Lentis/The Deep Web

The Deep Web (also referred to as The Hidden Web and The Invisible Web) is a collection of non-indexed web content. The deep web is often confused with the term "dark web", the darknet networks that require special tools and authorizations to access. The dark web is a subset of the deep web, as the two fulfill separate purposes. Both are separate from the "surface web", web pages openly accessible to anyone. HTTP form hide content on the deep web [1] that web crawlers cannot access nor index. This secures data from the public. A login page can hide information from unauthorized users. With most of the inaccessible deep web being dedicated to business transactions and database storage with limited widespread social impact, this page will focus on the dark web with respects to anonymity, privacy, and security.

The Dark Web

edit

People can access the dark web through either onion routing or garlic routing. Onion routing and garlic routing are most commonly employed by the Tor and I2P projects, respectively. The Tor Project has a larger user base. There are several differences between the two projects.[2] While originally developed for government and military communications, dark web use has expanded to civilians, journalists, law enforcers, activists, business executives, and professionals.[3]

The Onion Router Project

edit
 
The Tor Project logo

The Onion Router (Tor) Project[4] is an open-source volunteer-driven project with the agenda of improving the privacy and security of people on the Internet.[5] Its Tor browser software protects users by bouncing their communications around a distributed network of relays run by volunteers around the world. The software is a modified Mozilla Firefox web browser that can access darknet .onion domains as well as surface web domains.

The Invisible Internet Project

edit
 
The I2P logo
The Invisible Internet (I2P) Project[6] an open-source anonymous overlay network that relies on bouncing encrypted messages around numerous one-way tunnels.[7] Instead of the Tor's .onion sites, the I2P browser features its own .i2p eepsites. Its browser can only access darknet domains within the I2P network.[8]


Peer-to-Peer Networks

edit

The dark web uses a peer-to-peer network. It differs from the conventional client-server model since there are no designated servers. The network's infrastructure, processing power, and storage comes from the computers, also called nodes, on the network. They function as servers and routers.

Tor[9] uses standard internet communication protocol, which allows any computer to join the network. The list of Tor relays at any moment is public. A user's Tor client facilitates the routing process to provide security, privacy, and anonymity. The client retrieves the list of active relays, generates a random path, and then adds additional overhead layers to the data packet for each node on the path. The computers at each node can only access their layer, which tells them the location of the next relay. As a result, a relay node does not know the end destination of the data, nor can it see the data. The last node, called exit node, delivers the data packet to the end destination.

The network contains many features and vulnerabilities such as eavesdropping, protocol sabotage, and IP reveals.

Participants

edit

Internet service providers have sold their customers' browsing records.[10] Participants who care about their online privacy can communicate and research without unwanted surveillance. Darknet softwares hide peoples' identities and web traffic while browsing.

Governments and Militaries

edit

Governments and militaries need private untraceable communications. Originally designed for military communications, onion routing's original purpose was to distribute robust messages through centralized server sites.[3] Through onion routing, militaries can send messages without fear of surveillance, discovery, or shutdown. Law personnel can open truly anonymous tip lines that don't include traceable server logs. Governments can mask their IP addresses and engage in undercover sting operations.[3]

Activists and Whistleblowers

edit

Under government censorships in countries like China,[11] activists and whistleblowers need protections and anonymity to protect themselves. Readers can evade national firewalls to research global perspectives on censored and/or controversial topics without risk of persecution.[3] Whistleblower submission systems such as SecureDrop[12] allow media organizations to securely accept documents from anonymous sources.[13] Journalists can access the dark web to write about local events and social reforms that would otherwise be censored.[3]

Terrorists

edit

Terrorists deem the conventional surface web too risky as they could be monitored, traced, and found.[14] The dark web provides a decentralized and anonymous network that terrorists use to communicate and plan attacks.

Businesses

edit

Trading cryptocurrencies over the dark web allow businesses and individuals to negotiate and transfer large amounts of funds without detection.[3] This way, they can commit tax fraud by reporting fewer assets in their tax reports.

Case Studies

edit

Darknet Markets

edit

Darknet markets allow users to buy and sell goods that wouldn't be offered in ordinary marketplaces. Officials target darknet markets whenever they launch. Operation Bayonet was the largest international effort that crippled and honeypotted markets[15].

Silk Road

edit
 
Screenshot of the Silk Road shutdown

Silk Road was an online black market marketplace for drugs and other illegal goods founded by Ross Ulbricht who used the pseudonym "Dread Pirate Roberts".[16] Buyers could access Silk Road, purchase drugs with untraceable Bitcoin transactions, and have those drugs delivered to their doorstep by the unsuspecting postal service. Boasting reliability through timely delivery and accuracy along with anonymity technology and user-feedback systems, Silk Road functioned similarly to an Amazon-like drugstore.[17] Buyers could safely purchase drugs without having to resort to shady or harmful drug gangs. In June 2013, FBI agents discovered Silk Road's true IP address to be from Iceland through a software flaw.[18] Ulbricht did not testify during the trial, but he sent a plea letter to the judge.[19] In spite of having no prior criminal record, the court charged Ulbricht for non-violent crimes and ordered him to serve a double-life sentence and 40 years without parole.[20]

AlphaBay

edit
 
AlphaBay forfeiture notice screenshot

Canadian citizen Alexandre Cazes launched AlphaBay in September 2014[21]. The market grew exponentially to ten times the size of Silk Road by July 2017. Users sold items ranging from stolen Uber accounts to business contracts. Cazes had no previous criminal records, but eventually moved to Thailand to operate AlphaBay effectively.

Cazes’s carelessness caused his downfall. Mistakes included using his personal email, pimp_alex_91@hotmail.com, to send AlphaBay welcome emails. His LinkedIn account used the same email. He also flashed his wealth on social media. Canadian, American, and Thai police launched coordinated raids and arrest throughout July as part of Operation Bayonet[15]. They seized un-encrypted cryptocurrency wallets, financial records, and asset listings, crippling Cazes's network. Thai authorities found him dead in his cell days after arrest and suspect suicide.

Darknet Communications

edit

Facebook

edit

Facebook [22] launched its services on the dark web in 2014 allowing users to circumvent any firewalls or censorship. The launch aligns with Facebook’s mission to connect people. Once the user reaches Facebook they can use services normally. Facebook used to flag excessive routing, like Tor, as suspicious behavior and even denied services. Android support and dark web client plug-ins followed.

Dark web traffic to Facebook spiked temporarily near the end of 2015. Political conflict and civil unrest caused the Bangladesh government to ban Facebook and other social media services in November of 2015. However, they could not shut down nor block the Tor network. This rendered the ban ineffective. Most bans use IP, but Tor conceals the IP. Over 1 million users connect to Facebook monthly through Tor[23]. Alec Muffett, a Facebook engineer wrote, “It’s important to us to provide methods for people to use our services securely—particularly if they lack reliable methods to do so.” Security expert Runa Sandvik praised Facebook and expects other companies to do the same.

Chat Rooms and JavaScript

edit

In early 2018, a chatroom called OnionChat was developed for users to communicate anonymously and privately over the dark web.[24] OnionChat is the first anonymous web chat service for Tor that does not use JavaScript. Malicious JavaScript inserted into darknet sites can leave users vulnerable to tracking and private information leaks. In April of 2012, Higinio O. Ochoa III, a hacker that goes by the w0rmer, was charged by the FBI with hacking into US law enforcement agencies and releasing phone numbers and home addresses of police officers.[25] Ochoa posted pictures of his girlfriend on sites that he had hacked as a digital signature, indicating that he had exposed private information. The FBI was able to extract metadata contained in the JavaScript used to post the pictures, matching the GPS coordinates where the pictures were taken to Melbourne, Victoria, Australia. Similar concerns have been raised for chat room and email services that use JavaScript, leaving users prone to information leaks and real time tracking.

Dead Man Zero

edit

Dead Man Zero is a darknet site that allows whistleblowers to set up automatic releases of information in the case that they die, get jailed, or get injured. The site charges around 0.3 Bitcoin to provide users with a digital switch that is linked to encrypted files in a cloud storage service. The site relies on these external cloud storage services so that they do not have to upkeep their own file servers, which may be subject to targeting. The creators of Dead Man Zero built the site in response to NSA scandals, claiming that "there should be consequences if you are hurt, jailed, or even killed for trying to render a genuine and risky service to our free society." As of September 22, 2014, over 400 archives of encrypted files had been uploaded, with 17 pending release within the next 24 hours unless their owners logged in.[26]

References

edit
  1. Shedden, Sam (June 8, 2014). "How Do You Want Me to Do It? Does It Have to Look like an Accident? – an Assassin Selling a Hit on the Net; Revealed Inside the Deep Web". Sunday Mail. {{cite web}}: |access-date= requires |url= (help); Missing or empty |url= (help)
  2. https://geti2p.net/en/comparison/tor
  3. a b c d e f "Who uses Tor?". The Tor Project. Retrieved 2018-12-09.
  4. https://www.torproject.org/index.html.en
  5. "Tor Project: Overview". The Tor Project. Retrieved 2018-12-08.
  6. https://geti2p.net/en/is
  7. "Intro". The Invisible Internet Project. Retrieved 2018-12-10.
  8. Bischoff, Paul (2018-09-12). "Step by step guide to safely accessing the dark net and deep web". VPN & Privacy. Comparitech. Retrieved 2018-12-10.
  9. https://www.torproject.org/docs/documentation.html.en
  10. Blodget, Henry (2007-03-13). "Compete CEO: ISPs Sell Clickstreams For $5 A Month". Seeking Alpha. https://seekingalpha.com/article/29449-compete-ceo-isps-sell-clickstreams-for-5-a-month. Retrieved 2018-12-11. 
  11. "Race to the Bottom: Corporate Complicity in Chinese Internet Censorship" (PDF). Human Rights Watch. 18 (8). 2006-08. Retrieved 2018-12-10. {{cite journal}}: Check date values in: |date= (help)
  12. https://securedrop.org/
  13. "SecureDrop". Retrieved 2018-12-10.
  14. Weimann, Gabriel (2016). "Terrorist Migration to the Dark Web". Perspectives on Terrorism. 10 (3): 40–44. ISSN 2334-3745. JSTOR 26297596. Retrieved 2018-12-10.
  15. a b Greenberg, Andy (2018-03-08). "Operation Bayonet". Wired (New York: Wired Magazine). https://www.wired.com/story/hansa-dutch-police-sting-operation/. Retrieved 2018-12-11. 
  16. Lee, Nicole (2015-02-08). "Anonymity is dead and other lessons from the Silk Road trial". Engadget. Retrieved 2018-12-09.
  17. Gayathri, Amrutha (2011-06-11). "From marijuana to LSD, now illegal drugs delivered on your doorstep". Technology. International Business Times. Retrieved 2018-12-09.
  18. Greenberg, Andy (2014-09-08). "FBI's Story of Finding Silk Road's Server Sounds a Lot Like Hacking". Security. Wired. Retrieved 2018-12-09.
  19. Snyder, Benjamin (2015-05-27). "Silk Road mastermind pleads for light sentence". Retail. Fortune. Retrieved 2018-12-10.
  20. "1-page Overview". One-page Overview. Ross Ulbricht Defense Fund. Retrieved 2018-12-10.
  21. "AlphaBay". Darkweb News (Dark Web News Publication). 2018-11-12. https://darkwebnews.com/darkwebmarkets/alphabay/. Retrieved 2018-12-11. 
  22. Greenberg, Andy (2014-10-31). "Why Facebook Just Launched Its Own 'Dark Web' Site". Wired (New York: Wired Magazine). https://www.wired.com/2014/10/facebook-tor-dark-site/. Retrieved 2018-12-11. 
  23. Wong, Joon (2016-04-22). "A million people now access Facebook on the “dark web” every month". Quartsz (New York: Quartz). https://qz.com/667880/a-million-people-now-access-facebook-on-the-dark-web-every-month/. Retrieved 2018-12-11. 
  24. "Introducing OnionChat, The First Anonymous Web Chat Service For Tor". 2018-05-27. Retrieved 2018-12-11.
  25. Diaz, Jesus (2012-04-12). "These Breasts Nailed a Hacker For the FBI". Retrieved 2018-12-11.
  26. Cox, Joseph (2014-09-22). "A Deep Web Service Will Leak Your Documents If the Government Murders You". Retrieved 2018-12-11.