Google Analytics

Sunday, November 9, 2014

The Google LogAnon Project

By Duane J. Higgins, ceo
xtradot.com
 

So we have facial recognition, biometrics and voice recognition nowadays. However, I did come across something interesting in the wilderness of the Internet the other day. There is apparently a little known Google project called LogAnon. The only thing I could find is here:

https://code.google.com/p/loganon/

This LogAnon link has limited information:

LogAnon is a log anonymization library that helps having anonymous logs consistent between logs and network captures.
LogAnon mission statement is to: Provide a simple API Written in C with Python bindings Cross-platform

So what is this LogAnon all about?

I do try to present this blog (in simplistic terms) what are probably at times very complicated technological principles. Like I mentioned before, I am not a technologist, programmer or IT person. Just a blogger and this is a blog and not a dissertation.

Now let's me be clear that I don't have the slightest idea what this "loganon" project has to do with. However, the reason I want to speculate a bit is that  there may be some domain name applications. Which is what I write about.

So here is my hypothetical.

Could LogAnon have to do with anonymous and encrypted logins?

When you add the use of "randomly assigned domain names" the project is quite viable.

First a few words on randomly assigned domain names:

Now there are sites of course that produce randomly generated alpha or numeric strings such as Random.org which will quickly generate random passwords up to 100 at a time and up to 24 characters.

Here is a sampling of random strings created by the "Random String Generator" at Random.org:


LRIGHKKJ CMVTYIEE LCJJRFOG VQXFXCMM CTPVMOUA BDZYPNHT NQWTHAHM VVZSDPMZ HSRCTUZL OCNOJHZC

10 Strings. 8 Characters each. 

How many possible combinations are there of 8 character (alphabet)names?
208 billion. 
How many combinations with 9 characters?
4 Trillion
How many with 10 characters?
140 Trillion. 
Wow!

So one of the possible applications for Randomly Generated Domain Names is here:

Personally encrypted login pages.

For Example:

OCNOJHZC.secure

This is the technology:

From Wikipedia.org:

Hypertext Transfer Protocol Secure (HTTPS) is a communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in and of itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications. The main motivation for HTTPS is to prevent wiretapping and man-in-the-middle attacks.

The key to the personally encrypted/anonymous login page is the following:

Your encrypted login site (encrypted domain name) would be attached to the ip (Internet Protocol Address) of your Internet device.

From Wikipedia.org:

An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication.[1] An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."[2]

Attaching your personal login domain name to your ip address adds an important level of security.

Something in network security terms that is called Multi-factor authentication.

(From Wikipedia)

Multi-factor authentication (also MFA, two-factor authentication, TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor ("something only the user knows"), a possession factor ("something only the user has"), and an inherence factor ("something only the user is"). After presentation, each factor must be validated by the other party for authentication to occur.

In case you missed my suggestion-the security applications could be very significant. First you have the device IP address (where the device lives on the Internet) and then you have the domain name IP address (where the domain name lives on the Internet). That's a double security layer. Add in a password and you have "triple level authentication." Which is of course much better than double. (the something you have and something you know) approach. It would be a new form of Multi-factor authentication.


Here's the usage:

Randomly generated domain name.
Free (encrypted) website/login page.
Only you can access it because it is attached to the ip address of your device.

Login could be for one service or many.

First of all, randomly generated (nonsensical) domain names would not be cataloged by the search engines. They would be anonymous (WHOIS data is protected) and much more difficult to track and identify. Or or even better registered by a third party so there would be no personal data stored or involved.)

According to a Google initiative outlined here in a Wall Street Journal article dated August 7, 2014:


Google hopes the move will prod website developers to adopt technology that protects against hackers breaking into their websites and stealing users' information.
"We hope to see more websites using HTTPS in the future," Google said in a blog post, referring to the protocol for securing communications over digital networks.

So does that all fit the few lines of description that are listed on the Google LogAnon project link that I post again here?

LogAnon is a log anonymization library that helps having anonymous logs consistent between logs and network captures.
LogAnon mission statement is to: Provide a simple API Written in C with Python bindings Cross-platform

Also, can facial recognition, biometrics and voice recognition all be utilized as well in such a LogAnon program?

You tell me.