Lay15p010

The dark corners of the Internet

Teksti Matias Partanen
Kuvitus Juho Hiilivirta

The first time I came across with the concept Dark Web was a year ago when I read a newspaper article about a Finnish online black market called Silkkitie. It is a domestic platform for selling illicit drugs and other illegal products and services online. Payments are made using bitcoins and the products are sent to customers via Finnish postal services.

Mail-order drug shop Douppikauppa, which operates through Silkkitie, had a very unusual advertisement campaign to market its services. In June 2015 Douppikauppa sent free LSD to hundreds of people in exchange for reviews of their service. This of course caught the attention of Finnish media and naturally the law enforcement officers as well. Now, a year later, the service is still up and running. How come is this possible?

Silkkitie operates in a part of the Internet called the Dark Web. To better understand what is going on here it is best to explain terminology of the darker side of the Internet. Internet consists of layers. There is the surface Internet, the Deep Web and the Dark Web. Surface Internet by definition can be accessed through normal search engines like Google, Bing and others.

According to Internet Live Stats there are approximately 940 000 000 websites online at the present moment. In the United States about 100 000 web domains are registered every day. Simultaneously, it is estimated that 40 000–70 000 web domains go offline each day. It makes 30 000 new web domains every day. Still, only about 0,03 percent of the Internet can be accessed via normal search engines. Where is the 99,97 percent of the Internet then?

Layers of the Internet

Luckily, doctorand Alexander Wiatrowski, who is working towards his Ph.D. at the Faculty of Law in the University of Lapland, can give us an explanation. Mr. Wiatrowski held a presentation about the less known parts of the Internet at the International Summer School of Legal Informatics this year.

Wiatrowski divides Deep Web into two layers. Deep Web Layer 1 consists of websites and content accessible via normal browser, but with no index. Deep Web Layer 2 on the other hand contains content available through specialized software. That includes Dark Web where the aforementioned Silkkitie also operates. According to Wiatrowski, Deep Web is currently 400 to 550 times larger than the commonly defined World Wide Web.

The Deep Web is accessible through specialized search engines designed specifically for indexing the content of the Deep Web. It is estimated that approximately one third of the Deep Web consists of commercial databases and one fifth military databases. Approximately 50 percent of the Deep Web can be searched for free with the right tools and determination.

"Most of the data in the Deep Web is really boring."

“Most of the data in the Deep Web is really boring. What is no longer important goes to the Deep Web. The amount of the interesting content is much smaller. You also have to know what you are looking for. Otherwise you end up wandering in the Deep Web aimlessly”, Wiatrowski explains.

The content of the Deep Web is hard to access because the content is often behind some kind of bot unfriendly interface, security block, has corrupted code, uses Flash or some other reason the bot can not access the content. Common search engines rely on automated software agents called spiders, crawlers, robots and bots. These bots seek content from the Internet, and from within individual web pages. If a search engine is not able to index content from a particular website, this website will not show on search results. Databases that require login are also part of the Deep Web.

On the level 2 of the Deep Web there is a technological space called the Dark Web, where the servers of websites are hidden behind a veil of cryptography, and users also enjoy strong anonymity protections.

Dark Web

Dark Web is what the predecessor to the of the current World Wide Web was – a space to beyond the control of individual states, where ideas can be exchanged freely without fear of being censored or oppressed. Dark Web is known to be a place for illegal activities. This image is mainly created by the media.

“There are bad things happening in the Dark Web as well. For example illicit drug trade, child pornography, illegal services for contracting hitmen, trade of fake ID’s and so on. Basically anything you can imagine of.”

It is difficult to determine how big the Dark Web really is. A clearnet search engine called Ahmia.fi has indexed over 5 000 websites on the TOR-network. Ahmia.fi filters out sites containing child pornography so presumably the number of websites is higher.

Dark Web is getting more and more popular. The reason for its growing popularity is that it is getting more easily accessible. The Dark Web can be reached through decentralized, anonymized nodes on a number of networks including TOR and I2P. TOR is short for The Onion Router and I2P for Invisible Internet Project.

Onion routing was developed during the mid 90’s by the United States Naval Research Laboratory employees with the purpose of protecting U.S. intelligence online communications. Onion routing was further developed by the Defence Advanced Research Projects Agency – DARPA – which supported the evolution from ARPANET to Internet between 1960s and 1990s.

In 2004, the Naval Research Laboratory released the code for TOR under a free license. The Electronic Frontier Foundation began funding the development of onion routing and in December 2006 The Tor Project was founded.

Invisible Internet Project is a combination of of an overlay network and darknet that allows applications to send messages to each other pseudonymously and securely. It was initially released in 2003. I2P can be used for anonymous web surfing, chatting, blogging and sharing files. File sharing includes the possibility of using BitTorrent protocol anonymously, but this method decreases download speed.

All darknets require specific software or network configurations to access them, such as TOR, which can be accessed via a customized browser. Wiatrowski reminds that there are risks accessing Dark Web.

”If you decide to go there, you should do it with a ”naked” computer."

”If you decide to go there, you should do it with a ”naked” computer. The computer should not have a working web camera and it is not recommended to keep private files or any information pointing to you on that computer. People operating in the Deep Web are more experienced with computers than regular users and they are not always friendly. It is not regular Internet, there are no regular protocols.”

A malevolent hacker might take the control of your computer or steal your information if you end up in the wrong place. There are really no rules in the Dark Web. By accessing the Dark Web you let go of the little protection you have in the surface web.

There are directories like the Hidden Wiki that list functioning Dark Web sites. Hidden Wiki is censorship-resistant, so it does not filter out illegal content like child pornography. Its main page provides a community-maintained link directory to other hidden services, including links claiming to offer money laundering, contract killing, cyber-attacks for hire, contraband chemicals, and bomb making.

Other side of the coin

Not everything associated with the Dark Web is illegal. There are legitimate uses for it, because it gives its users anonymity. A growing number of people need to cover their identities in countries where the governments are oppressing their own citizens.

In defence of free web and anonymous web the authors of the Tor Project claim that ”criminals can already do bad things. Since they are willing to break laws, they already have lots of options available that provide better privacy than Tor provides. ...

Tor aims to provide protection for ordinary people who want to follow the law. Only criminals have privacy right now, and we need to fix that. ...

So yes, criminals could in theory use Tor, but they already have better options, and it seems unlikely that taking Tor away from the world will stop them from doing their bad things. At the same time, Tor and other privacy measures can fight identity theft, physical crimes like stalking, and so on.”

By using the possibilities given by the Dark Web, it is possible for example to bypass the Great Firewall of China - a censorship and surveillance project that blocks potentially unfavourable incoming data from foreign countries. Journalists use Tor to communicate more safely with whistleblowers and dissidents. Edward Snowden used Tor to send information about PRISM surveillance program to The Washington Post and The Guardian. So the Dark Web can be used to distract even the infamous NSA itself.

Another legit reason is knowledge. Deep Web encases very specialized and specific content that can be valuable in the right hands.

”Internet never forgets. If someone has uploaded information at some time to the Internet, you can find it there. Deep Web and Dark Web are the Internet in its pure, original form”, Wiatrowski says.

Dark Web and the law enforcement

The answer for the aforementioned question – why websites like Silkkitie can continue to operate - is that the Dark Web gives its users an effective tool for remaining anonymous. They are also harder to shut down than regular websites. Wiatrowski states that officially there is no such thing as Dark Web. Legislation does not recognize it.

”These black markets do not operate in the regular Internet."

”These black markets do not operate in the regular Internet. Normally law enforcement officials would contact web hosting service providers to shut down servers that are hosting sites offering illegal content or ask Internet service providers to block these harmful sites. In Dark Web this is not possible.”

United States Federal Bureau of Investigation however considers people accessing Dark Web websites as criminals and flags these people as potential terrorists.

Law enforcement officials encounter several problems with respect to the Dark Web. Everything in the Dark Web is encrypted. Encryption means that messages or information is encoded in such a way that only authorized parties can read it. Encryption is one of the very first countermeasures to evade detection.

Other thing is attribution. It is extremely difficult to determine attribution of these domains. Everything happens on .onion domains. Wiatrowski also states in his presentation that the Deep Web is also a very dynamic place.

“An online forum can be at a specific URL one day and gone the next. The naming and address schemes in the Deep Web change often. This means that information harvested two weeks ago is no longer relevant today. This has implications in proving crime.”

Law enforcement officers have to rely on regular police work and wait criminals to make mistakes. The original Silk Road – a black market service that Silkkitie is now mimicking – was shut down in 2013 and its creator Ross William Ulbricht was arrested. Ulbricht – who went by a pseudonym Dread Pirate Roberts – made security mistakes that led the FBI to him.

Ulbricht used the same nickname, ”altoid”, on several forum sites to make users aware that Silk Road was active in early 2011. He then used the same nickname again to hire developers for a “venture-backed bitcoin startup company”. But this time he asked people to send their resumes to his gmail address – that included his name. Ulbricht was later sentenced to life imprisonment without the possibility of parole.

According to Wiatrowski it is impossible to shut down the Dark Web. It would be the same thing as shutting down the whole Internet. For now, the dark corners of the Internet are here to stay as well as criminals lurking in the shadows. As long as there are ways to respond to demand of these illegal services and products provided in the Dark Web and as long as there is the demand itself, these sites continue to exist. If one is shut down another one will come to take its place.

Vastaa

Sähköpostiosoitettasi ei julkaista. Pakolliset kentät on merkitty *