The Darkest Web

Uploaded on 2016-04-14 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Warning: This article covers subjects some readers may find distressing. 

The Dark Web has been covered extensively by news media since the seizure of infamous narcotics bazaar The Silk Road in 2013. This seizure combined with the Edward Snowden revelations gave the anonymity software, Tor, which is required to access the largest “Dark Web”, previously unknown popularity. 

Tor has been one of the most interesting and controversial developments of the Web over the last decade. It was first developed by the US Naval Research Laboratory to allow anonymous intelligence communications and is now run by the Tor Project (Torproject.org) “to advance human rights and freedoms”.

It is an essential tool for many of those carrying out investigations in law enforcement. It is also used by human rights activists wishing to avoid surveillance and monitoring by authorities. It is similarly used by criminals to avoid surveillance.

The Tor Dark Web is accessed by connecting to what is known as Tor Hidden Services (THS). The THS obfuscates the website’s IP address making it impossible for authorities to locate and seize the server. This technology was created by the Tor Project primarily to allow human rights activists to create websites anonymously, however, as we will see, this technology has most effectively been used by criminals to avoid the authorities.

The question is; on a balance does the THS do more to protect human rights activists, or does it just allow the worst criminals to continue their activities with impunity?

News media often cover the “exciting” topics on the Dark Web like the narcotics trading websites. Many seem to find the prevalence of these websites more entertaining than shocking. The failed wars on drugs, harm caused by outdated drugs legislation or the fact that 30% of the UK population have used illegal narcotics may be some factors here.

There are many rumours of shocking things on the Dark Web; assassination squads, to-the-death gladiator fights and others but the majority of these have been found to be just that; rumour. Sadly, the only subject not exaggerated is the child abuse content that is prevalent there.

A number of court cases have shone a light on the worst of these activities including what is known as “Hurtcore”. This is the most disturbing child abuse content involving deliberately causing pain and suffering to the victim over and above the sexual abuse taking place. This is content so disturbing even many paedophiles shun it. 22 year old Mathew Graham was convicted of running screen-shot-2015-09-10-at-8-54-44-pm“Hurt2theCore” Dark website that was reportedly getting 15,000 video downloads a day. (For more information on the case and please see allthingsvice blog. Warning: content discussed in these articles may disturb readers).

It is understandable that many news outlets would not want to cover these subjects as being far too distressing but without covering topics like this when discussing the Dark Web means it is underestimated as a force for bad in the world.

A recent study done by Dr Gareth Owen of Portsmouth University looked at traffic to the THS.  The results appear to show that 80 percent of traffic going to the THS were going to those sites hosting Child Abuse content.

These findings have been highly controversial and there has been much discussion in the Tor community about whether they are accurate or not. There are some valid points raised about particular research methods, but given the results, the study should be replicated multiple times and the findings verified.  If the results found by Dr Owen are correct and 80% of traffic to THS are in fact going to websites hosting child abuse content there needs to be an open and honest debate about how much the THS technology is helping protect human rights compared to the harm it may be doing in allowing the distribution of this content.

Here I differentiate between Tor and the Tor Hidden Services (THS). Tor is primarily used to access the surface web anonymously and there have been many documented cases of it being used effectively to protect human rights around the world . I am a supporter of the Tor as an anonymity product for these reasons, however, when it comes to the Tor Hidden Services (THS) the case for good is not so clear.

There are a large number of non-illegal websites on the THS, that range from the weird to the inane (just like the surface web); the dark website Anonymous Cat Facts comes to mind. There are also political, activist and human rights THS websites, for example Wikileaks has a THS version, though they also still have a presence on the surface web.

I have attempted to find case studies where THS have been used to protect human rights activists effectively. Due to the anonymous nature of this work publicising these stories is difficult in itself (if any reader knows of any please comment below). Sadly the Tor Project has so far not made a compelling case for THS being, on balance, a good thing for the world.

There will be people who vehemently oppose the idea of changing the way THS works or becoming involved in censorship of it in anyway. The Tor Project understandably don’t want to get drawn into a debate about censoring certain sites or making white/black lists as this would go against the whole reason THS was created. However, if the statistics above are correct stopping the distribution of child abuse content should be something everyone in the Tor Project and in government should want to work towards.

One argument is that more resources should be spent on investigating child abuse rather than stopping a service that can be used to protect human rights. It is true that in comparison to other areas of government spending like anti-terrorism or the military very little spent combating child abuse online, which should be addressed, but that does not deal with the content currently being distributed via the THS.

Another argument is that if THS were removed the paedophiles would move to another Dark Web service (like I2P or Freenet) and while it is true that some would, crime prevention techniques have shown time and time again if you make crime harder to achieve a percentage of the criminals will actually stop doing it. The ease at which this content can be accessed using Tor and THS means the technological barrier to entry is non-existent.

This is a contentious topic in the Tor community and the very idea of changing or discontinuing the THS is thought as bowing to some form of government censorship. However, if the findings discussed above are accurate (and as mentioned they need to be verified) a reasoned debate about the actual pros and cons of the THS needs to be had by all those involved.

Max Vetter: 

« WhatsApp Implements Encryption
Taliban App Removed From Google Store »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

SecPoint

SecPoint

SecPoint provides products to secure & protect your network from remote and local attacks.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Data Security Council of India (DSCI)

Data Security Council of India (DSCI)

DSCI is a premier industry body on cyber security and data protection in India, committed to making the cyberspace safe, secure and trusted.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

FirstPoint

FirstPoint

FirstPoint has developed the market’s most advanced solution for securing cellular devices, including mobile phones and IoT products, by blocking malicious data leakage.

Healthcare Fraud Shield (HCFS)

Healthcare Fraud Shield (HCFS)

The focus of Healthcare Fraud Shield is solely on healthcare fraud prevention and payment integrity with a successful approach based on many unique advantages we deliver to our clients.

Tactical Network Systems (TNS)

Tactical Network Systems (TNS)

Tactical Network Solutions helps you discover hidden attack vectors in IoT and connected devices before someone else does.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

MalwareFox

MalwareFox

MalwareFox is an advanced, yet simple-to-use anti-malware solution for Windows computers. We provide aggressive detection capabilities and an effective malware removal tool to keep your systems safe.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.