British Prime Minister David Cameron announced a new police/intelligence agency on December 10, 2014, to monitor the “Dark Web,” as reported by The Independent. According to Cameron, “The dark net is the next side of the problem, where pedophiles and perverts are sharing images, not using the normal parts of the Internet we all use.”
Independent web consultant Mark Stockley concurs, claiming in Naked Security that the dark web “attracts people who want to engage in things like robbery, sex trafficking, arms trafficking, terrorism and distributing child pornography.” In the International Business Times, writers Charles Paladin and Jeff Stone claim electronic goods, contract killers, guns, passports, fake IDs, and hackers for hire are readily available on the dark web, in addition to illegal drugs and child pornography.
For most of the general public, the 2013 arrest of Ross Ulbright – known online as the “Dread Pirate Roberts” and the founder of a dark website, Silk Road – was the first evidence of a hidden, anonymous web. Silk Road was one of many websites outside the search capability of ordinary web browsers such as FireFox, Safari, and Internet Explorer. While the majority of products sold on Silk Road were illegal drugs, the success of the site led to other dark websites such as Sheep Marketplace and Black Market Reloaded with minimal restrictions on the products and services for sale.
As a consequence of the lack of regulation, David J. Hickton, United States Attorney for the Western District of Pennsylvania, called the dark web the “Wild West of the Internet” in a Rolling Stone interview. IBM’s Managed Security Services Threat Research group calls the hidden web a marketplace for drugs, weapons, stolen data and “anything else a criminal entrepreneur might need or want to sell,” and advises its customers that the dark web “is not a neighborhood you visit for any legitimate reason.”
While the terms “Internet” and “World Wide Web” are often used interchangeably, they are not the same. The former refers to a massive network of networks, linking millions of computers globally where any computer can communicate with another as long as each is connected to the Internet. The World Wide Web is an information sharing model built on top of the Internet that uses the HTTP protocol, browsers such as Chrome or Firefox, and webpages to share information. The web is a large part of the Internet, but not its only component – for example, email and instant messaging are not part of the web, but are part of the Internet.
Some analysts have likened the web to the ocean, a vast territory of unknown and inaccessible locations to the average web user. Like the ocean, much of the web is “invisible” to the typical user relying on traditional search engines.
The Surface Web
According to PC Magazine, the surface web is that portion of the web available to the general public, complete with links for indexing by a search engine. BrightPlanet, a web intelligence service, defines the surface web as containing only sites that can be indexed and searched by popular search engines such as Google, Bing, and Yahoo.
Sometimes called the “visible web,” the surface web consists of sites whose domain names end in .com, .org, .net, or similar variations. The content of these sites does not require any special configuration to access.
This portion of the web is most familiar to the typical user and it continually expands:
- 4.62 billion pages indexed by Google as of May 2016, according to WorldWideWebSize
- Almost 148 million domains or unique websites, as estimated by DomainTools
- More than 3.5 billion Google searches covering more than 20 billion sites every day, as reported by Internet Live Stats
Despite its size, the surface web is estimated to contain less than 5% of the complete information on the Internet. According to CNNMoney, the average web surfer just floats on the top of a vast information ocean containing tens of trillions of inaccessible, unindexed web pages including everything from “boring statistics to human body parts for sale.”
The Deep Web
The vast proportion of the web known as the deep web – sometimes called the “invisible” or “hidden” web – refers to all of the digital content that cannot be found with a search engine. It includes email in a Gmail account, online bank statements, office intranets, direct messages through Twitter, and photos uploaded to Facebook marked “private.” Governments, researchers, and corporations store masses of raw data inaccessible to the general public. This content is stored on dynamic web pages (built on the fly based upon query information) and blocked, unlinked private sites. According to Trend Micro, a significant portion of the deep web is dedicated to “personal or political blogs, news sites, discussion forums, religious sites, and even radio stations.”
An article in the Journal of Electronic Publishing estimates that as of 2001, the deep web contained nearly 550 billion individual documents compared to one billion on the surface web. While hidden from conventional search engines, an estimated 95% of the content on the deep web is accessible to the general public, albeit using such customized tools as BrightPlanet’s “direct query engine.”
People regularly use deep web content without realizing it. Much of the information a user finds on the deep web is dynamically produced via a site they access on the surface web, and is a unique page that is seen only by the requesting user.
For example, travel sites such as Hotwire and Expedia provide software that allows a searcher to directly access airline and hotel databases through a query in a search box, such as the name of a destination. The content on most government databases – the U.S. Census Bureau and Internal Revenue Service, for example – is reached similarly through a specialized search.
The Dark Web
Every device connected to the Internet has a unique Internet protocol (IP) address. While a person’s name and physical address can be obtained through an Internet service provider with legal permission, the IP alone enables anyone to identify the location of the connected computer. As a consequence, it is relatively easy for an interested party to locate a specific Internet user.
The desire for anonymity – especially by governments seeking to protect sensitive intelligence information and networks – led to the development of The Onion Router (Tor) by United States Naval Research Laboratory employees. The name was derived from the many layers you have to peel back to find the real identity of the user.
Tor, released free to the public in 2004, provides privacy by encrypting and directing Internet traffic through a series of “virtual tunnels,” distributing transactions over multiple random computers on the Internet, so no single computer links a user to that user’s base or destination. Unlike the visible web where domain names end in .com, .org, .net, or similar variations, Tor sites end in .onion and can only be opened with Tor software.
Tor also uses hidden servers accessible only by another Tor address to further complicate identification. According to the Tor website, the network is an “effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content.”
According to Cryptorials, other free anonymous, peer-to-peer networks with layered encryption include I2P (Invisible Internet Project), Freenet, GNUNet, FAI (Free Anonymous Internet), and ZeroNet. The use of such networks to access the Internet created the “dark web,” the portion of the web that is not indexed and whose content is protected by firewalls, hidden IP addresses, and layers of encryption.
Dark Web Users
Recognizing the benefits of online anonymity, criminals and terrorists, as well as political libertarians, quickly exploited the new software. Additional users include the following:
- Freedom Fighters Resisting an Oppressive Regime. Many credit Tor as a critical component in the 2010/2011 Arab Spring. People in China and Russia use it to get around those countries’ “Great Firewall” that blocks foreign websites. Dr. Ian Watson, professor of information and communications law at London’s Queen Mary University, cautions in Motherboard that a visitor to the dark web must remember “Your terrorists are our freedom fighters.” It is not surprising that ISIS uses the dark web to promote its views, as reported by SITE.
- Whistleblowers Subject to Retaliation. According to Wired, The New Yorker ran a dark website – Strongbox – so whistleblowers could securely leave documents or messages. Dead Man Zero offers potential whistleblowers a system that can automatically publish and deliver their secrets if they are injured, die, or get jailed. If the user does not regularly log into the site at predetermined intervals, the information is automatically released to a set of email addresses and publications established by the user.
- Victims of Abuse and Discrimination. The anonymity of the dark web allows individuals to share their personal stories and console their peers without fear that their privacy is going to be violated. Sites exist for rape victims, trans people, and other persecuted minorities, whether religious, political, or cultural.
- Corporations and Governments. The dark web is a relatively safe place to keep and limit access to sensitive information, whether company records or political intelligence. Law enforcement uses the dark web to hide its identity while visiting websites and to create fake sites to bait wrongdoers.
As a matter of principle, many Internet users resent corporations accessing personal information from their online activities. Furthermore, many people resent government agencies, such as the National Security Agency, collecting data from personal phone calls, emails, and messaging. According to Peter Yeung, a writer for Motherboard, the dark web offers idealism, lightheartedness, and community as well as the illegal, immoral, and grotesque.
A 2016 report by Intelliagg and its U.S. Counterpart, DARKSUM, suggested that the dark web is much smaller than initially thought – an estimated 30,000 sites – and that half of the content available is legal under U.S. or U.K. law. However, the illegal content within the dark web includes a full range of criminal activity, ranging from pornography to the retailing of drugs, weapons, and violence. Due to the anonymity of visitors, it is impossible to determine the number of users who access sites in the dark net, whether legal or illegal.
Cautions in Accessing the Dark Web
For the average Internet user, the dark web can be a dangerous place. Browsing its hidden sites without precautions might be compared to trying to get safely through a village infected by Ebola. Anonymity frequently encourages illicit activities including the sale of drugs, weapons, fake IDs and passports, and stolen electronics. Websites on the dark web advertise services of hackers, counterfeiters, and hitmen.
At the same time, many of the websites in the dark web are fakes to attract vulnerable victims or established by law enforcement to identify and track actual and potential criminal activity. Since anonymity exists on both sides, users can never be 100% sure of the intentions of those with whom they interact.
The possibility of users infecting their computers with malware – software that targets a computer with malicious intent – when visiting the dark web is high unless precautions are taken. According to a Motherboard article, casual visitors to a dark web site can unknowingly expose their computers to the following programs:
- Vawtrack: Designed to gain access to victims’ financial accounts
- Skynet: Used to steal bitcoins or engage in DDoS (distributed denial of service) attacks on other websites using the victim’s computer
- Nionspy: Can capture keystrokes, steal documents, and record audio and video using the infected computer
In addition to the dangers of malware, a dark web visitor to politically oriented sites should be concerned about attracting the attention of government authorities and becoming the subject of unwanted official surveillance. In Rolling Stone, Jeremy Gillula, a staff technologist with the Electronic Frontier Foundation (EFF), claims, “There are countries where browsing a political website about democracy can get you thrown in jail. That’s the most life-and-death reason why Tor needs to exist.” Visitors to Tor websites dealing with illegal goods or promoting dissident political views in the eyes of government should be aware that dark websites are regularly penetrated and taken down by cyber-police and their owners and visitors exposed, including at least three versions of Silk Road.
Software tools to make the dark web more transparent are constantly evolving, as is the software criminals use to hide their activity. Government agencies and law enforcement can now use Memex, a recently developed search engine developed by DARPA and designed specifically for the dark web, to find sites and store data that can be analyzed later. Law enforcement credits the software for the exposure and prosecution of human trafficking rings in the U.S. and abroad, according to Scientific American.
Best Practices to Browse the Net
Many web professionals claim the surface net – that portion of the Internet most users visit – is not unlike the dark web, and contains many of the same dangers. There are thousands of sites devoted to violent and racist causes. Advertisers collect and sell personal data, as well as your growing history. Malicious software is as likely to arise from a public website as a website on the dark web, while governments around the world currently monitor Internet traffic and messages.
As a consequence, many Internet professionals recommend that web visitors on all levels of the Internet implement the following practices:
- Exercise Common Sense. If something seems too good to be true, it probably is. If someone is being unusually friendly, ask yourself why. Be aware of the possible consequences of a web interaction and trust your instincts.
- Protect Your Identity. Create a throwaway email address. Don’t use a username you’ve used with any website before in your email address. Never use your real name or provide personal data unless you are dealing with a trusted site that uses encryption. Do not use the same password for every online account.
- Avoid Use of Personal Credit Cards. Rather than using a credit card that can be traced directly to you and make your financial information visible, use prepaid, single use cards for Internet purchases. If a using a credit card is necessary, be sure the website is secure by checking the web address. The address should begin with “https://,” rather than “http://.” The “s” on the former stands for “secure socket layer,” and it means that sent and received data is encrypted.
- Monitor Your Financial Accounts With Online Alerts. Most banks and credit card companies allow you to set up alerts anytime you receive money, make a charge, or take money from your account.
- Do Not Download or Open Files Online, Especially From the Dark Net. If you must download something, scan it with antivirus software (or at least a free service like VirusTotal) before opening to detect viruses, worms, trojans, and other malware. Do not click on suspicious links, especially anything that advertises illegal activities.
- Keep Your Web Browser Up-to-Date. Configure your browser for better security – the default configuration is not set up for the best security. For example, set your security level to “High” even though this disables some features such as ActiveX and Java (notable for their security breaches). Understand and modify your browser settings to your specifications for maximum protection.
Writers often portray the dark net as a hidden network that exists solely to service its visitors’ most prurient desires. Fortune recently claimed that “the things you can buy on the dark web are terrifying.” As reported by Government Technology, acting U.S. Attorney for North Dakota Chris Myers claims the dark web makes his [law enforcement] job much more difficult because one could buy everything “from tigers to hand grenades to controlled substances” with anonymity.
At the same time, proponents of privacy on the Internet assert the dark web is essential to freedom and liberty, often citing examples of those who live under authoritarian government systems. Freedom From Fear Magazine claims that the dark net, specifically Tor sites, is essential for foreign government dissidents. The magazine claims there are more than 40,000 users in Iran and 15,000 in Syria, and that use exploded in Turkey when the government blocked Twitter and YouTube.
Freedom of speech is protected by the First Amendment to the United States Constitution. While there are limitations to some forms and channels of free speech, the Supreme Court extended the full protection of the amendment to the Internet in its Reno v. American Civil Liberties Union decision in 1997. As a consequence, it is likely that the dark web will continue its schizophrenic existence with hidden sites to protect our liberties, as well as serve our most base instincts. What is certain is that any visitors to the dark web should be informed and cautious.
Have you visited the dark web?