John McAfee takes on the NSA with secure anonymity device

The eccentric millionaire is spitting in the eye of another authority with D-Central, a device intended to circumvent NSA drag-nets.

After eluding the police in Belize and being arrested in neighboring Guatemala in late 2012, McAfee antivirus founder John McAfee is ready for his next adventure. This time around, McAfee is taking on a far more difficult adversary than Central American law enforcement: the U.S. National Security Agency.

During the recent C2SV conference in San Jose, McAfee teased plans for a new device he is working on--called D-Central--that promises to bring better security and privacy to our online lives. McAfee hasn't released many technical details about the gadget, but from the sounds of it, D-Central will be a mashup between a personal mobile Wi-Fi hotspot like the MiFi and a Pirate Box.

If you haven't heard of the latter, a Pirate Box is a mobile device capable of creating a local wireless network that nearby users connect to via Wi-Fi. The beauty of the Pirate Box is that it doesn't connect directly to the Internet. Instead, a Pirate Box is only accessible to computers within range of the signal. Users can then use a Pirate Box network for secure online messaging and file sharing. The Pirate Box was originally designed by David Darts, Associate Professor and Chair of the New York University Art Department.

McAfee's product wants to take the best aspects of both the hotspot and the Pirate Box to let you share files publicly and anonymously with users nearby, as well as chat privately with people you know.

D-Central! D-Central!

D-Central will be a small device you carry with you, McAfee says, that can connect to your PC, tablet, or smartphone. When connected, you join a small, dynamic local network where you can connect to other users nearby in a private or public mode.

In public mode, users connect to share files with each other. McAfee says the public mode connection happens over an encrypted channel and is completely anonymous with no personal user information exchanged between users. McAfee also says D-Central can set up a VPN-like encrypted tunnel over the Internet to connect to other users across the country or, presumably, around the world.

In private mode, D-Central provides a method for encrypted instant communication, such as instant messaging, with friends you know.

D-Central is supposed to have a range of three blocks in the city and about a quarter mile in rural areas.

To maintain privacy, D-Central devices will also have dynamic unique identification numbers (UIDs) that change every so often. UIDs are usually static and can be used to track or identify a user based on the activity of their device.

D-Central is currently in the early stages of development, but McAfee expects to have a working prototype within six months. The company behind the product, Future Tense, has also set-up a teaser site featuring a countdown clock to March 23, 2014. We can only assume that's when we'll get our first look at D-Central. You can sign-up for email updates about D-Central on the site.

Secrecy is the new security

McAfee's new concept sounds like an interesting idea and it's easy to imagine a device like this being popular with people who want to share files or chat anonymously.

"I cannot imagine any college student in the world not standing in line to buy one of these," McAfee said during C2SV.

McAfee claims the NSA, America's top code breaking agency, will be stymied by the new device. "The NSA won't get into it," McAfee said. "The encryption that we have developed is unique, and the NSA nor any other governmental agency has been involved."

[Read: Here's how to best secure your data now that the NSA can crack almost any encryption ]

And this is where D-Central may turn out to have some rough spots. It's too early to say what kind of encryption D-Central will have, but it certainly sounds like McAfee isn't willing to trust standard encryption algorithms that most security professionals rely on. If that's the case, McAfee and co. have probably developed a closed-source solution.

A well-known axiom in the security world is that your best bet for strong encryption is to use open code that has been placed under scrutiny by security experts over the course of many years. Closed-source solutions, on the other hand, are a bit more risky; if a hacker discovers a previously undiscovered vulnerability D-Central devices could be left wide open to attack.

Perhaps even more concerning, with closed-source solutions there's really no way to truly know whether the government has pressured a company to install a backdoor into their crypto.

As I said earlier, it's too early to know what McAfee means by a "unique" encryption solution and whether or not D-Central will be open to attack. Nevertheless, it's something to keep an eye on as the product develops--assuming of course we ever see an actual device.

Despite any potential shortcomings, however, D-Central sounds like it could be a handy tool in a world where the NSA and other world governments seem to be spying on our every online move. Now let's see if McAfee can deliver on his claims by combining ease of use with solid anonymity and security.

Join the CSO newsletter!

Error: Please check your email address.

Tags gadgetsNational Security Agencyconsumer electronicsmcafeesecurityU.S. National Security Agencyprivacy

More about McAfee AustraliaNational Security AgencyNSAYork University

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ian Paul

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place