Connect with us:
November 15, 2019
HomeSecurityCyber CrimeUnder the Cover of Darknet — the Dark Web Demystified

Under the Cover of Darknet — the Dark Web Demystified

m

What is the Dark Web?

The Internet is a much bigger place than you probably realize. There are hidden parts that are not readily visible to the general public. You know about Wikipedia, Google, Amazon, YouTube, Facebook and the rest of them; they only constitute a tiny portion of the Internet. But do you really know what’s lurking beyond those popular websites? That space is where the Dark Web and the Deep Web exist in.

The Dark Web or Darknet is a general term for a collection of websites that on an encrypted network with hidden IP addresses – all of which gives users with strong anonymity protections. Because they are not indexed by traditional search engines, you can only access them with special anonymity browsers, such as I2P, Freenet, and the most common; The Onion Router (TOR) bundle.

Is the Dark Web the same thing as Deep Web?

The Dark Web should not be confused with the Deep Web. The Deep Web is a collection of all sites on the web that aren’t reachable by a search engine, and that also include sites on the Dark Web. The content of the Deep Web is hidden behind firewalls, paywalls and HTML forms, and includes many very common uses such as business intranets, web mail, databases, online banking, and services that users must pay for, and usually require password or other means of authentication to access. These contents can be located and accessed directly by a URL or IP address.

The Deep Web is several orders of magnitude larger than the surface web (the part of the web that is readily available to the general public and searchable with standard web search engines). Most of the wealth of the web’s information are buried below the surface web. The actual Dark Web, by contrast, possibly accounts for less than 0.01% of the entire web.

Why would anyone want to use the Dark Web?

The strong anonymity protection provided by the Dark Web is certainly a great attraction for people who are looking to sell or obtain illegal items such as stolen data, drugs, weapons, and other prohibited items.

But there are also legitimate reasons users may want to access the Dark Web. It has gained popularity as a safe haven of sorts for whistle-blowers, activists, journalists and others who need to share sensitive information but could not do so on the mainstream web for fear of censorship or risk of political persecution if discovered by their government.

The police and intelligence agencies also use the Dark Web to monitor terror groups and keep tabs on cyber criminals. Corporate IT departments frequently crawl the Dark Web in search of stolen corporate data and compromised accounts. Individuals may want to also monitor it for signs of identity theft. Beyond the controversies, the Dark Web actually has potential. According to Wired Magazine, “it’s the World Wide Web as it was originally envisioned: a space beyond the control of individual states, where ideas can be exchanged freely without fear of being censored”.

The Dark Web has become synonymous with internet freedom especially as nation states continue to clamp down on the web. It now plays host to a number of media organizations involved in investigative journalism such as ProPublica, the Intercept and others. Most notably, WikiLeaks – the website that publishes classified official materials also has a home on the Dark Web. Facebook, being aware of attempts by many governments to restrict access to it, also maintains presence on the Dark Web to make it more accessible in countries where it’s censored.

Surfing the Dark Web is illegal and dangerous?

No, it is not illegal to access the Dark Web, but it can be dangerous. You cannot be charged with a criminal offence for simply searching the Dark Web. But you can be charged if you engage in illegal activities under the cover of Darknet. Every now and then, you may see headlines about the Dark Web in relation to police operation, child pornography, drugs, or hackers dumping stolen data. While those things may be common on the Dark Web, it isn’t any different on the normal web either.

Yes you are legally free to access sites the Dark Web. But remember, it is also notorious for being risky because of its anonymous nature. The same basic security rules that apply to the normal web also applies to the Dark Web. It is always advisable to be careful of the links you click because some can be misleading. Avoid sites or links that advertise illegal, disturbing, or dangerous content you don’t wish to see.

How do you access the Dark Web safely?

The Tor browser is the most common gateway to the Dark Web. Tor is an encrypted network of volunteer relays located around the world through which the user’s internet connection is routed. To be able to browse web pages on the Dark Web, you will need to download and install the Tor browser bundle. Darknet website URLs (usually appended with .onion, e.g. abc.onion) are only accessible to Tor browser users.

When using the Tor browser to access the Dark Web, ISPs and by extension the government might not be able to view your activities, but they will know you are on the Tor Network, and that alone is enough to raise eyebrows in some countries. Remember that security and anonymity are vital to those on Darknet websites. That’s why it is recommended you use Tor over a VPN. The VPN server receives all your internet traffic and routes them through the Tor Network before ending up at its final destination. With this method, your ISP only sees the encrypted VPN traffic, and won’t know you’re on Tor network.

The major concern with Tor over VPN is that it requires you to trust your VPN provider, which can potentially see that you are using Tor. It is highly recommended to use a VPN service that does not log your activities. In order to use Tor over a VPN, you need to connect to your VPN service first, before starting the Tor browser.

Is the Tor browser fully anonymous?

A few years ago the US FBI through the assistance of some researchers from Carnegie Mellon University developed an exploit based on a Firefox (the core of Tor browser) JavaScript flaw that successfully de-anonymized some Tor users including the operators of the popular Silk Road website. Although the vulnerability that allowed those attacks has since been fixed within days of its discovery, the incident nonetheless created the fear among Tor users that it may not be 100% secure after all.

In reality, nothing is 100% secure, and Tor isn’t an exception. Just like other applications, once in a while, flaws may be discovered. But the good thing is that they usually get fixed in record time. When properly used, odds of being de-anonymized through Tor are extremely low. The best tactic of law enforcement agents to de-anonymize users appears to remain with Tor-relay adversaries running poisoned nodes, as well as counting on the users themselves using Tor browser improperly.

Notwithstanding, Tor Project has recently improved the security and privacy of the Tor application bundle to strengthen its encryption and to help techies easily build fully anonymous Darknet sites (hidden services) that only you would know about or that can only be discovered by those who know the URL.

If vulnerabilities were found in the future, the new hidden service would remain safe. Law enforcement agents wouldn’t be able to break into any site whose address it didn’t know.  However, sites with widely known addresses might still be vulnerable. If you plan to shop or do more on a Darknet marketplace, you’ll need to take the following extra security measures:

  • Never use your real name, photos, email, or even password that you have used before
  • Use anonymous encrypted email account and aliases that you have never used before and that can never be traced to you
  • Use anonymous Bitcoin wallet to make purchases
  • Disable Javascript and don’t install browser plugins, they can be manipulated into revealing your IP address.
  • Do not change the Tor browser window size to avoid browser fingerprinting
  • Don’t torrent over Tor, it’s been observed to ignore proxy settings
  • Use HTTPS versions of websites, the encryption of your traffic to the final destination depends upon on that website
  • Don’t open documents downloaded through Tor while online, this may be used to reveal your non-Tor IP address.
  • Consider using TAILS operating system (booted as a live DVD or live USB) which leaves no digital footprint on the host machine.

On a final note, Cyber Guardian encourages everyone to use the Dark Web responsibly. Offensive material can sometimes be just a click away. Browse at your own risk, and never break the law.

No comments

leave a comment

%d bloggers like this: