When we can't use the Internet anymore---either because it's gone, or because we can't trust it---how can we share our cat GIFs, tear gas remedies, or recipes for Roasted Rodent Ratatouille? The Perfectly Legitimate Project creates a decentralized, Internet-optional system of sharing data among a group of nodes without relying on easy-to-locate mesh networks. PLP uses whatever’s available to move heavily-encrypted payloads around, including short-range wireless communications (on license-free VHF, UHF, ZigBee, or WiFi), sneakernet, or tasty (and nutritious!) carrier pigeons. PLP has four components: NATASHA and MOOSE provide user-friendly services (such as email, wikis, and blogs) to any end-user without a need for specialized hardware or customized software, while BORIS and SQUIRREL let couriers use any means necessary to ship data with a derivative of the interplanetary Disruption-Tolerant Networking protocol. The end result is a system that's OPSEC-capable, easy to use, and can be deployed when zombies attack---or when you're just tired of having your adversaries listen through the fillings in your teeth. Our presentation will focus first on the threat model, including the reasons why standard answers (such as mesh networks), while they might solve the problems of disaster relief, can't solve for a hostile adversary. We will then move on to the PLP architecture, including the end-user services (MOOSE), the DTN creation and routing (NATASHA), the DTN payload (SQUIRREL), and the optional unified transmission system (BORIS). Finally, we will demonstrate using the services to share information between separate darknet nodes, both using mobile devices for sneakernet, and using radio. Our code is all open source, and we welcome feedback, criticism, and patches.
Brendan O’Connor is a security researcher and law student. The former he does through his consultancy, Malice Afterthought; the latter he does at the University of Wisconsin Law School in Madison, where he is focusing on Criminal and International Law. He is set to graduate in May 2014. His research focuses primarily on enabling access to security and privacy through development of disposable computing and sensing tools. He’s taught information warfare, played the violin, transmitted on amateur radio (K3QB), and tried to convince his cats not to eat him when he dies.
Grant Dobbe is a web developer and nerd wrangler. He spends his days wearing many hats for his consultancy, BeSparq; the rest of his time is divided between his very patient wife, his not-so-patient cat, an ever-growing pile of library books, and a passion for building rigged steampunk carnival games. He's also a ham radio operator (KC9WZA), tenor, Returned Peace Corps Volunteer (Ghana ‘08-’10), homebrewer, and surprisingly decent cook.