John McAfee’s D-Central – A Breakdown

October 10, 2013
No Comment


John McAfee at the C2SV Technology Conference and Music Festival

John McAfee at the C2SV Technology Conference and Music Festival

Disclaimer: Information on D-Central is extremely limited.  This article and the assumptions and conclusions it draws is based off of information gathered from John McAfee’s interview at the C2SV Technology Conference and Music Festival.

At the C2SV Technology Conference and Music Festival this year, John McAfee (formerly of McAfee Antivirus) talked about a new device that would decentralize networking and free consumers from the watchful eyes of Governments and criminals alike.  Details are sketchy on the device, but here is how such a thing might work, based off of his descriptions of how the device will work.  At the bottom I’ve provided a transcript of his talk and a link to the video I used.

Network Hardware:

D-Central is a mesh-networking device probably utilizing either 900mhz or 2.4Ghz wireless technology.  I’d lean more towards 900mhz because the ranges are longer.  These bands are free for public use (but also have a significant amount of interference issues).


The round puck will act as a network gateway, combining/proxying/bridging the TCP/IP protocol that tablets, laptops, and phones understand through existing network technology and allowing that to speak over the D-Central wireless channels.  Think of it like tethering your laptop to your Verizon MiFi, but instead of connecting to the internet via the cellular towers, you’ll be connecting to the D-Central mesh through something similar to wifi.

McAfee mentions that there will be no unique identifiers.  This means that the Media Access Control (MAC) of each network interface will need to have some sort of local arbitration scheme to ensure that collisions aren’t created with two nodes on a local network trying to get and respond to the same traffic.


McAfee's device might look similar to a hockey puck

McAfee’s device might look similar to a hockey puck

Dual Modes:

D-Central will allow private local connections and public connections.  It’s not specifically stated that the public connections of D-Central inter-mesh, but it’s a safe bet, otherwise it’d be difficult to access the internet in the scheme he mentioned.

For the private, invisible mode, it would appear that there are two requirements: having the key to join the private network, and being close enough to access that network.  The public aspect is much more interesting though.


Public Connectivity:

Once connected to this wireless network, McAfee’s explanation of how access to the internet will be achieved falls short.  He mentions “nodes in every city…that will connect to the internet”.  It makes sense if these nodes are shared and routed to via the rest of the participants in the public mesh network.  For what it’s worth, from McAfee’s description it appears as though these nodes route the D-Central network activity from one city to the next, allowing inter-city communications, but his description isn’t clear and doesn’t really spell it out.  It would make sense to use this tactic to expand the reach of the D-Central network though.  The public mesh would also be the reason why it would take so long to get answers in a rural area without many D-Central subscribers — the requests have much longer to go.


Dark Web / Tor:

D-Central can be seen as sort of a Darkweb/Tor hybrid — it’s possible to anonymously host and provide services for other users to anonymously take advantage of, but just like Tor, it’ll have it’s set of headaches, and probably more.  For example, what’s stopping someone from correlating access times and locations to a specific set of shared files to determine someone’s identity and (at least rough) location?


McAfee’s D-Central came to light after Edward Snowdens NSA spying leaks


How will D-Central provide authentication without static identity on the public networks?  How will people be able to verify that they mean to talk to the people they are talking to?  Authentication is as important as the integrity and confidentiality that encryption provides because all three are needed to secure any communication to any party unless you don’t care who is listening, and if you didn’t care who was listening, why’d you bother to encrypt it in the first place?

Secondly, how will D-Central handle encryption keys and certificates?  In a highly decentralized structure, it’s impractical to deploy meaningful encryption with most of todays technologies including SSL and PGP.

If these questions can’t be answered, the solution will be useless because D-Central will still be subject to Government or criminal snooping via man-in-the-middle attacks or subpoena of encryption keys.


Vaporware or Savvy Investment?

This is a critical-mass technology because it requires many, many people to provide network connections to other people just for connectivity.  Many persons are also required for its various use cases (which McAfee also elaborates on further into the presentation).  Thus, like all critical-mass software/hardware, D-Central will run into a chicken/egg scenario: People may want to use it, but it’s only useful if many other people are using it when it’s introduced.

In all, I think it’s a pass for now unless we get more answers to our questions and more details on how it works.  It also stands to reason that if we’re this worried about cryptographic intrusion, we should be investing more time and energy into making our existing technologies more inter-operable, encrypted, and secure, rather than creating a new class of unknown headaches that don’t solve our foundational issues.  That’s not to say I don’t think the idea isn’t cool or worth doing, just that I think McAfee is exaggerating the market for a low-bandwidth security tool that won’t have nearly as much testing behind it as more mainstream technology.

Then again, security holes in those mainstream technologies is what brought us to this impasse.


D-Central Official Site:

The C2SV Video:

A transcript of the video is below (emphasis mine):

“I’ve been working for years again very slowly and for the past few months very rapidly on a solution [to insecure communication] and it does not involve replacing the internet. I’m not that much of a fool, but it does involve another layer and it’s a lower layer.  And its a localized, dynamic network where every local network is in constant flux

lets say you have a little device which we have created and you drop it in your pocket or your backpack or your shoe or wherever you want and you carry it around with you.  There are two options — it runs in two modes: you can create a private network so that you and all of your close friends that live in your local area can communicate and they know who you are and it also has a public aspect in which case you drop all of the files and information in there that you as a good citizen might wish to share with anybody. I don’t know like the latest MP3 which you have which you like and you would like to share.  A picture of some girl you think is cute, I don’t care what. you drop it in that public area.

It has no screen its a little round little thing that drops wherever you want it and it can interface with your iPhone, with your android with your tablet with you laptop we don’t care what it is we have apps for each of these and in the morning you wake up and you open your app and you say “I’m really interested in hearing the latest thing from whatever” techno music or rap or whatever you’re interested in and you list off the things you might like and you forget about it.

And you go outside and the device is localized. it has a range of about three blocks in the city and a quarter of a mile in the country./  and so everyone within three blocks in communicating with everyone else in three blocks but keep in mind that everyone’s in a different location so everybodys local network is completely unique to themselves.

And it changes as you move or as people move in and out of your local area.

Now, so you’ve asked for a specific file.  If you’re on a college campus, you’ll probably get responses within a quarter of a second.  If you’re out on the road somewhere, in a very sparse area it can take you minutes or hours to get a response.  But you don’t even know who is responding.  You’re walking by and the devices are communicating with each other and one of them says “oh you have, you want that file here it is”  It doesn’t even ask who you are it doesn’t know who you are.  There is no unique identifier to your device that is constant, every few minutes it changes its identification.It is impossible to even know where it came from or who it went to.

when you’re on your private network there is a name attached or an ID but even then everything is encrypted as per the public network.  Since the networks are invisible to each other and in constant flux there is simply no way to tell who is doing what, when, or where.

This is of course the very basic level and we of course have other levels.  we have nodes and in every city there’ll be three of four nodes that will connect to the internet.  But the internet lets say you’re communicating with someone in Denver, the only visible part will be the encrypted communication between San Jose and Denver.  When it reaches Denver it goes into the void again.  The hundred thousand users in Denver have no clue to where it went.  Basically this is it.”