- Security TWENTY
- Women in Security
The dark web is shrouded in mystery, and quite rightly so. Created by the US Navy to offer more anonymity to users than the surface web, the term dark web is usually used inter-changeably with Tor (The Onion Router) and it has become synonymous with the digital criminal underworld, where anything is sold from weapons, to drugs, to stolen credit card information, writes Chad Anderson, Senior Security Researcher at DomainTools, the cyber threat intelligence and investigation platform.
All of this is, of course, true. But there are several enduring misconceptions about what the dark web is, how it works, and which are the threats and the trends that we should be worrying about. Here’s a rundown of the most common myths surrounding the anonymity network:
1. Deep web = dark web
Deep web and dark web are often erroneously used interchangeably. The deep web is simply the portion of internet content that, by virtue of not being indexed, is not searchable with regular search engines. This includes internal enterprise networks, password protected personal accounts and access-controlled databases. It is far less exciting than the dark web, which is also not accessible from regular search engines, but is purposely hidden as an anonymity layer on top of the regular Internet.
2. The dark web is only for criminal activity
Contrary to how it is portrayed in the mainstream media, the dark web is not solely dedicated to criminal or illicit activity. There is, however, a basis of truth: around 50pc of .onion websites – Tor’s URL suffix that signifies a Tor hidden service – are in some way linked to illicit goods and services.
An idea for a secret network inaccessible to regular users was first conceived in the 1990s to provide US operatives with a secure and untraceable channel of communication. When the project was abandoned, researchers saw the potential for a completely anonymous network to grant freedom of speech and secure communications to political dissidents in oppressive regimes, human rights and privacy activists.
Notoriously, WikiLeaks hosts a Tor hidden service where whistleblowers can make anonymous submissions. But even the New York Times, Facebook, and the CIA have their own Tor hidden services. Recently, even the BBC has launched its dark web version, which makes the website available even in regions where strict censorship is in place.
3. The dark web is immense
The dark web is often compared to the bottom of an iceberg, with the surface internet being the tip that we can all see. This is factually incorrect, as the number of websites hosted on the dark web is much, much smaller than those on the surface web, with less than 200,000 unique .onion addresses as of June 2020. By contrast, the surface web contains more than a billion sites. It is the deep web, however, that would be best compared to the bottom of an iceberg. Anything that is online but is not publicly accessible sits there, hidden from public view.
4. The dark web offers complete anonymity
The way in which Tor obfuscates a person’s identity is by directing encrypted network traffic through a series of other users’ nodes — like layers of an onion — then out what is called an exit node. Theoretically, users accessing Tor with a VPN could mask their origin IP address when entering the Tor network, but even still there are techniques for unmasking a user’s origin and this should be considered only an additional layer of anonymity, but not a silver bullet. Additionally, Tor suffers from the problem that users can be de-anonymized if a single entity controls enough of the nodes or layers on the network that users send their traffic through. Determined government agencies with enough resources could flood the network with their own nodes and theoretically unmask users traveling through their majority of nodes.
5. Tor is the only dark web service
While Tor has become synonymous with the dark web, there are other services that exist as additional layers of anonymized traffic on top of the regular Internet. Freenet, for one, was invented as a censorship-resistant publishing platform and uses peer-to-peer communications and a distributed data store to store the network’s resources and make it browseable. Another, I2P, made famous for its reference in the Netflix show “House of Cards” is another anonymity network that falls under the dark web definition. On top of that, programmers have built other specific tools like OpenBazaar, a decentralized marketplace much like Tor’s famous Silk Road that is unable to be taken down by police due to its design.