing about this is it lowers the barrier to entry to a darknet,” Hoffman says. “You could put some very interesting applications on top of it. It could be a way to do secure whistle-blowing, [for example]. When you have something decentralized like this, no one can control or stop it.” No one can take it down, either, he adds, all of which makes it more approachable for a wider community of legitimate users.
“The point of our research is not to give bad guys a tool for nefarious use, but to get security researchers discussing and talking about the new concept of browser-based darknets,” he says.
The best-known darknet is Tor, an extensive network of nodes designed to enable users to hide their IP addresses and locations. Such networks are popular in countries where Internet usage is restricted by the government, but also are used by students, law enforcement authorities and others with a need for online anonymity.
But networks such as Tor rely on relays and proxies and bounce traffic from one to another to disguise the origin and route. Hoffman and Wood take a different tack with Veiled, distributing a small file to each user.