Demystifying the dark web

May 2017

Dark cobwebsThe dark web is like the streets at night, even if it is perfectly safe, you are unlikely to feel very safe walking down them, and will not unless you really have to! Christopher East MBCS reports.

As you read on, we’ll explore how the ‘dark web’ works, how big it is (and it is huge) and how most of it is relatively benign, but has gained notoriety because of a few places where illegal goods and services are sold to anyone willing to pay the price - and to take the risk.

What is the ‘dark web’?

Read the term dark web and most people’s minds leap immediately to the stuff of lurid headlines. The media often portrays the dark web as a den of vice and iniquity - a place where you can buy guns and drugs as readily as soap in your supermarket. And sure, there is criminality on the dark web. But this isn’t the whole story by any means.

The dark web also goes by another, much less dramatic name: the deep web. The deep web is probably a more correct term because it conveys the idea that the internet is like an iceberg.

A small amount of the iceberg (around four per cent in this case) is above the waterline, and this, for our purposes, is the ‘normal web’ - the parts you can see via a search engine, and that search engines can index.

However, a clear majority of our iceberg is below the waterline. These are the things which a search engine cannot see. Think of the servers your email, instant messages, and other non-web page data travels through.

These repositories do, however, make up a part of the dark or deep web. Far from being frightening and dangerous though, these are generally very safe places. You should, however, be aware that your daily life frequently involves the dark web in some way.

A route to the dark web

The dark web is generally considered to be a group of websites which exist on a special type of network that cannot be seen by the ‘normal web’. They are powered by places like ‘The Onion Router (TOR)’ (torproject.org),’I2P’ (geti2p.net), and ‘Freenet’ (freenetproject.org), all of which offer specialist pieces of software which allow you to access the websites on the dark web.

Once you have one of these pieces of software installed, you can potentially access any of the websites on the dark web which comply with your software’s protocols. It is worth noting though - often the most nefarious and notorious dark web sites also require passwords and access is by invitation only.

How does the dark web work?

Each web address or website on the dark web represents a starting point, or node, which allows the connection to reach the server the website is actually stored on.

These starting points, or nodes, provide access to a network, connected in a way to protect the identity of the person or people who run the websites which make up the dark web. All of these connections are encrypted, and it is almost impossible to block access to these networks.

These connections and the encryption which makes them up, makes remaining anonymous very easy on these websites. Anonymity isn’t, however, complete and absolute, it should be noted.

This high level of anonymity is, of course, why the dark web and its supported sites have become a haven for criminals. Almost all of the servers on the dark web are set not to store logs or any information which could possibly reveal who you are.

The ISP you are using to connect to the internet will be able to monitor your activity however. But because of the encryption used throughout the dark web, they will not know what you are doing or the content of the pages you are visiting.

All this encryption and the necessary routing does have one downside that becomes immediately obvious: surfing the dark web can be very slow. All that anonymity comes at a price.

What can you find on the dark web?

You can find a lot of different things on the dark web, however you can only access a very small percentage of them using the encrypted networks. It is worth noting that many criminals, hackers and undesirable people have made the dark web their home.

Again, because of the desire for anonymity, the dark web ecommerce sites tend not to take credit cards. These are eminently traceable. Rather Bitcoin - and other crypto-currencies - are taken. These, in themselves, are generally safe enough. The problem is, should you decide to go shopping on the dark web, you’ll soon discover that laissez-faire is king on the black market.

You can find versions of websites such as Facebook, Wikileaks, Twitter, and many other popular websites, all of which are designed specifically within their ‘dark web’ counterparts, to facilitate anonymous access.

A rough guide to the dark web

In addition to copies of popular websites, you will also come across:

  • Forums - discussion forums are a way for criminals and other people alike to communicate and share information with each other. Many criminal conspiracies are no-doubt planned and carried out because of conversations which take place on the dark web forums.
  • Software downloads and serial key sharing - downloading illegal software, and sharing serial keys is commonplace throughout the dark web, allowing some people to gain access to thousands of pounds worth of software for nothing.
  • Hackers - the dark web is a marketplace for hackers to buy and sell their services, as well as to talk. They communicate with people who want to buy their services, commonly via forums.
  • Illegal items of all types - that marketplace extends to illegal items, with everything from hitmen to drugs to counterfeit currency being available to buy from many of the ever growing list of marketplaces available on the dark web.
  • Whistle-blowing platforms - Many people use the dark web for good. The anonymous nature of the dark web allows those who want to report problems with their governments or companies to do it freely and expose corruption or fraud whenever it exists. Because this is all conducted anonymously, it is never traced back to the person who reported it; ideal for whistle-blowing.
An overview of The Onion Routing (TOR)

Onion routing is a multi-layer encryption and communication technique. It works by using multiple layers, like an onion, hence its name, which allow each device it passes through to know the next device and the previous device, but not the origin device or the destination device.

Each device the packets of data pass through decrypt their layer of the onion, before passing it onto the next device in the sequence. The details for where the next device is are stored in the encrypted data the current device decrypts.

It knows where the packets of data have come from, and it knows to where it is sending those packets of data, but it does not know where the packets of data originated, or where they will ultimately end up. This is the basic principle of onion routing.

Typically, when you send data packets across the internet, or a network, a log is kept of where they go, how big they are, and where they end up.

Using the principles of onion routing, you can make it very much more difficult for people to know who you were communicating with, along with what you were saying.

This makes the packets of data you are sending almost completely impossible to trace without either the start or end of the network giving you more information about the packet than would normally happen, for example, when the end device tells you all of the information within the packet because it has been compromised using malware or a virus.

 

Image: iStock.com/mdegrood

Comments (6)

Leave Comment
  • 1
    Kevin OConnor wrote on 24th May 2017

    Excellent Blog......Perhaps this could be taken further.
    How about some lectures around this. I would certainly attend.

    Report Comment

  • 2
    Mike Jackson wrote on 24th May 2017

    The wikipedia entry for the deep web https://en.wikipedia.org/wiki/Deep_web says in its first paragraph "Not to be confused with the dark web". For once I agree with Wikipedia. The Deep Web is a term that traditionally has been used to describe parts of the Web not accessed by search engines. The Dark Web has traditionally been used to describe sites only accessible via darknets. The Dark Web is therefore a subset of the Deep Web.

    Report Comment

  • 3
    Waleed Virk wrote on 30th May 2017

    Great Article. I know only about the onion router before reading this. The other two mentioned platforms are really useful info to access deep web.

    Report Comment

  • 4
    David Scheppers wrote on 2nd Jun 2017

    Interesting article, and although you mention that the dark/deep web is used for many things other than criminal activities, the article does seem to dwell and repeatedly labour the point that criminals and hackers use the dark web.

    Rating a very brief mention (right at the end) are whistle-blowers, and not mentioned at all is the anonymity afforded to journalists and political dissidents that also use the deep web as a tool for sharing information.

    Otherwise an interesting and informative read, thx.

    Report Comment

  • 5
    JoolsJack wrote on 2nd Jun 2017

    Very interesting article - Deep in fact. Does this mean that average Jo/sephine is limited to just the information that Google et al deems it possible for us to see? How much more information is out there at we can access? Fascinating! J

    Report Comment

  • 6
    Stuart Beaker wrote on 5th Jun 2017

    Remember when it was all dark - before Google and the rest decided they should be the gateway to it. It seemed a lot lighter then, to me, despite not having the assistance of security-barriers straddling its entrances. Or maybe I'm just old-fashioned and out-of-touch?

    Report Comment

Post a comment

Blueprint for Cyber Security

Our vision is a world properly protected from cyber threat. This blueprint sets out how we can deliver that solution, starting in health and care.