I am currently taking CS577, Cybersecurity Lab. We have to do a final project relating to security (pretty much a mini research project). For mine, I created a protocol that allows you to not be held accountable for the websites you visit. Most security services try to keep your connections confidential using encryption, but all mine does is keep you anonymous.
The way this works is before you go to a website on your phone, you communicate with a bunch of phones in the local area, then one of them goes to the website instead, and sends you back the results. This means the website can't actually figure out which phone really connected with it. So just to quickly summarize so I'm clear, your phone kind of “hides in a crowd” of other phones, so a spy could tell an internet request is coming from one phone out of that group, but can't figure out exactly which one.
This raises an interesting question. What if one of those phones goes to an illegal website and gets illegal content? Can all of the phones be held responsible? If not, then using this there would be no way to blame someone for something like piracy you could always, have arguably just been “downloading for somebody else”. When I thought of this, I figured that it probably makes sense to blame every phone in the network.
However, if using this app is illegal, and let's say somebody makes a virus that “infects” your phone with a program that runs this protocol. Then, can you really blame a person for being part of this network? Eventually, there's no accountability anymore. You can't blame anybody for going to any website. I'm pretty sure there is no solution to getting the original phone that original sent out the request when using this protocol, unless you're in the direct vicinity of all of the phones in the little mini-network.
That's a cool thought experiment, and it's also kind of cool because it's not something anybody would be able to spy on unless they're physically nearby you, so it actually has some practical usage, if you don't want to be blamed for websites you go to. It's 2:30 AM right now and I don't think I can write anymore. I liked this class.
No comments:
Post a Comment