The Darkest Web

Warning: This article covers subjects some readers may find distressing. 

The Dark Web has been covered extensively by news media since the seizure of infamous narcotics bazaar The Silk Road in 2013. This seizure combined with the Edward Snowden revelations gave the anonymity software, Tor, which is required to access the largest “Dark Web”, previously unknown popularity. 

Tor has been one of the most interesting and controversial developments of the Web over the last decade. It was first developed by the US Naval Research Laboratory to allow anonymous intelligence communications and is now run by the Tor Project (Torproject.org) “to advance human rights and freedoms”.

It is an essential tool for many of those carrying out investigations in law enforcement. It is also used by human rights activists wishing to avoid surveillance and monitoring by authorities. It is similarly used by criminals to avoid surveillance.

The Tor Dark Web is accessed by connecting to what is known as Tor Hidden Services (THS). The THS obfuscates the website’s IP address making it impossible for authorities to locate and seize the server. This technology was created by the Tor Project primarily to allow human rights activists to create websites anonymously, however, as we will see, this technology has most effectively been used by criminals to avoid the authorities.

The question is; on a balance does the THS do more to protect human rights activists, or does it just allow the worst criminals to continue their activities with impunity?

News media often cover the “exciting” topics on the Dark Web like the narcotics trading websites. Many seem to find the prevalence of these websites more entertaining than shocking. The failed wars on drugs, harm caused by outdated drugs legislation or the fact that 30% of the UK population have used illegal narcotics may be some factors here.

There are many rumours of shocking things on the Dark Web; assassination squads, to-the-death gladiator fights and others but the majority of these have been found to be just that; rumour. Sadly, the only subject not exaggerated is the child abuse content that is prevalent there.

A number of court cases have shone a light on the worst of these activities including what is known as “Hurtcore”. This is the most disturbing child abuse content involving deliberately causing pain and suffering to the victim over and above the sexual abuse taking place. This is content so disturbing even many paedophiles shun it. 22 year old Mathew Graham was convicted of running screen-shot-2015-09-10-at-8-54-44-pm“Hurt2theCore” Dark website that was reportedly getting 15,000 video downloads a day. (For more information on the case and please see allthingsvice blog. Warning: content discussed in these articles may disturb readers).

It is understandable that many news outlets would not want to cover these subjects as being far too distressing but without covering topics like this when discussing the Dark Web means it is underestimated as a force for bad in the world.

A recent study done by Dr Gareth Owen of Portsmouth University looked at traffic to the THS.  The results appear to show that 80 percent of traffic going to the THS were going to those sites hosting Child Abuse content.

These findings have been highly controversial and there has been much discussion in the Tor community about whether they are accurate or not. There are some valid points raised about particular research methods, but given the results, the study should be replicated multiple times and the findings verified.  If the results found by Dr Owen are correct and 80% of traffic to THS are in fact going to websites hosting child abuse content there needs to be an open and honest debate about how much the THS technology is helping protect human rights compared to the harm it may be doing in allowing the distribution of this content.

Here I differentiate between Tor and the Tor Hidden Services (THS). Tor is primarily used to access the surface web anonymously and there have been many documented cases of it being used effectively to protect human rights around the world . I am a supporter of the Tor as an anonymity product for these reasons, however, when it comes to the Tor Hidden Services (THS) the case for good is not so clear.

There are a large number of non-illegal websites on the THS, that range from the weird to the inane (just like the surface web); the dark website Anonymous Cat Facts comes to mind. There are also political, activist and human rights THS websites, for example Wikileaks has a THS version, though they also still have a presence on the surface web.

I have attempted to find case studies where THS have been used to protect human rights activists effectively. Due to the anonymous nature of this work publicising these stories is difficult in itself (if any reader knows of any please comment below). Sadly the Tor Project has so far not made a compelling case for THS being, on balance, a good thing for the world.

There will be people who vehemently oppose the idea of changing the way THS works or becoming involved in censorship of it in anyway. The Tor Project understandably don’t want to get drawn into a debate about censoring certain sites or making white/black lists as this would go against the whole reason THS was created. However, if the statistics above are correct stopping the distribution of child abuse content should be something everyone in the Tor Project and in government should want to work towards.

One argument is that more resources should be spent on investigating child abuse rather than stopping a service that can be used to protect human rights. It is true that in comparison to other areas of government spending like anti-terrorism or the military very little spent combating child abuse online, which should be addressed, but that does not deal with the content currently being distributed via the THS.

Another argument is that if THS were removed the paedophiles would move to another Dark Web service (like I2P or Freenet) and while it is true that some would, crime prevention techniques have shown time and time again if you make crime harder to achieve a percentage of the criminals will actually stop doing it. The ease at which this content can be accessed using Tor and THS means the technological barrier to entry is non-existent.

This is a contentious topic in the Tor community and the very idea of changing or discontinuing the THS is thought as bowing to some form of government censorship. However, if the findings discussed above are accurate (and as mentioned they need to be verified) a reasoned debate about the actual pros and cons of the THS needs to be had by all those involved.

Max Vetter: 

« WhatsApp Implements Encryption
Taliban App Removed From Google Store »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

EY Advisory

EY Advisory

EY is a multinational professional services firm headquartered in the UK. EY Advisory service areas include Cybersecurity.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

Crayon

Crayon

Crayon is a customer-centric innovation and IT services company. We provide guidance on the best solutions for our clients’ business needs and budget with software, cloud, AI and big data.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.

Boo Consulting

Boo Consulting

Boo Consulting is a trusted privacy and risk consultancy firm. We are driven to help you find an appropriate solution that will suit your budget and requirements.

CYSEC Global

CYSEC Global

CYSEC Global is a series of summits dedicated to tackle regional cyber security challenges.