Friday, 20 March 2015

What is the Dark Web?

dark web

It isn't all just about illegal activity, but is it for you?

Last September a joint operation between 16 European countries and the US shut down an estimated 400 domains on the 'dark web'. These sites were primarily involved in selling drugs and weapons, and the list of targets included the latest incarnation of the notorious contraband sales website Silk Road. It was described as a major blow to the dark web and online crime in general.

But what is the dark web? And what does it contain? Is it just a tool for crime, or is there anything else on it?

Essentially, the dark web is an area of the internet that runs alongside but is functionally separate from the existing World Wide Web, where you'll find normal websites. Dark websites can be visited by any user, but the IP address of the server is never revealed, so it's near-impossible to figure out who's running them, and the sites themselves are not visible from search engines, which makes them hard to find unless you already know about their existence.

The primary tool of dark web users is a modified version of the Firefox browser known as Tor. Its name is an acronym of 'The Onion Router' which refers to the way the traffic it handles passes through many layers of encryption, just as there are many layers in an onion.

Tor itself isn't actually illegal. Indeed, the browser was developed by the US Naval Research Laboratory, and its development continues to be funded by the US State Department. The primary purpose of Tor is to hide a user's identity and location through a combination of spoofing and deliberately circuitous traffic routing, which forces requests to pass through several servers, each of which is encrypted along the way.

Along these lines, dark websites run a special web server which only delivers information to Tor and not regular browsers. The effect is that the site and site visitor never exchange their actual IP addresses, so there's no way for either to track one another. Contrast this with a regular website where IP address exchange is typical and you can understand why the dark web has become a magnet for illegal activity.

Tor isn't the sole means of access for the dark web, of course. Other sites and users favour services such as I2P (an abbreviation of the 'Invisible Internet Project'), which is a free, open-source network layer, which can be used to transmit data securely and anonymously, much like Tor. Silk Road Reloaded used this protocol, and like any other dark website the only way to access it was to use the protocol and know the correct address in advance.

As we've mentioned already, the dark web's infrastructure makes it a magnet for criminal enterprises that would be quickly shut down if they tried to operate on a standard web server model. Although drugs and weapons are popular, the breadth of available contraband encompasses everything from malware to bombmaking equipment to child abuse images. Lists of cracked usernames and passwords are available so that hackers can further their illegal activities. If you can think of anything dangerous, threatening or upsetting, there's a chance it's available on the dark web.

But despite this, as with many technologies it isn't the idea itself that is bad so much as the way people have decided to use it.

For example, dark websites can also be useful for communicating within countries where the government has a tight rein on internet traffic, such as China or North Korea. The heavily encrypted and anonymised service means it can be used to circumvent surveillance by individuals and the state, making it a lifeline for the politically oppressed. Indeed, given the recent discoveries about the extent to which the US and UK governments are surveying people, you might even prefer to use something like Tor yourself simply to ensure that you can't be caught out.

Although the term 'dark web' tends to be used as a catch-all for criminal sites, that's not its sole definition. Similarly, you may hear the term 'deep web', which specifically refers to pages that search engines cannot find. The dark web is a subset of the deep web, but the wider deep web is far more mundane, largely consisting of things like user databases, webmail pages that are behind logins and anything protected by a pay wall.

Accessing the dark web isn't in itself a crime, and indeed there are legitimate sites you can visit that use the Tor protocol. The military uses Tor, journalists use Tor, political activists and company executives may all find Tor useful in some capacity. Even if you just want to keep your browsing activity hidden from other users in your house, Tor can help. All you have to do to get started is download the Tor browser (www.torproject.org) and install the free, downloadable browser.

It's worth noting that despite Tor's apparent security, the raids that took place last year still managed to shut down a number of high-profile sites. It's unclear how this was achieved (and is likely to remain that way), but Tor's developers are stumped. If the service or its associated technologies have a flaw, the Tor project would need to learn what it is so they can correct the software and retain Tor's status as the most secure way to communicate online - if only because such a flaw would threaten Tor's legitimate, non-criminal users.

At the same time, the fact that some of Tor's most visibly illegal sites weren't caught in the raid does suggest that the reason some sites fell was a result of a problem in some other area of security. Tor's developers pointed out that the code on the Silk Road 2.0 site contained an email address connected to Blake Benthall, who was arrested as the alleged founder. Likewise, it's possible that bugs within the site's page code could be responsible, especially if the marketplaces are quickly hacked together by semi-professionals.

Another theory is that a process of Bitcoin de-anonymisation helped the authorities locate the owners of crooked marketplaces. Like Tor, the Bitcoin currency is thought to be anonymous and geographically untraceable, but research has shown that it's possible to de-anonymise Bitcoin users to the point of obtaining the IP where the transaction was generated, which significantly narrows the location and identity of users.

One of the problems with rooting out illegal activity on the dark web is that sites are often quick to change or disappear entirely. Long-term operations are dependent on longterm stability, which is something the dark web doesn't have a lot of. It's unlikely to go away for good, though, and perhaps - like its currency of choice, Bitcoin - the dark web will one day start to shed off its association with criminal activities and become a primarily legitimate enterprise. Maybe one day the whole web will be 'dark'. For now it's only a small portion of the internet, but if enough people want it, who knows what the future will bring?