Pirate DNS Could Hatch a Lawless Darknet

Some of the shady crowd behind the Pirate Bay file sharing Website have announced plans for a peer-to-peer domain name system (DNS), called P2P DNS.

DNS is the behind-the-scenes technology that converts the human-friendly Internet addresses we all use (such as www.pcworld.com) into IP addresses that computers on the Internet are actually known by (such as 70.42.185.10). DNS is often referred to as the phone book of the Internet, and practically every computing device on the planet makes use of it.

In simple terms, DNS is like a large shared database constructed from many separate sources. Domain names that end in .com, .org, .edu, and so on are controlled by single organizations that share the data of where computers :live" with the rest of the world via the DNS system.

Those behind the P2P DNS system suggest that this single-organization system provides a point of weakness that governments can use to censor the Internet, and this is undoubtedly the driving force behind the new software. Recently the Department of Homeland Security seized 82 domains it claimed were breaking the law, and the United Kingdom's Serious and Organised Crime Agency (SOCA) announced plans to undertake similar acts for .co.uk domain names.

These seizures are simple in nature; the governments contact the top-level domain companies, and using legal powers, force them to change the registration and alter the DNS entry so that it sends users to government computers (usually to a page explaining what's happened). It isn't the case that the actual Website itself is seized, or any data is taken offline. That remains untouched. It's simply that the DNS record no longer points to it

No details of the proposed software have been announced yet, but those behind P2P DNS face an uphill struggle. DNS is one of the Internet's unquestioned and most reliable technologies. Reworking it is going to take some effort.

Presumably P2P DNS will be similar in style to BitTorrent, which is to say it will be decentralized and rely on no single computer to take orders from. It will probably work alongside the existing DNS system, perhaps containing a shadow copy of existing DNS information, spread across the network of clients, but with the crucial difference that any governmental hijacking of DNS entries would be ignored.

End users would install the P2P DNS software and then alter their computer's settings to use it as a DNS server, rather than the DNS server provided by their ISP. (Usually DNS details are configured automatically when you turn on your computer.)

Users will also have to configure their routers to allow the peer-to-peer DNS data through the firewall (such as with port forwarding) and this will present the first challenge for widespread uptake of P2P DNS. Only one computer behind a typical DSL router found in homes and small offices will be able to fully integrate into the service because of the limitations of network address translation (NAT). You'll know of a similar limitation already if you've ever tried to configure a BitTorrent pass-through on your router; any port forwarded data is sent to a single computer on the local area network.

However, the biggest issue for P2P DNS is likely to be latency--the speed at which the service operates. DNS servers run by ISPs have to be quick, because they're the first step towards getting a Web page for the user. Peer-to-peer services like BitTorrent typically involve a lot of latency. This is OK when you're sharing files because there's no rush, but waiting more than a second or two for a Web page can be very annoying.

And would the new system be compatible with IPv6, which is just around the corner?

That said, P2P DNS is an intriguing idea. If successful, it could create an underground Internet--sometimes referred to as a darknet. Darknet data would travel on the same Internet the rest of us use, but only those with P2P DNS would be able to find out about the myriad of darknet Websites or services.

This is straight out of science fiction, of course, which makes it all the more cool. Or at least it would if it didn't open up the possibility of all-kinds of illegal and unpleasant activities.

Terrorists will heartily embrace P2P DNS, for example, as would pedophiles. Essentially, the darknet will be a lawless zone that's impossible to police. However, it will also circumvent any attempt at censorship.

A price worth paying?

Keir Thomas has been writing about computing since the last century, and more recently has written several best-selling books. You can learn more about him at http://keirthomas.com and his Twitter feed is @keirthomas.

Subscribe to the Daily Downloads Newsletter

Comments