3

Imagine, your computer is controlled and your traffic is watched (MitM) . For example environment can create a snapshot of process and record a traffic.

Is there any chance to run code and prevent it from external inspection at level when it will take at least a year to get to source?

Is it possible to build a mesh network of such self-isolated containers securely connected to each other?

Is it possible to make a such technology cross-platform?

I know, it sounds like crazy idiom, but it has to look like Baron Munchausen pulling himself out of a bog by his own hair.

My point here to discuss possibility of existence distributed network in case when each of elements cannot be completely trusted.

Let's ignore conspiracy theories and think about real world. Right now, we have goverment control of Internet in many countries. And this is good when we are talking about child pornography and other unacceptable for humanity things. But control became economic & censorship tool, which destroys open community.

For example GitHub periodically gets blocked by Russian goverment, something crazy is going on in China and North Korea, other countries have similar issues. Projects like Tor or I2P are still vulnerable and easily identified using DPI and get blocked.

In current situation, the only one way I can see - is to have a sort of polymophic virus, which will infect IoT devices using vulnerabilites and build a mesh network from such things. I think, it should have some ways for self-update, network discovery and methods to desinfect devices from actual malware. Also it should be a virus, only self-spreading system can tolerate numerous vectors of blocking.

zoonman
  • 141
  • 5

1 Answers1

6

You are effectively asking if it is possible to hide some activity in a fully monitored environment. First, there is no thing as a fully monitored environment because everybody including your adversary has only limited resources (i.e. time, money, people...). Thus while he might be able in theory to watch every traffic and take process snapshots at every time he will not be able to analyze all the data. But if the adversary would have unlimited resources there would be no place to hide for you.

Thus in reality you just have to make it too hard for the adversary to find you. The best way would probably be to make your activity look innocent (i.e. blend in) so that a closer look at it does not seem to be worth. Again, the adversary has only limited resources so he must decide where to use these for the best results. How blending in can be done is specific to the environment and the task and the more you know about the environment and how it is monitored the better you can hide your activity.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • 1
    @zoonman: It would make more sense to have your question show what you really mean instead of adding all this points here as comments. Nevertheless I think it is still true what I said: it is impossible to run code in a fully untrusted environment and then expect that nobody can watch what the code is doing or tamper with the code or results. – Steffen Ullrich Dec 13 '16 at 05:31
  • Your point is strong, and I'm thinking about something which can tolerate everything at least year ahead of current technologies level. – zoonman Dec 14 '16 at 14:11