Navigating The Deep, Dark Web

from the dig-in dept            http://www.techdirt.com/articles/20121030/01363220883/navigating-deep-dark-web.shtml

We recently ran an excerpt from Cole Stryker's new book, Hacking the Future about the importance of anonymity. Here's the second excerpt from this book, our latest book club selection. This time it's about navigating parts of the web that not everyone knows about... We'll be hosting a chat with Stryker in the near future, to be announced soon.

I first heard whispers of the deep Web on 4chan. It was often positioned by active users as a place where even the most hardened /b/tard (a nickname for heavy users who hang out on 4chan's "random" board a lot) can find things to shock the system. The deep Web is depicted there as the submerged portion of an iceberg. The Web that we know is the tip, and the massive portion underwater is the deep Web.

"I've just come back from the deep Web," they say, "and look what I found." They share ghastly images and stories, perpetuating the legend of this vast underbelly among underbellies. In these conversations I was led to believe that the deep Web—also called the invisible Web, the darknet, undernet, and several other sinister-sounding names—was home to the sort of content that would get you thrown in jail if it were ever traced back to you. This is true, to an extent, but technically the deep Web comprises anything that isn't crawlable by major search engines like Google. This can mean dynamic URLs that have a long string of parameters that might confuse spiders (the software that "crawls" Web sites to index them for search). Any content that's behind a pay wall or other password authentication is technically included in the deep Web. This would include your e-mail or a pay-to-view newspaper Web site. Any content that lies behind a form, like a survey or poll, often can't be crawled. Some sites purposefully exclude spiders using robots.txt, a file that tells spiders to steer clear of certain Web pages for various legitimate, legal reasons. Pages that are made up of flash content obviously can't be crawled because there's no raw text on the page. So to say that the deep Web is the seedy back alley of the Internet is not entirely accurate.

However, there are parts of the deep Web, accessible only with the use of certain anonymizing software, where baddies sometimes hang out. The deep Web is rife with readily available child pornography, terrorist rhetoric, drug and sex trade—all manner of taboo and hateful communication.

One such piece of anonymizing software is called the Onion Router, or Tor, briefly mentioned earlier. Tor reroutes communications coming from your computer around the world across a distributed network of volunteer-run nodes that make up the Tor Network. Tor passes users' traffic through three servers before sending it along to its destination. The network was originally sponsored by the U.S. Office of Naval Research to help military agents abroad bypass firewalls and other "censorware" in countries like China. For this reason, some speculate that the service is routinely monitored by the U.S. government and cannot be trusted.

Technically, Tor is not an anonymizing service so much as an obfuscating one. Tor alone can't keep anyone anonymous; it's merely one item in the smart anon's tool belt. Tor works to anonymize your Internet connection, but can also be applied to specific programs. The most popular program used in tandem with Tor is the Internet browser. The Tor team has built a Firefox extension that applies several "onion-like" layers of obfuscation to data communicated through Firefox. Because Tor routes your traffic around the world, it's not very fast. The more people volunteer to contribute their machines as nodes, the faster Tor will get.

I thought I'd check it out for myself. I downloaded the Tor software, ran the executable file, and installed the software. When I ran the program, within seconds a browser window opened saying, "Congratulations. Your browser is configured to use Tor. Please refer to the Tor Web site for further information about using Tor safely. You are now free to browse the Internet anonymously." I typed in a URL I found on 4chan for an underground deep Web portal called Hidden Wiki, waited about thirty seconds (an eternity in the era of Wideband and FIOS), and a blank page popped up, reading "Looking for Hidden Wiki?" The last two words were blue, indicating a hyperlink, so I clicked it, and up popped a page that looked just like Wikipedia. A sidebar listed the categories that are available to browse: blogs, books, political advocacy, but also drugs and underage erotica. I clicked on a link called "Killer for Hire."

This can't possibly be for real, can it?

You can call me Slate. All you need to know is that I am well trained and can perform what you need done. I do not need to know your situation with the hit and prefer not to. I’m hired when you want to make sure that the hit doesn’t get traced back to you.

• Minimum age for hit is 18.
• I do not care of the gender of the hit.
• I do not kill pregnant women.
• I do not torture the target.
• If hit is a political figure, or is in law enforcement (judges, policemen) there will be an additional fee.
• For an additional fee, I can set it up as a “suicide” or an “accident”
• Hit will take place within 4 weeks.
• Hits outside of the continental US will require an additional 2 weeks of logistics and $5000 in travel fees.
• Once the hit has been made I will message you with a picture or a video and the remaining balance must be paid in full.

A second hit-man site sounds like a Hollywood Russian mafioso wrote it. "It is mutual interest to make everything anonymously," he warns, insisting, "it is not a joke." He gives careful instructions on how to pay through Bitcoins (more on this soon) and reiterates the need for total anonymity on both sides of the transaction. "I don't know you and you don't know me." If these sites are jokes, they are convincingly conceived. Moving on from the hit men, there are firearm salesmen, hackers for hire ("destroy your enemies!"), an extensive list of Bitcoin traders, illegal gambling sites, white supremacist blogs, whistle-blowing blogs, new world order conspiracy chat rooms, transnational activists, Anonymous operation forums, hacker/phreaker communities, and porn. Oh, the porn. Genital mutilation, necrophilia, zoophilia, watersports, etc. Anything you can imagine is at your fingertips. Which brings us to child pornography. I don't have the guts or inclination to click through to any of these sites, but they're there. And according to people hanging out on 4chan, the stuff available from the Hidden Wiki is only a shallow fraction of what's out there were one prone to dig deeper.

Perhaps the most notorious site available through Tor is the Silk Road, a black market where users can find 340 different illegal drugs: weed, cocaine, heroin—a digital bazaar of pills, tabs, and powders. If I wanted, I could easily order up a smorgasbord of illicit substances and have it delivered within a few days. You have to pay a Bitcoin just to browse the site—its inaccessibility keeps out most looky-loos. The site doesn't have everything, of course. You won't find any chemicals that are easily weaponized. Sellers promote their wares through a reputation system that isn't much different from the one popularized by eBay. The site only accepts Bitcoins, which, along with mandatory Tor usage, help to ensure the anonymity of buyers and sellers. The Silk Road is one of many hubs for black-market drug trade on the deep Web. It's difficult to tell if the DEA (Drug Enforcement Administration) is going to crack down on this sort of thing, or if we're peering into the future. Anonymizing applications and efforts to pierce such software seem to be progressing apace.

Freenet is another piece of software used to mask identity online. It's been downloaded over 2 million times. Freenet's creator, Ian Clarke, is concerned about the freedom to communicate. He grew up in the south of Ireland in the ‘80s in a family of Protestants, whom he says are fastidious about staying out of Irish politics. From a young age he was interested in understanding people who held different views.

I remember reading [Sinn Féin' leader] Gerry Adams's autobiography at a time when most people considered him a terrorist. I can remember that if he was interviewed on TV they had to use an actor to do a voiceover, because it was illegal to broadcast his actual voice. It wasn't that I agreed with Gerry Adams' beliefs or actions, but I did feel that it was far more productive to understand where people are coming from, to try to step into their shoes, rather than simply demonizing them, which was official government policy at that time. It left me with a strong sense of the futility of censorship, and the value of free communication.

My experience with Freenet's "Linkageddon," one of several directories, is similar to that of Tor's Hidden Wiki. Some of it is innocuous (Bob Chapman's Financial Analysis), some of it funny (Anti–Harry Potter fundamentalists), and some of it horrific (ubiquitous underage porn). Everything looks like an old Geocities page.

Clarke describes Freenet like a decentralized postal system, where people carry each other's mail. For instance, you need to get a letter to your friend Bob in Boston, and your friend Diane is going to Boston for a business trip. You give Diane your letter and have her hand off the letter to James, who happens to live in Bob's neighborhood. The system is decentralized and doesn't rely on any one person more than the others. If Bob can't deliver your letter, you might ask Cheryl, who will be passing through Boston as well. The advantages to this system are such that James doesn't have to know who's sending the letter, and there's no central postal hub that can restrict the delivery of mail through censorship or incapacity. According to research by Freedom House, Freenet is one of the most popular anonymity systems used in China. This was no accident. Clarke says that he intended for the software to be used by activists.