3 Reasons Why McAfee's D-Central Won't Actually Protect You From the NSA
John McAfee, the same McAfee from the famous antivirus software, has had a roller-coaster of a life. Just this past decade he has been involved with secret laboratories in Belizean jungles, illegal drugs, young prostitutes, a government raid, a murder mystery, and a manhunt. RAnd now he's hawking a device that will protect us all from NSA surveillance.
The technology, D-Central, will evade the government's eyes by "creating a series of local, decentralized, and encrypted wireless networks on which users can safely and anonymously trade files and messages." McAfee plans on selling pocket-sized encrypted boxes for less than $100. Each of these devices would broadcast a local wireless network with a three-block range. In order for a user to send secret files to another user, both the sender and the receiver must connect to this localized encrypted network. If a user wants to send a file to someone across the country, hundreds of devices must be linked together (within range of each other) to span the required distance.
This may sound like a dream come true for anyone who cares about NSA surveillance, but let's not get ahead of ourselves just yet. Will this new magic product actually protect you from snooping eyes? Doubtful. Here are three reasons why not.
1. This already exists and you're not using it
D-Central is pretty much the exact idea as the project "Occupy.Here" that has been around for over two years. As you might have guessed, Occupy.Here began as an experiment during the Occupy Wall Street movement. It was originally a hack that allowed Occupy participants to communicate and share plans secretly when they were in close proximity to each other. Occupy.Here has already run into many challenges including installing routers in public spaces, making it easy for people to discover existing networks, and creating repeat users who come back to the network consistently.
How will McAfee overcome the challenges that Occupy.Here hasn’t been able to after two years of product development? This is unclear considering D-Central is largely in the idea phase and no plans have been released on the topic of strategic dispersion and sustainability. Even the current chief technology officer of McAfee (the company) has little faith in this magic device.
2. It will eventually get hacked
The main difference between D-Central and Occupy.Here is that the latter is an open-source project (running OpenWrt Linux) that allows any developer from around the world to build and perfect the encryption software. McAfee, on the other hand, claims to have developed a highly superior uncrackable encryption which he refuses to share details about.
Keeping his encryption a secret will only hurt D-Central in the long run. The benefit of open-source software is that thousands of eyes are looking at different parts of the code at once. This allows bugs and imperfections to be found more quickly than if one person, or a small group of people, were building the code alone. And as McAfee proudly admits, because of his reputation hackers consider hacking him as a badge of honor. Claiming to have developed an invincible encryption will make this product a clear target for hackers around the world, and it only takes one smart person cracking the code to break the faith that users may have had in the product.
3. It will never become large enough to be useful.
Both Occupy.Here and D-Central have the same primary challenge: the network effect, which means that the product's value is mostly defined by the number of people using it. Without thousands of routing devices to span large distances, the number of people who can actually use the network will be sparse and the applications will be limited.
Roughly half of U.S. citizens don't like the NSA reading their emails and checking their call log (depending on what poll you read). But how many of those people are willing to purchase the $100 device required to actually build the secret network? And even if enough people do purchase these devices (or perhaps, the devices are subsidized by a rich benefactor), would you be willing to send any/all of your messages and files over this new network instead of more traditional methods like Gmail, Outlook, Facebook, or Dropbox? Also, this is a two-way relationship. The person receiving your messages and files must also have the ability and be willing to receive them over the private network.
The barrier to expanding D-Central is too large for it ever to become a meaningful way to protect individuals from third party snoopers like the NSA. Unless the tin foil hat wearers start putting money where their paranoia is, D-Central is not worth the hype. This project was over before it started.