Cryptostorm VPN Unites White and Dark Webs, Supports Namecoin, Tor and I2P Domains
Cryptostorm, the VPN (virtual private network) service providers, revealed to Cointelegraph that they’ve been using Bitcoin and Namecoin to power their portal to the Darknet for months, announcing native access to Tor, I2P and .bit websites.
The company, also known as “Cstorm,” has been providing VPN services since 2006. In an interview with CT, they said they have been looking into blockchain technologies since 2012, around the time they began accepting Bitcoin as payment. During our conversation, they officially announced their native integration of Namecoin’s .bit domains into their services, alongside their tunnels to .onion and .i2p websites, which allows users to access the Dark Web as easily as typing a regular domain.
Indeed, the dream of a decentralized domain name system (DNS) has been part of the blockchain tech revolution since 2010, with pioneers like Aaron Swartz helping move it forward. From that dream was born Namecoin (NMC), which was intended to store and serve as a decentralized DNS in order to provide certainty that when you want to connect to funnycatpix.com, you are not secretly rerouted to the servers of funnydogsite instead.
In all seriousness, this kind of man-in-the-middle (MITM) attack is a big concern for security agencies and the companies that get spoofed, while also being a common means for stealing passwords and other key information all over the net. This is one of the many security and privacy vulnerabilities within the White Web.
One of the problems with getting Namecoin’s awesomeness to mainstream use may be the need for users to install special browser extensions, modify their browsers, or run their own NMC node, since NMC does not quite fit the White Web DNS model. Dorkbot, the anonymous cryptographer of Cryptostorm, says getting everyone to run a NMC node “will never happen.”
Mike Ward, Namecoin evangelist and member of the OkTurtles foundation agrees, saying:
“I believe future growth in [top-level domains like .com or .org] will be blockchain based. It's not realistic to imagine every connected device running lightweight nodes for each chain, even if most TLDs live on a small number of chains.”
Cryptostorm seeks to solve this problem by using DNSchain, a blockchain agnostic, DNS-like system that connects users to IP addresses stored on the Bitcoin, NXT and Mincoin blockchains, among others. Cstorm allows access to Namecoin domains by connecting Cstorm’s own VPN infrastructure to DNSchain, so users won’t need to make special downloads or installations.
The most paranoid and arguably wise might raise concerns that Cryptostorm is centralized because it serves as intermediary between users and websites, thus they could themselves enable MITMs, just as domain name servers can today. Dorkbot said that this is a problem they are working on under code name DAfree, a project that Cointelegraph will be covering in more detail soon.
He pointed out that web browsers could triple-check IP addresses with other Namecoin or Bitcoin DNS-like services, such as Onename, Keybase or Okturtles’ DNSchain.
He also mentioned that Cryptostorm already follows a similar procedure, pointing to their public profile on Keybase that communicates with the Bitcoin blockchain, as well as a tweet from Okturtles to verify Cstorm’s use of their platform.
We think it’s great that there are cutting edge service providers out there like @cryptostorm_is experimenting with @DNSChain! ?
— okTurtles (@okTurtles) March 18, 2015Finally, he suggested such users run their own instance of Okturtle’s DNSchain, saying:
“Their code is public. You can self-compile, and they code-sign via writes to the blockchain, so you can even verify source integrity that way."
Easy Access, No Questions Asked
Thanks to Cstorm, there’s no longer a need to download and install special browsers, full Namecoin clients nor browser extensions to access the Dark Web. Simply buy a monthly token for the cost of a Starbucks Venti Chai Creme Frappuccino, follow their installation guides and you are in.
They offer a painless install widget for Windows, along with Cryptofree, their free VPN service with 256kb download speed, which you can get running on your phone in minutes.
To provide optimal privacy and further disrupt contemporary VPN providers, Cstorm uses a “zero knowledge” model to sell its customers access to their network. They ask no questions. Just give them an email and send them some Bitcoin, and you’ll receive a cryptographic token that serves as a username on your VPN network manager. For a password, instructions on their forums say you can type, “Snowden rocks!” or whatever you’d like, just “type something.”
I personally bought mine on the web version of NXT’s FreeMarket from a trusted reseller and had it delivered through their messaging system, no email needed.
They have exit nodes all over the world, including but not limited to Iceland, Singapore, Paris, Central and Western United States, Montreal and London.
Uhm … What Is a VPN?
VPNs mask your geographical location when surfing the web and they encrypt your traffic, allowing you to access websites all over the world. You can sail under the radar of oppressive regimes such as The Great Firewall of China, or if you are so inclined, the Western copyright monopolies.
Wherever you stand on these complex issues of copyright versus piracy versus freedom of speech, you’ve probably run into a YouTube link on Facebook or Twitter that your friends around the globe were enjoying and discussing, but you could not watch. Why? Well, you were in the “wrong country.”
One neat thing VPNs can do is get you past these … constraints and straight into fresh foreign media, though they can do much more.
VPNs are routinely recommended by information security authorities, such as Kaspersky, as a way for professionals to protect against various kinds of corporate espionage. One example is Darkhotel, which the Russian Infosec called out late last year as an “advanced persistent threat” against business leaders traveling abroad and getting hacked during their internet sessions in luxury hotels.
The same goes for journalists, who depend on secure communications with sources and whistleblowers. And of course, post Snowden's revelations, some VPNs even claim to protect you against government spying.
However, there’s often the problem of honeypots, or fraudulent, vulnerable or compromised VPN service providers that claim to be utilizing cutting edge and secure services, but are not. So how does one know?
What Does It Mean to Be “Secure”?
Well, according to Dorkbot, who goes by the name of Pattern_Juggled on their forums, “If your network security provider doesn't sound a bit paranoid and unhinged to you, then they are either ignorant or too lazy to care.” He adds:
“Cstorm exists to provide secure network service. Secure has several components, from protection of physical IP/geolocation status, to limiting risks of active surveillance attacks, to ensuring routing of network requests is done via the standard public internet process and is not fiddled selectively by outside parties. … Secure also means confidence that one is visiting the resource one expects to be visiting based on public data. Yahoo is yahoo, not yah00.com or a fake yahoo set up by GCHQ.
"Finally, secure networking encompasses the ability to access 'meta-networks' like [.bit,] Tor and i2p with minimal risk of session subversion or mis-routing of one's traffic."
Here is their model for honeypot awareness and risk management.
For more details on their use of cryptography, degree of decentralization and an recent and excellent Q&A by an unnamed interviewer, check out this post.
Last but not least, Dorkbot mentioned that Cryptostorm is working on other related applications of the blockchain, and users can expect more to come.