A darknet market is a virtual marketplace that operates away from the open internet in the darknet. Please read our first article on darknet market to know the basics. The presentation and user interface of darknet marketplaces are generally professionally executed and similar to those of other virtual marketplaces such as eBay or Amazon. In principle, each account is provided with a coin … [Read more...]

A one-time password is a password used for authentication or authorization. Each one-time password is valid for a single use only and cannot be used a second time. Accordingly, each authentication or authorization requires a new one-time password. It is safe against passive attacks, i.e. eavesdropping. Replay attacks are also impossible. One-time passwords do not help against the man-in-the-middle … [Read more...]

A backdoor is a piece of software (often built in by the author) that allows users to gain access to the computer or any other proprietary feature of a computer program by bypassing normal access security. One example is universal passwords for a BIOS or special software (usually secretly installed by a Trojan) that allows remote access to the computer.   Difference between backdoor and … [Read more...]

Tor is an overlay network for anonymizing connection data. It is used for TCP connections and can be used, for example, on the Internet for browsing, instant messaging, IRC, SSH, e-mail or P2P. Tor protects its users from traffic analysis. It is based on the idea of onion routing. Tor does not provide anonymity against any attacker. For example, by monitoring a sufficiently large number of Tor … [Read more...]

GNUnet is a free framework for secure and anonymous peer-to-peer networking that does not use centralized or otherwise familiar services. A first implementation, which is based on the network layer, allows anonymous, censorship-resistant file sharing. GNUnet uses a simple, surplus-based model to provide resources. Participants in the GNUnet network monitor the behavior of others with regard to … [Read more...]

In our previous article, we have discussed Techniques for Identifying Users on the Web. The IP address allows for the lowest level of identification. It identifies every participant on the Internet, usually individual computers. Identification is done via the IANA entry for the Internet access provider and this can be used to identify the Internet connection owner with the IP address you are … [Read more...]

A zero-knowledge proof can prove with a high degree of probability that one knows a secret without betraying the secret. This detection usually happens according to a question-and-answer protocol and has many applications in cryptography. One party tries to prove, the other party verifies. The verifier convinces the verifier with a certain probability that he knows a secret without disclosing … [Read more...]

In data processing, a data packet is a compilation of related digital data, precisely defined by the communication protocol, which is sent through a data network during data transmission. This packet transmission is common in all forms of the Internet and is the basis for the functioning of the networks. Internet data packets have a 24-byte header. A data packet has a prescribed number of bits. … [Read more...]

Stateful Packet Inspection is a dynamic packet filtering technique in which each data packet is assigned to a specific active session. The data packets are analyzed and the connection status is included in the decision. In this technique, which is used in firewalls, the data packets are analyzed during transmission on the switching layer (3rd layer of the OSI model) and stored in dynamic state … [Read more...]

GNU Privacy Guard, abbreviated GnuPG or GPG, is a free cryptography system. It is used to encrypt and decrypt data, as well as to generate and verify electronic signatures. The program implements the OpenPGP standard and was developed as a replacement for PGP. Versions 2.0 and later also implement the S/MIME and PGP/MIME standards. By default, GnuPG uses only patent-free algorithms and is … [Read more...]

Zero Trust Security, also known as Zero Trust Architecture (ZTA), is an information technology (IT) security concept that assumes that no user, device, or network is inherently trustworthy. Unlike traditional security approaches, which aim to treat the inside of the network as trustworthy and control access from the inside out, Zero Trust Security emphasizes continuous verification and … [Read more...]