Pierluigi Paganini
January 04, 2017
ZeroNet is a decentralized and open source web platform. It’s based on BitTorrent(p2p) technology and BitCoin cryptography. These features ensure a decentralized censorship-resistant network.
The contents published by users can never be deleted because they’re distributed directly to other visitors without any central server. The content remains online so long as at least one user serving it. It’s impossible to shut down websites in the ZeroNet.
“When a site is updated by its owner, all nodes serving that site (previous visitors) will receive only the incremental updates done to the site content.” states the official website of the project.
ZeroNet implements a network whereby users can access and surf websites that are hosted on other user’s machines, it doesn’t include centralized servers.
“It’s nowhere because it’s everywhere!” declares ZeroNet site
You can create a free website using ZeroNet. There are no costs for hosting because the website is stored automatically your website. This could be a challenge to web hosting companies. It is always online with no downtime and can be accessible if your internet is unavailable if you have visited the website previously.
The site owner can accept payment directly to the site address.
If you want to hide your IP address, ZeroNet supports Tor network. The level of anonymity implemented is the same of the one implemented for BitTorrent, but a combined use with the Tor network will allow protecting user’s anonymity.
ZeroNet is made to work with anonymity networks: you can easily hide your IP using the Tor network.
Furthermore, you don’t need to remember your password, because your account is protected by same cryptography as a Bitcoin wallet.
In order to ensure integrity files, when you visit a site you download a file named “content.json”, it contains all other file names with relative hashes and cryptographic signature by the site owner. Then you download other files and verify them using hashes included in the “content.json”. This prevents in some way the diffusion of corrupted files or malicious code.
Another feature is multi-user site for example if you want to post on forum or blog. Sending your auth address to the site owner, it creates a new file and set your auth address as the valid signer. The site owner publishes a new “content.json” declaring that you can be signed a file.
Below the list of features implemented by ZeroNet:
ZeroNet users also have access to
One of the questions in the FAQ session camptured my attention:
What happens when someone hosts malicious content?
The answer is very clear:
The ZeroNet sites are sandboxed, they have the same privileges as any other website you visit over the Internet. You are in full control of what you are hosting. If you find suspicious content you can stop hosting the site at any time.
About the Author:
@GranetMan
Granet is a young and Junior IT Security Researcher, he is passionate in Linux, Arduino, Digital Forensics, Cyber Security, Free software and Malware Analysis
Edited by Pierluigi Paganini
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – ZeroNet , privacy)
[adrotate banner=”5″]
[adrotate banner=”13″]
