top of page
  • Writer's pictureCSNP

Dark Web 101

Photo from globalnews.ca

In partnership with Breezeline


We know less about the deep ocean than space, according to the National Oceanic and

Atmospheric Administration. “The Deep Sea” by Neal Fun does a great job of exploring this fact, if you want to quick, clear visual (“https://neal.fun/deep-sea/”). In the open ocean, light and heat from the sun breaches the surface waters. This is where most of us swim and fish, along with where we commonly see a variety of familiar and mostly-friendly sea creatures coming to the surface for air or food: dolphin and sea turtles, to name a few. Of course, there are also nominally unfriendly sea creatures near the surface as well. Near the surface it’s easier to tell who might be friend, and who foe.


This isn’t the case the deeper you get.


At approximately two hundred meters deep, you reach something known as “The Twilight

Zone” – here, light pierces fewer water particles and once friendly-looking sea creatures, at a distance, blend more and more into shadow. It’s not totally dark; it’s not totally light. It’s harder to stay safe at this level relying on human sight without any assistance from flashlights or other equipment: with a distinct lack of consistent sunlight, a predator could come upon you even before you saw it.


It doesn’t stop here.


Near three hundred meters, you reach the deepest a human being has ever dived; at four

hundred, the standard depth of a tuna.


But around five hundred, something interesting happens. In 1938, a South African museum curator named Marjorie Courtenay-Latimer responded to a call from local fishermen over an unusual catch, leading to the discovery of the Coelacanth. While the oldest-known fossils of a coelacanth are from approximately 400 million years ago, it was long thought

to be extinct – until this group of South African fishermen just happened to catch one, by accident, and phoned Marie, not knowing what they were looking at. Its discovery as a living species – not just a fossilized one - shifted what the scientific community thought they knew about the coelacanth and their perception of the unexplored ocean.


What else could be hiding in the deep and dark places we hadn’t been to?


As goes the ocean’s depths, such is the internet.


On the internet’s surface – well-cataloged by search engines and easily accessible to anyone

with a computer and a connection – are the digital “surface-waters” that we’re all familiar with. Common names like Google; Bing (Microsoft); Facebook; Safari (Apple). DuckDuckGo; LinkedIn; ProtonMail. But just like in the physical ocean, beneath relatively placid surface waters is a hidden, secret ecosystem.


Welcome to the deep web.


The deep web means non-indexed websites, or website that exist out of the reach of search

engines and that are not cataloged by them, so they are not openly avalaible to just anyone at any time. This includes a lot of surface-touching products that simply aren’t cataloged in a public search. When you navigate to your email provider from a search engine, and log in, you are successfully using the surface internet to navigate to the deep internet; from an indexed page anyone can access (the public login page of your email provider, for instance) to a non-indexed page only certain people can access (your inbox, which is not cataloged by search engines and not accessible to “just anyone”).


In this way the deep web is mostly made of reputable, surface-touching webpages that are

unindexed because they aren’t made for everyone. Maybe they have private information, like your email inbox. Maybe they’re proprietary. Whatever the reason, the deep web simply means the unindexed web, and whether we realized it or not, we access the unindexed web frequently. The dark web, however, while being sub-section of the deep web that is also unindexed by search engines, is exclusively built off of a private, encrypted network that requires special software to access it. Because it is encrypted and requires special software to even access its network, the dark web attracts a lot of unusual – and a lot of illegal– activity.


The network which the dark web is built on uses something known as “onion routing”. Onion

routing was initially developed in 1995 by a group of U.S. Naval Researchers (NRL) trying to find a way to use the internet as privately, securely and secretly as possible. In the surface web, both websites and connections are recorded and who sends what message is generally known by IP address – kind of like a mailing address, for your computer. In onion routing, however, connections are sent through many different encrypted servers, which largely obscures the source of a message or connection (also giving rise to the name, for its layers of redirection and encryption). This encryption makes it almost impossible to connect real-names with internet aliases, which is what draws criminal behavior to the dark web in the first place, and part of what gave the dark web its name.


But the dark web isn’t all“dark”. In the early 2000s, an MIT graduate named Roger Dingledine developed a form of encrypted onion routing called “TOR” (The Onion Routing), which relied on a decentralized network of servers in order to help make the internet free and equitable. The concept behind the TOR network was that combined with the encryption standard to onion routing, if enough people contributed their own connection (or “relay node”, as it is now called), then no one entity would be powerful enough to dictate who could say what on the internet, thus protecting basic human liberties and freedoms to people who need them.


The TOR Project and the Electronic Frontier Foundation are currently doing project-advancing work on decentralized onion-routing for the purpose of protecting basic human freedoms and providing an un-surveilled space for internet users. If you’d like to visit the TOR Project or the EFF and read more about fair and equitable internet usage, here are the links:

Protecting basic human liberties such as unencumbered free speech is one of the many positives of onion routing, and one of the reasons the dark web has survived as long as it has despite it also playing unintentional host to a criminal underworld.This, ultimately, is the danger in using an onion router and accessing the dark web even for good purposes: because nothing is indexed by search engines, and so little is able to be seen clearly from the “surface”, it is hard to control what you find – or what finds you.


One of the most notorious criminal undertakings stopped by law enforcement on the dark web was called “The Silk Road”. The Silk Road was the “dark web ebay” of illegal goods and services, and one of the criminal rings that helped define the dark web as a dangerous place for the world at large. In 2015, alleged Silk Road founder Ross Ulbricht was sentenced to life in prison. Whether or not there were co-conspirators was not discovered.


Silk Road was only one of many criminal rings, however, using the dark web as their home

base. In 2019, the “world’s largest” child sex abuse website hosted on the dark web was shut down by the FBI. Human traffickers regularly use the dark web not only to sell people inhumanely but also to find victims, which is why it is so important to not access the dark web unless you absolutely have to, and to take care to protect your surface-web-level information with app-hosted MFA, strong passwords, and etcetera. This article from TechCrunch goes into substantial detail on the operation.I highly recommend setting aside time to read the article, as the reporter had been following the story from the beginning, and writes to a dark-web-novice audience for the purpose of raising awareness and promoting internet safety – something we could all use more of: “https://techcrunch.com/2019/10/16/dark-web-hacker-group-government/”.


Another article released in the New York Post on February 23, 2023, details a successful

take down of a drug-peddling ring named “FireBunnyUSA” currently believed to have illegally laundered $7.2 million. It is being called one of the largest drug-peddling rings on the dark web of all time. Here is the link to the article via the New York Post, if you would like to read more: “https://nypost.com/2023/02/17/dark-web-drug-leaders-busted-raked-in-7-2m-in-crypto-exchanges/”.


Most of us will never be involved, thankfully, in criminal enterprise. What’s important to

understand, however, is that accessing the dark web puts you in proximity to these kinds of

operations even if your intentions behind using the dark web are positive.Unless you really need to use TOR or access the dark web, you should not, because the risks absorbed are extremely high and usually unnecessary.


If, however, you are in a situation in which you need to access the dark web via TOR, whether

because you live in an area of the world where your freedoms are unfairly restricted or perhaps because you are a researcher, there are several simple steps that will help – not guarantee,help– protect you online.


First is a preventative precaution: if you can access the dark web from a device solely for

accessing the dark web – that does not store any personal information about you or your family, your internet browsing activities, etc – that is the cleanest, most ideal means for accessing the dark web. Unless you specifically work in handling dangerous websites and software, however, you likely do not have a “clean device”, and will need to use a virtual machine.


A virtual machine simulates a second computer within your computer. VirtualBox is one such

free software. It provides a platform for you to create “virtual computers” on like Whonix, which is a computer system specifically built to mask your identity on the internet. You can access the whonix website at whonix.org, and the downloads page here: “https://www.whonix.org/wiki/Download/”. If you needed to access the dark web, downloading Whonix as a virtual machine on a free virtual machine software like VirtualBox is a must. After you are finished with your dark web session, delete the Whonix virtual machine from your VirtualBox platform, and start again. You may also want to turn on

a VPN (TOR by nature is onion-routing and provides a good deal of obfuscation regarding who you are and where you are connecting from, and Whonix comes with the TOR browser pre-installed, but some argue that a VPN on your host machine in addition to utilizing a Whonix virtual machine and using TOR adds a necessary layer of security regardless). This may seem like a lot of work, but the dark web is not like the regular internet and should not be accessed unless absolutely necessary. Even the best safety protocols are a preventative,not a guarantee.


The deepest point of the ocean –that we know of- is called “The Abyssal Zone”. In 2009

researchers from Woods Hole Oceanographic Institute completed the deepest unmanned dive at a whopping 10,902 meters. The water pressure is so crushing, at that depth, that a human being unprotected – without the correct vehicle made to withstand the pressure – would die a literal, bone- crushing death. At that depth, there is very little life, and what does live there has adapted to the immense barometric pressure, absolutely absence of all light, and little to no food. On January 23, 1960, however, many years before the Woods Hole oceanographers sent a robot into “The Challenger Deep”, Jacques Piccard and Don Walsh spent nine hours descending 10916 meters into the sea. Piccard and Walsh had prepared, trained, and equipped themselves for this history- making dive in a special submarine called the “Trieste bathyscaphe”, and we have all benefited from what they learned. They remain the record-holders, and likely will for a very long time to come. Neither diving ten-thousand meters into the ocean nor accessing the dark web is for everyone.


There are ways to make both possible, but even the safest, most helpful tools can fail –and do.The vast majority of us will never go to the bottom of the sea or the dark web, and don’t need to: the few who have and do bring their benefits to bear for the rest of humanity. If you are interested in accessing the dark web for purposes of combating criminal activity or protecting human rights, the above links from TOR and EFF are for you. For the rest of us, it’s enough to never visit the abyssal zone of the internet. There’s no telling what you might find.


Or what might find you.


About the Author: Kathryn is a transfer into the Cybersecurity industry from education. You can find out more about her here.

138 views0 comments

Commenti


bottom of page