Surfing Safely on the Dark Web
March 29, 2016
The folks at Alphr want us to be safe if we venture onto the Dark Web, so they offer guidance in their article, “Is the Dark Web Safe?” The short answer, of course, is “parts of it.” Writer Thomas McMullan notes that, while the very act of accessing hidden sites through Tor is completely legal, it is easy to wander into illegal territory. He writes:
“‘Safe’ is a bit of a vague term. There is much of worth to be found on the dark web, but by its nature it is not as safe as the surface-level internet. You can only access pages by having a direct link (normally with a .onion suffix) and while that makes it harder to accidentally stumble across illegal content, you’re only a click away from some pretty horrible stuff. What’s more, the government is cracking down on illegal material on the dark web. In November 2015, it was announced that GCHQ and the National Crime Agency (NCA) would be joining forces to tackle serious crimes and child pornography on the dark web. Director of GCHQ Robert Hannigan said that the new Joint Operations Cell (JOC) will be ‘committed to ensuring no part of the internet, including the dark web, can be used with impunity by criminals to conduct their illegal acts’.”
The article goes on to note that plugins which can present a false IP address, like Ghostery, exist. However, McMullan advises that it is best to stay away from anything that seems questionable. You have been warned.
Cynthia Murrell, March 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Reputable News Site Now on the Dark Web
March 28, 2016
Does the presence of a major news site lend an air of legitimacy to the Dark Web? Wired announces, “ProPublica Launches the Dark Web’s First Major News Site.” Reporter Andy Greenberg tells us that ProPublica recently introduced a version of their site running on the Tor network. To understand why anyone would need such a high level of privacy just to read the news, imagine living under a censorship-happy government; ProPublica was inspired to launch the site while working on a report about Chinese online censorship.
Why not just navigate to ProPublica’s site through Tor? Greenberg explains the danger of malicious exit nodes:
“Of course, any privacy-conscious user can achieve a very similar level of anonymity by simply visiting ProPublica’s regular site through their Tor Browser. But as Tigas points out, that approach does leave the reader open to the risk of a malicious ‘exit node,’ the computer in Tor’s network of volunteer proxies that makes the final connection to the destination site. If the anonymous user connects to a part of ProPublica that isn’t SSL-encrypted—most of the site runs SSL, but not yet every page—then the malicious relay could read what the user is viewing. Or even on SSL-encrypted pages, the exit node could simply see that the user was visiting ProPublica. When a Tor user visits ProPublica’s Tor hidden service, by contrast—and the hidden service can only be accessed when the visitor runs Tor—the traffic stays under the cloak of Tor’s anonymity all the way to ProPublica’s server.”
The article does acknowledge that Deep Dot Web has been serving up news on the Dark Web for some time now. However, some believe this move from a reputable publisher is a game changer. ProPublica developer Mike Tigas stated:
“Personally I hope other people see that there are uses for hidden services that aren’t just hosting illegal sites. Having good examples of sites like ProPublica and Securedrop using hidden services shows that these things aren’t just for criminals.”
Will law-abiding, but privacy-loving, citizens soon flood the shadowy landscape of the Dark Web.
Cynthia Murrell, March 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bigger Picture Regarding Illegal Content Needed
March 25, 2016
Every once in awhile an article on the Dark Web comes along that takes a step back from the latest action on Tor and offers a deep-dive on the topic at large. Delving into the World of the Dark Web was recently published on Raconteur, for example. In this article, we learned the definition of darknets: networks only accessible through particular software, such as Tor, and trusted peer authorization. The article continues,
“The best known, and by far the most popular, darknet is the Onion Router (Tor), which was created by the US Naval Research Labs in the 90s as an enabler of secure communication and funded by the US Department of Defense. To navigate it you use the Tor browser, similar to Google Chrome or Internet Explorer apart from keeping the identity of the person doing the browsing a secret. Importantly, this secrecy also applies to what the user is looking at. It is because servers hosting websites on the Tor network, denoted by their .onion (dot onion) designation, are able to mask their location.”
Today, the Dark Web is publicly available to be used anonymously by anyone with darknet software and home to a fair amount of criminal activity. Researchers at King’s College London scraped the .onion sites and results suggested about 57 percent of Tor sites host illegal content. We wonder about the larger context; for example, what percent of sites viewed on mainstream internet browsers host illegal content?
Megan Feil, March 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Dark Web Cuts the Violence
March 23, 2016
Drug dealing is a shady business that takes place in a nefarious underground and runs discreetly under our noses. Along with drug dealing comes a variety of violence involving guns, criminal offenses, and often death. Countless people have lost their lives related to drug dealing, and that does not even include the people who overdosed. Would you believe that the drug dealing violence is being curbed by the Dark Web? TechDirt reveals, “How The Dark Net Is Making Drug Purchases Safer By Eliminating Associated Violence And Improving Quality.”
The Dark Web is the Internet’s underbelly, where stolen information and sex trafficking victims are sold, terrorists mingle, and, of course, drugs are peddled. Who would have thought that the Dark Web would actually provide a beneficial service to society by sending drug dealers online and taking them off the streets? With the drug dealers goes the associated violence. There also appears to be a system of checks and balances, where drug users can leave feedback a la eBay. It pushes the drug quality up as well, but is that a good or bad thing?
“The new report comes from the European Monitoring Centre for Drugs and Drug Addiction, which is funded by the European Union, and, as usual, is accompanied by an official comment from the relevant EU commissioner. Unfortunately, Dimitris Avramopoulos, the European Commissioner for Migration, Home Affairs and Citizenship, trots out the usual unthinking reaction to drug sales that has made the long-running and totally futile “war on drugs” one of the most destructive and counterproductive policies ever devised:
‘We should stop the abuse of the Internet by those wanting to turn it into a drug market. Technology is offering fresh opportunities for law enforcement to tackle online drug markets and reduce threats to public health. Let us seize these opportunities to attack the problem head-on and reduce drug supply online.’”
The war on drugs is a futile fight, but illegal substances do not benefit anyone. While it is a boon to society for the crime to be taken off the streets, take into consideration that the Dark Web is also a breeding ground for crimes arguably worse than drug dealing.
Whitney Grace, March 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Change Is Hard, Especially in the User Interface
March 22, 2016
One of the most annoying things in life is when you go to the grocery store and notice they have rearranged the entire place since your last visit. I always ask myself the question, “Why grocery store people did you do this to me?” Part of the reason is to improve the shopping experience and product exposure, while the other half is to screw with customers (I cannot confirm the latter). According to the Fuzzy Notepad with its Pokémon Evee mascot the post titled “We Have Always Been At War With UI” explains that programmers and users have always been at war with each other when it comes to the user interface.
Face it, Web sites (and other areas of life) need to change to maintain their relevancy. The biggest problem related to UI changes is the roll out of said changes. The post points out that users get confused and spend hours trying to understand the change. Sometimes the change is announced, other times it is only applied to a certain number of users.
The post lists several changes to UI and how they were handled, describing how they were handled and also the programming. One constant thread runs through the post is that users simply hate change, but the inevitable question of, “Why?” pops up.
“Ah, but why? I think too many developers trot this line out as an excuse to ignore all criticism of a change, which is very unhealthy. Complaints will always taper off over time, but that doesn’t mean people are happy, just that they’ve gone hoarse. Or, worse, they’ve quietly left, and your graphs won’t tell you why. People aren’t like computers and may not react instantly to change; they may stew for a while and drift away, or they may join a mass exodus when a suitable replacement comes along.”
Big data can measure anything and everything, but the data can be interpreted for or against the changes. Even worse is that the analysts may not know what exactly they need to measure. What can be done to avoid total confusion about changes is to have a plan, let users know in advance, and even create tutorial about how to use the changes. Worse comes to worse, it can be changed back and then we move on.
Whitney Grace, March 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
For Sale: Your Bank Information
March 21, 2016
One of the common commodities for sale on the Dark Web is bank, credit card, social security numbers, and other personal information. This information can sell for a few bucks to hundreds of dollars depending on the quality and quantity of the information. In order to buy personal information, usually the interested parties must journey to the Dark Web, but the International Business Times tells us that “Confidential Bank Details Available For Sale On Easily Found Web Site” is for sale on the general Web and the information is being sold for as little as a couple pounds (or dollars for the US folks). The Web site had a pretty simple set up, interested parties register, and then they have access to the stolen information for sale.
Keith Vaz, chairman of the home affairs select committee, wants the National Crime Agency (NCA) to use its power and fulfill its purpose to shut the Web site down.
“A statement from the NCA said: “We do not routinely confirm or deny investigations nor comment on individual sites. The NCA, alongside UK and international law enforcement partners and the private sector, are working to identify and as appropriate disrupt websites selling compromised card data. We will work closely with partners of the newly established Home Office Joint Fraud Task Force to strengthen the response.”
Online scams are getting worse and more powerful in stealing people’s information. Overall, British citizens lost a total of 670 million pounds (or $972 million). The government, however, believes the total losses are more in the range of 27 billion pounds (or $39.17 billion).
Scams are getting worse, because the criminals behind them are getting smarter and know how to get around security defenses. Users need to wise up and learn about the Dark Web, take better steps to protect their information, and educate themselves on how to recognize scams.
Whitney Grace, March 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tails Increases Ease of Online Anonymity
March 17, 2016
The interest in browsing the internet anonymously does not appear to be fading. Softpedia recently posted Debian Makes It a Lot Easier for Users to Install the Tails Anonymous Live CD. Called the “amnesic incognito live system”, Tails is a GNU/Linux Live CD distribution which is based on the Debian operating system and allows your online activities to remain anonymous. Tails is driven by Tor and provides its users access to the anonymous Tor network. The article tells us,
Now, we all know how to write a Live ISO image on a USB key or a CD disc, right? But what you probably don’t know is that there’s an app for that, called Tails Installer, which the skilled Debian Privacy Tools maintainers team included in Debian repos. “The previous process for getting started with Tails was very complex and was problematic for less tech-savvy users,” developers explained. “It required starting Tails three times, and copying the full ISO image onto a USB stick twice before having a fully functional Tails USB stick with persistence enabled.”
As the article points out, Tails has a stamp of approval from Edward Snowden. It seems like before Debian, it would have been quite the stretch for many users to even consider adopting the use of Tails. However, using a Linux-based operating system, the pre-requisite for Tails, may also be a hurdle preventing wide-scale adoption. Time will tell.
Megan Feil, March 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bitcoin Textbook to Become Available from Princeton
March 16, 2016
Bitcoin is all over the media but this form of currency may not be thoroughly understood by many, including researchers and scholars. An post on this topic, The Princeton Bitcoin textbook is now freely available, was recently published on Freedom to Tinker, a blog hosted by Princeton’s Center for Information Technology Policy. This article announces the first completed draft of a Princeton Bitcoin textbook. At 300 pages, the manuscript is geared to those who hope to gain a technical understanding of how Bitcoin works and is appropriate for those who have a basic understanding of computer science and programming. According to the write-up,
“Researchers and advanced students will find the book useful as well — starting around Chapter 5, most chapters have novel intellectual contributions. Princeton University Press is publishing the official, peer-reviewed, polished, and professionally done version of this book. It will be out this summer. If you’d like to be notified when it comes out, you should sign up here. Several courses have already used an earlier draft of the book in their classes, including Stanford’s CS 251. If you’re an instructor looking to use the book in your class, we welcome you to contact us, and we’d be happy to share additional teaching materials with you.”
As Bitcoin educational resources catch fire in academia, it is only a matter of time before other Bitcoin experts begin creating resources to help other audiences understand the currency of the Dark Web. Additionally, it will be interesting to see if research emerges regarding connections between Bitcoin, the Dark Web and the mainstream internet.
Megan Feil, March 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tech Unicorns May Soon Disappear as Fast as They Appeared
March 15, 2016
Silicon Valley “unicorns”, private companies valued at one billion or more, may not see the magic last. The article Palantir co-founder Lonsdale calls LinkedIn plunge a bad sign for unicorns from Airline Industry Today questions the future for companies like LinkedIn whose true value has yet to result in ever-increasing profits. After disappointing Wall Street with lower earnings and revenue, investors devalued LinkedIn by about $10 billion. Joe Lonsdale, the Formation 8 venture investor who co-founded Palantir Technologies is quoted stating,
“A lot of LinkedIn’s value, according to how many of us think about it, is tied to what it will achieve in the next five to 10 years,” Lonsdale said in an appearance on CNBC’s “Squawk Alley” on Friday. “It is very similar to a unicorn in that way. Yes, it is making a few billion in revenue and it’s a public company but it has these really big long-term plans as well and is very similar to how you see these other companies.” He added a lot of people who have been willing to suspend disbelief aren’t doing that anymore. “At this point, people are asking, ‘Are you actually going to be able to keep growing?’ And they’re punishing the unicorns and punishing the public companies the same way.”
Lonsdale understands why many private companies postpone an IPO for as long as possible, given these circumstances. Regardless of the pros and cons of when a company should go public, the LinkedIn devaluation seems as if it will send a message. Whether that message is one that fearmongers similar companies into staying private for longer or one that changes profitability norms for younger tech companies remains to be seen.
Megan Feil, March 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Social Media Still a Crime Hub
March 14, 2016
It seems that most crime is concentrated on the hidden Dark Web, especially with news of identity thief and potential threats to national security making the news over the latest social media hotspot. Social media is still a hot bed for Internet crime and Motherboard has a little tale tell about, “SocioSpyder: The Tool Bought By The FBI To Monitor Social Media.” Social media remains a popular crime hub, because of the amount of the general public that use it making them susceptible to everything from terroristic propaganda to the latest scam to steal credit card numbers.
Law enforcement officials are well aware of how criminals use social media, but the biggest problem is having to sift through the large data stockpile from the various social media platforms. While some law enforcement officials might enjoy watching the latest cute kitten video, it is not a conducive use of their time. The FBI purchased SocioSpyder as their big data tool.
“ ‘SocioSpyder,’ as the product is called, ‘can be configured to collect posts, tweets, videos and chats on-demand or autonomously into a relational, searchable and graphable database,” according to the product’s website. SocioSpyder is made by Allied Associates International, a US-based contractor for government and military clients as well as other private companies, and which sells, amongst other things, software.
This particular piece of kit, which is only sold to law enforcement or intelligence agencies, allows an analyst to not only keep tabs on many different targets across various social networks at once, but also easily download all of the data and store it. In short, it’s pretty much a pre-configured web scraper for social media.”
SocioSpyder maps relationships within the data and understand how the user-generated content adds up to the bigger picture. Reportedly, the FBI spent $78,000 on the SocioSpyder software and the US Marshals bought a lesser version worth $22,500. SocioSpyder is being used to gather incriminating evidence against criminals and avoid potential crimes.
My biggest question: where can we get a version of SocioSpyder to generate reports for personal use?
Whitney Grace, March 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
