When the German Foreign Office hosted a human rights conference several months ago, one of the invited guest organizations was the Tor Project. The Tor Project runs a secure, anonymous network and distributes free software used by dissidents and free speech activists worldwide. Activists in countries like Syria and Ethiopia use Tor regularly. The Tor Project, in fact, receives funding from the United States State Department for that very purpose.
There's a catch, however. The same secure communications Tor offers have attracted spies, criminals, and pedophiles alongside political dissidents.
Tor's network, referred to as the "underweb" in popular discussion, is a strange entity. It exists beneath the sanitized experiences of Facebook, Google, and Amazon. It exists way down deep, in a walled-off web threaded with secure communication routes and populated with political dissidents, spies, and ne'er-do-wells.
The underweb has its own dark version of Wikipedia, too, called the Hidden Wiki, which looks a lot like the Wikipedia you know, except that it's full of links to pedophile torrent directories, self-professed "hitmen," endless stolen credit card numbers, archives of bestiality pictures, and drug delivery services. The South Africa Mail & Guardian's Niren Tolsi called it a place where "you can apparently find everything you would need to take over a country or break away from an existing one to form your own." Mostly, the Hidden Wiki is a detailed-enough guide to what's known as the underweb—one of the fastest growing segments of the Internet.
Tor is an anonymous network that is accompanied by free software; the name Tor stands for "The Onion Router." Onion routers like Tor's layer encryption on top of encryption—communications are encrypted and reencrypted multiple times as they make their way from a user's computer to their final destination. To access the underweb, users must install Tor's software (see sidebar).
Communications for free speech and democracy activists are responsible for a huge chunk of underweb traffic. The Tor Project receives substantial financial contributions from the State Department, the Broadcasting Board of Governors, and the National Science Foundation; the Swedish government also helps fund Tor. Although it has only been reported anecdotally, intelligence services and law enforcement worldwide are said to rely on Tor for secure, untraceable communications.
Tor communications can be disrupted and some limited footprints of Tor activity can be traced, but both activities are a significant drain in terms of resources and finances. "Many of the traditional cybercrime forums have moved from the normal web to the deep web. The reasons are clear: It's harder to find who hosts these sites, who visits them and to take them down," says Mikko Hyponen of security firm F-Secure.
Pedophiles have flocked to the underweb to trade photos and videos. Anonymous mined the underweb to launch of its most notable guerrilla projects in 2010, Operation Darknet, which involved dumping the names of more than 1,500 users of Tor-accessible child pornography site Lolita City on the more publicly accessible Pastebin, including information about how long the users' accounts were active and how many pictures they uploaded. One of the #OpDarknet attacks was codenamed "Chris Hansen" after the former To Catch A Predator host.
Law enforcement and security representatives from financial firms, private industry, and computer security firms also regularly monitor the underweb to varying extents. When a reporter for The Verge, Adrianne Jeffries, asked a DEA spokesperson about The Silk Road, a popular illegal drug purchase-and-delivery service on the underweb, the spokesperson recognized the name immediately. The DEA allegedly monitors The Silk Road and other underweb drug-purchasing sites in conjunction with ongoing investigations. Rather than following an Amazon e-tailer model, The Silk Road is more eBay inspired and uses Bitcoin escrow transactions to connect independent sellers with buyers.
Users of The Silk Road often pay higher-than-street-value rates for illicit substances. The site has inspired a folk panic of sort, with nervous articles in many publications promoting the site's streamlined process for purchasing marijuana and LSD. In April, a similar site called The Farmer's Market was busted. Nicholas Cristin, a researcher at Carnegie Mellon University, found that Silk Road vendors made approximately $1.9 million monthly (PDF) in sales of illicit substances.
The underweb isn't the only dark corner of the Internet specializing in hosting uncomfortable content. Darknets are closed peer-to-peer networks which, although (usually) accessed by IP address, are invisible to outsiders. Users need to be aware of a darknet's existence in order to log in to them. There's also the deep web, or invisible web: publicly accessible content that isn't indexed by Google or any other major search engines. While the deep web does not contain the pirated movies, mail-order weapon depots, or other discoveries of the underweb or darknets, it does frequently contain personal information (including credit card and social security numbers) that are of interest to bad guys.
Darknets also have big ramifications for digital rights management, piracy, and other things that keep the entertainment and software industries awake at night. In November, Microsoft researchers published a paper arguing that the secure worldwide communications that darknets provide would soon make the DRM scheme used by their employer obsolete. Cyberpunks collaborating via GitHub are working on a project called Cryptosphere, which, though not running through Tor and using a differing operating philosophy, would offer similarly secure sharing of files.
Beyond credit card numbers, underweb users can also purchase stolen logins to e-commerce sites such as Amazon, Target, and Walmart with links to active credit cards. According to security researcher Brian Krebs, credentials without credit cards start at $12 while with-credit card accounts cost much more.
However, Tor has downsides for users: Besides being anonymous, the service is so slow that it can be frustrating to use. Darknets suffer from that problem much less, which makes them more appealing for content pirates. The vexing problem for law enforcement—and anyone uncomfortable with an open communications pipeline for pedophiles and credit card thieves—is that the underweb's positive aspects walk hand in hand with its negative aspects. Anonymity and secure encryption can be used by the bad guys just as easily as by free speech activists.
[Thumbnail Image: Flickr user Jeff Smallwood]
Slideshow Credits: 01 / F-Secure; 02 / F-Secure; 03 / F-Secure; 04 / F-Secure; 05 / F-Secure; 06 / F-Secure;