Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Hiding in the Dark: The Internet You Cannot See Marc Visnick [email protected] 503-242-3637 Goals for Today What’s the big picture? Define some terms and concepts Situate these in the real world The Internet The Internet A global network of networks… Connecting billions of devices... Using various communications protocols… To provide a variety of services. A global network of networks… Many devices Servers, clients Routers IoT Many locations On land Under the ocean In orbit Connected using protocols… Internet Protocol (IP) Every device must have a numerical address 184.106.20.8 Domain Name Service (DNS) Translates names to numbers aipla.org = 184.106.20.8 Transmission Control Protocol (TCP) Packetizes data, ensures delivery Routes around blockage To provide services. Services run on top of the underlying communications protocols Email File sharing (peer-to-peer) Media streaming Virtual Private Networking (VPN) Web browsing Visible net The Internet Dark net The World Wide Web The Mother of all Services An information space composed of hypertext documents (“resources”), identified by Uniform Resource Locators (URLs). Resources usually constructed from HTML (Hypertext Markup Language) How do I find stuff on the Web? If the Web is the mother of all services, search is the mother of all problems Search engines attempt to index accessible web content Searchable content = the surface web Surface Web WWWW Deep Web The Deep Web Not inherently nefarious; simply means: Non-searchable (by standard search engines) Most web content, is in fact in the deep Intranet pages Paywall-protected services Dynamically-generated webpages “Dead” pages which search robots cannot reach The dark web The Dark Web (here, there be Dragons…) Web content found on darknets Access generally requires specialized software and/or authorization Characterized by: Anonymity Encryption Decentralization (Peer-to-Peer) Of Tor and the Silk Road… Tor Software to enable anonymous communications Anonymity, not end-to-end security Can be used for: Web browsing (the dark web) Instant messaging File transfers Wide range of users Not just criminals! The origins of Tor Mid-90’s: United States Naval Research Laboratory and DARPA Military wanted a way to anonymously use Internet 2004: NRL open-sources Tor, EFF takes over 2006: Tor Project is formed Tor has been continuously funded by US Government since its inception Tor… not your ordinary vegetable “Onion routing” Communicate data packets by “wrapping” those packets in multiple layers of encryption Each layer contains address information for a node in a sequence of nodes, ultimately leading from sender to receiver Main goal is to preserve anonymity Tor does not provide end-to-end security It does provide encryption “in the middle” The “regular” Internet… Alice Address Router Data Router Router Bob Tor: Create the circuit.. Alice Directory Authority Entry Node Node Node Node Node Node Exit Node Node Node Node Node Bob Tor: Build the onion, send the data... Alice Entry Node Entry node encryption Node Exit Node Node encryption Exit node encryption Original data Bob Tor: Hidden services Alice Introduction Point Introduction Point Rendezvous Point Introduction Point Database of Hidden Services Bob Of Tor and Dark Markets… Dark market: A commercial website running on a dark net, such as Tor Silk Road, one among many dark markets On Tor, usually as a hidden service Dark, in the truest sense… Havens for sale of drugs, stolen credit cards, and a variety of other illicit goods “Whack-a-mole” Silk Road Silk Road 2.0 Silk Road Reloaded Of rights holders & reality… Shutting down dark markets is incredibly hard How do you discover IP address? What about jurisdiction issues? Catch transactions once they cross into real world Mail drops Crypto currency conversions to fiat currency Weakness is almost always the user, not the tech Shut down markets via technical hacks https://xkcd.com/1348/ Marc Visnick [email protected] 503-242-3637