The BBC has made its international news website available via the Tor network, in a bid to thwart censorship attempts.

The Tor browser is privacy-focused software used to access the dark web.

The browser can obscure who is using it and what data is being accessed, which can help people avoid government surveillance and censorship.

Countries including China, Iran and Vietnam are among those who have tried to block access to the BBC News website or programmes.

Instead of visiting bbc.co.uk/news or bbc.com/news, users of the Tor browser can visit the new bbcnewsv2vjtpsuy.onion web address. Clicking this web address will not work in a regular web browser.

The dark web copy of the BBC News website will be the international edition, as seen from outside the UK.

It will include foreign language services such as BBC Arabic, BBC Persian and BBC Russian.

But UK-only content and services such as BBC iPlayer will not be accessible, due to broadcast rights.


What is Tor?

Tor is a way to access the internet that requires software, known as the Tor browser, to use it.

The name is an acronym for The Onion Router. Just as there are many layers to the vegetable, there are many layers of encryption on the network.

It was originally designed by the US Naval Research Laboratory, and continues to receive funding from the US State Department.

It attempts to hide a person's location and identity by sending data across the internet via a very circuitous route involving several "nodes" - which, in this context, means using volunteers' PCs and computer servers as connection points.

Encryption applied at each hop along this route makes it very hard to connect a person to any particular activity.

To the website that ultimately receives the request, it appears as if the data traffic comes from the last computer in the chain - known as an "exit node" - rather than the person responsible.

dark web

Image captionTor hides a user's identity by routing their traffic through a series of other computers.

 As well as allowing users to visit normal websites anonymously, it can also be used as part of a process to host hidden sites, which use the .onion suffix.

Tor's users include the military, law enforcement officers and journalists, as well as members of the public who wish to keep their browser activity secret.

But it has also been associated with illegal activity, allowing people to visit sites offering illegal drugs for sale and access to child abuse images, which do not show up in normal search engine results and would not be available to those who did not know where to look.


While the Tor browser can be used to access the regular version of the BBC News website, using the .onion site has additional benefits.

"Onion services take load off scarce exit nodes, preserve end-to-end encryption [and] the self-authenticating domain name resists spoofing," explained Prof Steven Murdoch, a cyber-security expert from University College London.

In a statement, the BBC said: "The BBC World Service's news content is now available on the Tor network to audiences who live in countries where BBC News is being blocked or restricted. This is in line with the BBC World Service mission to provide trusted news around the world."

On Wednesday, the BBC also announced the UK's first interactive voice news service for smart speakers.

People using an Amazon Alexa-powered device will be able to skip ahead and get more information about the stories they are most interested in.

[Source: This article was published in bbc.com - Uploaded by the Association Member: Patrick Moore]

Categorized in Deep Web

Since the Arab uprisings of 2011, UAE has utilised 'cyber-security governance' to quell the harbingers of revolt and suppress dissident voices

he nuts and bolts of the Emirati surveillance state moved into the spotlight on 1 February as the Abu Dhabi-based cybersecurity company DarkMatter allegedly stepped "out of the shadows" to speak to the international media.

Its CEO and founder, Faisal al-Bannai, gave a rare interview to the Associated Press at the company's headquarters in Abu Dhabi, in which he absolved his company of any direct responsibility for human rights violations in the UAE.  

Established in the UAE in 2015, DarkMatter has always maintained itself to be a commercially driven company. Despite the Emirati government constituting 80 percent of DarkMatter's customer base and the company previously describing itself as "a strategic partner of the UAE government", its CEO was at pains to suggest that it was independent from the state.

According to its website, the company's stated aim is to "protect governments and enterprises from the ever-evolving threat of cyber attack" by offering a range of non-offensive cybersecurity services. 

Seeking skilled hackers

Though DarkMatter defines its activities as defensive, an Italian security expert, who attended an interview with the company in 2016, likened its operations to "big brother on steroids" and suggested it was deeply rooted within the Emirati intelligence system.

Simone Margaritelli, also a former hacker, alleged that during the interview he was informed of the UAE's intention to develop a surveillance system that was "capable of intercepting, modifying, and diverting (as well as occasionally obscuring) traffic on IP, 2G, 3G, and 4G networks".

Although he was offered a lucrative monthly tax-free salary of $15,000, he rejected the offer on ethical grounds.

Furthermore, in an investigation carried out by The Intercept in 2016, sources with inside knowledge of the company said that DarkMatter was "aggressively" seeking skilled hackers to carry out offensive surveillance operations. This included plans to exploit hardware probes already installed across major cities in order to track, locate and hack any person at any time in the UAE.

In many respects, the UAE's surveillance infrastructure has been built by a network of international cybersecurity “dealers” who have willingly profited from supplying the Emirati regime with the tools needed for a modern-day surveillance state

As with other states, there is a need for cybersecurity in the UAE. As the threat of cyber-attacks has increased worldwide, there have been numerous reports of attempted attacks from external actors on critical infrastructure in the country. 

Since the Arab uprisings of 2011, however, internal "cyber-security governance", which has been utilised to quell the harbingers of revolt and suppress dissident voices, has become increasingly important to the Emirati government and other regimes across the region.

Authoritarian control

In the UAE, as with other GCC states, this has found legislative expression in the cybercrime law. Instituted in 2012, its vaguely worded provisions essentially provide a legal basis to detain anybody who criticises the regime online.

This was to be followed shortly after by the formation of the UAE’s own cybersecurity entity, the National Electronic Security Authority (NESA), which recently began working in parallel with the UAE Armed Forces’ cyber command unit, established in 2014.  

A network of Emirati government agencies and state-directed telecommunications industries have worked in loose coordination with international arms manufacturers and cybersecurity companies to transform communications technologies into central components of authoritarian control. 

In 2016, an official from the Dubai police force announced that authorities were monitoring users across 42 social media platforms, while a spokesperson for the UAE’s Telecommunication Regulatory Authority similarly boasted that all social media profiles and internet sites were being tracked by the relevant agencies.

000 OF77X

Crown Prince Mohammed Bin Zayed Al Nahyan of Abu Dhabi meets with US President Donald Trump in Washington in May 2017 (AFP)

As a result, scores of people who have criticised the UAE government on social media have been arbitrarily detained, forcefully disappeared and, in many cases, tortured.

Last year, Jordanian journalist Tayseer al-Najjar and prominent Emirati academic Nasser bin Ghaith received sentences of three and 10 years respectively for comments made on social media. Similarly, award-winning human rights activist Ahmed Mansoor has been arbitrarily detained for nearly a year due to his online activities. 

This has been a common theme across the region in the post-"Arab Spring" landscape. In line with this, a lucrative cybersecurity market opened up across the Middle East and North Africa, which, according to the US tech research firm Gartner, was valued at $1.3bn in 2016.

A modern-day surveillance state

In many respects, the UAE's surveillance infrastructure has been built by a network of international cybersecurity "dealers" who have willingly profited from supplying the Emirati regime with the tools needed for a modern-day surveillance state. 

Moreover, it has been reported that DarkMatter has been hiring a range of top talent from across the US national security and tech establishment, including from Google, Samsung, and McAfee. Late last year, it was revealed that DarkMatter was managing an intelligence contract that had been recruiting former CIA agents and US government officials to train Emirati security officials in a bid to bolster the UAE's intelligence body.

UK military companies also have a foothold in the Emirati surveillance state. Last year, it was revealed that BAE Systems had been using a Danish subsidiary, ETI Evident, to export surveillance technologies to the UAE government and other regimes across the region. 

'The million-dollar dissident'

Although there are officially no diplomatic relations between the two countries, in 2016, Abu Dhabi launched Falcon Eye, an Israeli-installed civil surveillance system. This enables Emirati security officials to monitor every person "from the moment they leave their doorstep to the moment they return to it", a source close to Falcon Eye told Middle East Eye in 2015.

The source added that the system allows work, social and behavioral patterns to be recorded, analyzed and archived: "It sounds like sci-fi but it is happening in Abu Dhabi today."

Moreover, in a story that made headlines in 2016, Ahmed Mansoor's iPhone was hacked by the UAE government with software provided by the Israeli-based security company NSO Group. Emirati authorities reportedly paid $1m for the software, leading international media outlets to dub Mansoor "the million-dollar dissident."

Mansoor's case is illustrative of how Emirati authorities have conducted unethical practices in the past. In recent years, the UAE has bought tailored software products from international companies such as Hacking Team to engage in isolated, targeted attacks on human rights activists, such as Mansoor.

The operations of DarkMatter, as well as the installation of Falcon Eye, suggest, however, that rather than relying on individual products from abroad, Emirati authorities are now building a surveillance system of their own and bringing operations in-house by developing the infrastructure for a 21st-century police state. 

[Source: This article was published in middleeasteye.net By JOE ODELL - Uploaded by the Association Member: Wushe Zhiyang]

Categorized in Deep Web

[Source: This article was published in technadu.com By Sydney Butler - Uploaded by the Association Member: Dana W. Jimenez]

The Dark Web, as part of the Deep Web, is defined largely by the fact that search engines can’t index it. Yet, people need to find onion sites in order to use them and many onion sites would be pretty pointless if no one ever visited them.

Which brings us to the idea of Dark Web “search engines”. Is there such a thing? How do they work? It’s a little more complicated than simply making a “Google for the Dark Web”, but in this article, you’ll learn about some of the best “search engines”, right after we explain what the special meaning of that term is in this context.

What Are Dark Web Search Engines?

Many so-called Dark Web search engines are really just repositories of links. This is actually how early search engines on the internet worked. More like a giant phone book than a web crawler that indexed the contents of sites.

Then, of course, there are search engines on the Dark Web that search the surface web. In other words, they provide a super-secure way to search for things on the regular internet that you don’t want to be attached to your history or identity. So adjust your expectations a little of what it means for something on the Dark Web to be a search engine and feast your eyes on these excellent Dark Web destinations, in your search for hidden network content.

DuckDuckGo

DuckDuckGo

DuckDuckGo is easily accessible via the surface web, you just have to type its URL into any browser. It also offers an onion domain, which means that it counts as a Dark Web search engine, although it’s not really an engine that searches the Dark Web itself. You can search for onion links using this tool, but your mileage may vary.

What makes DuckDuckGo special is its ability to return relevant search results almost as good as those provided by Google. Yet, it does not need to store any information about you or your search history in order to do it. It’s one of the best privacy-focused search engines in existence and its presence on the Dark Web just adds another strong layer of security.

Torch

Torch

Torch is one of the oldest onion site indexes in existence. While no one knows for sure how much info is stored on the site, Torch itself claims that there are more than a million pages in its index. If something you’ve heard of exists on the Dark Web, Torch is probably your best chance of finding it.

The Onion URL Repository

Just as the name suggests, the Onion URL directory is another massive dump of onion sites with descriptions. More than a million sites by all accounts. That’s a lot of possible destinations to sift through, although no one knows how much of it overlaps with a site like Torch and how much is unique to this repository. Unfortunately, we weren’t actually able to find a working link to this one at the time of writing.

notEvil

notEvil

notEvil is the closest thing to a Google experience you may get on the Dark Web. The design of the site and how it appears to work is very reminiscent of the search giant. The name of this search tool is also a direct reference to Google since the company once had the motto “don’t be evil”, although that has been quietly retired.

notEvil provides some of the most relevant results and is probably the best “proper” search engine on the Dark Web.

Ahmia.fi

Ahmia.fi

OK, Ahmia is something a little different to the other sites listed here. Instead of being a search engine that resides on the Dark Web, this is actually an engine that searches the Tor Hidden Services network from the surface web. It also has an onion service and to actually visit any of the sites listed you’ll need Tor, but it’s pretty awesome that you can look for onion sites from any computer, not just one that has access to Tor.

Candle

Candle

Candle is a fairly new project that was first announced on r/onions/ three years ago. It’s a hobby project from the creator, trying to make a Google-like search engine for Tor. So Candle has actually been indexing onion sites and when it was announced there were already more than 100,000 pages.

Categorized in Deep Web

[Source: This article was published in hothardware.com By Rod Scher - Uploaded by the Association Member: Robert Hensonw]

We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides but is difficult to unearth for the uninitiated.



Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.

Karl1
 Karl Swannie is the CEO of Echosec, the company behind Beacon

"Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec CTO Michael Raypold. "We’ve designed Beacon to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the dark web as easy as using a surface web search engine."

The idea behind Beacon is that it can be used by a company to potentially head off -- or at the very least mitigate -- a potential disaster. Since the bulk of the data on the dark web is essentially unstructured, the Echosec team crawled the dark web, indexed its content and then build a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the dark web.

small beacongrab

With Beacon, dark web data can be searched by a variety of criteria. Specific types of data (credit cards, emails, etc.) can be searched for explicitly.


Keep in mind, of course, that not everything on the dark web is illegal.

Says Raypold, "The dark web is a place where you can source illegal or illicit materials because the inherent privacy and anonymity baked into platforms like the TOR network makes buying and selling these goods easier to achieve without repercussions. However, that isn’t to say everything on the dark web is illegal. News organization like the NYTimes and Pro Publica maintain Onion sites for their more privacy-conscious users and to help disseminate news that might otherwise be censored." Still, much of the dark web's content was acquired illegally and can be misused to spread misinformation, victimize vulnerable populations, execute social engineering exploits, or engage in various forms of identity theft.

We all know that information in the wrong hands can be dangerous. Raypold cites the story of Coca-Cola's attempt, some years back, to acquire a Chinese soft drink company. Unbeknownst to high-level Coca-Cola executives, the company's secret plans and negotiation tactics were in fact not secret at all, because Coca-Cola had been previously hacked, thanks to a phishing email opened by a Coca-Cola exec.

Beacon did not exist at that time (2009), but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web; if so, Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. (In the end, the acquisition fell through, most likely because Coca-Cola -- having lost control of its confidential information -- had also lost any leverage it might have had in the negotiations.)

The goal of Beacon, says Raypold, is to allow companies to easily examine data on the dark web as a way of locating the potentially harmful information that’s stored there: this could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. After all, if your data has been compromised, it's always better to know than not to know.

Mike
Mike Raypold is the CTO of Echosec, LTD.

"Beacon allows teams to more quickly identify and respond to information that can materially damage a company’s brand and consumer trust," says Raypold. "Being able to quickly identify a sensitive problem also means that you can start putting a solution in place and notify your customers before they find out through other means."

Of course, a security tool is but another weapon in the wrong hands, and weapons can be misused; it's one thing for a pen-tester or white-hat hacker to be in possession of systems that can locate or uncover data, but what about someone finding a way to misuse Beacon? While Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger.

"First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced," says Raypold. "If a potential customer cannot pass the use-case approval process, they do not get access to the system."

Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.

"The checks built into the platform will outright prevent some searches from being run, so that users never receive data that we perceive could be used with malicious intent. Furthermore, some of the vendors from whom we source data have asked us to prevent certain queries from being run, regardless of a customer's use case," says Raypold. (Naturally, the company publishes an "acceptable use" policy, which can be found here.)

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets, and other sensitive data. White-hat hackers -- such as pen-testers -- could conceivably be a market as well, but the company feels that would be fairly uncommon. And if it did occur, it would simply be viewed as an example of contracted security experts acting on behalf of the ultimate corporate customer.



However, (and by whomever) Beacon is used, it looks as if the murky landscape of the dark web is no longer quite as dark as it once was.

Categorized in Deep Web

[Source: This article was published in ibtimes.co.uk By Anthony Cuthbertson - Uploaded by the Association Member: Robert Hensonw]

A search engine more powerful than Google has been developed by the US Defence Advanced Research Projects Agency (DARPA), capable of finding results within dark web networks such as Tor.

The Memex project was ostensibly developed for uncovering sex-trafficking rings, however the platform can be used by law enforcement agencies to uncover all kinds of illegal activity taking place on the dark web, leading to concerns surrounding internet privacy.

Thousands of sites that feature on dark web browsers like Tor and I2P can be scraped and indexed by Memex, as well as the millions of web pages ignored by popular search engines like Google and Bing on the so-called Deep Web.

The difference between the dark web and the deep web

The dark web is a section of the internet that requires specialist software tools to access, such as the Tor browser. Originally designed to protect privacy, it is often associated with illicit activities.

The deep web is a section of the open internet that is not indexed by search engines like Google - typically internal databases and forums within websites. It comprises around 95% of the internet.

Websites operating on the dark web, such as the former Silk Road black marketplace, purport to offer anonymity to their users through a form of encryption known as Onion Routing.

While users' identities and IP addresses will still not be revealed through Memex results, the use of an automated process to analyse content could uncover patterns and relationships that could potentially be used by law enforcement agencies to track and trace dark web users.

"We're envisioning a new paradigm for search that would tailor content, search results, and interface tools to individual users and specific subject areas, and not the other way round," said DARPA program manager Chris White.

"By inventing better methods for interacting with and sharing information, we want to improve search for everybody and individualise access to information. Ease of use for non-programmers is essential."

Memex achieves this by addressing the one-size-fits-all approach taken by mainstream search engines, which list results based on consumer advertising and ranking.

 us internet surveillance DARPA TOR Memex dark web

 Memex raises further concerns about internet surveillance US Web Home

'The most intense surveillance state the world has literally ever seen'

The search engine is initially being used by the US Department of Defence to fight human trafficking and DARPA has stated on its website that the project's objectives do not involve deanonymising the dark web.

The statement reads: "The program is specifically not interested in proposals for the following: attributing anonymous services, deanonymising or attributing identity to servers or IP addresses, or accessing information not intended to be publicly available."

Despite this, White has revealed that Memex has been used to improve estimates on the number of services there are operating on the dark web.

"The best estimates there are, at any given time, between 30,000 and 40,000 hidden service Onion sites that have content on them that one could index," White told 60 Minutes earlier this month.

Internet freedom advocates have raised concerns based on the fact that DARPA has revealed very few details about how Memex actually works, which partners are involved and what projects beyond combating human trafficking are underway.

"What does it tell about a person, a group of people, or a program, when they are secretive and operate in the shadows?" author Cassius Methyl said in a post to Anti Media. "Why would a body of people doing benevolent work have to do that?

"I think keeping up with projects underway by DARPA is of critical importance. This is where the most outrageous and powerful weapons of war are being developed.

"These technologies carry the potential for the most intense surveillance/ police state that the world has literally ever seen."

Categorized in Deep Web

[Source: This article was published in csoonline.com By Josh Fruhlinger- Uploaded by the Association Member: Eric Beaudoin] 

Catch a glimpse of what flourishes in the shadows of the internet.

Back in the 1970s, "darknet" wasn't an ominous term: it simply referred to networks that were isolated from the mainstream of ARPANET for security purposes. But as ARPANET became the internet and then swallowed up nearly all the other computer networks out there, the word came to identify areas that were connected to the internet but not quite of it, difficult to find if you didn't have a map.

The so-called dark web, a catch-all phrase covering the parts of the internet not indexed by search engines, is the stuff of grim legend. But like most legends, the reality is a bit more pedestrian. That's not to say that scary stuff isn't available on dark web websites, but some of the whispered horror stories you might've heard don't make up the bulk of the transactions there.

Here are ten things you might not know about the dark web.

New dark web sites pop up every day...

A 2015 white paper from threat intelligence firm Recorded Future examines the linkages between the Web you know and the darknet. The paths usually begin on sites like Pastebin, originally intended as an easy place to upload long code samples or other text but now often where links to the anonymous Tor network are stashed for a few days or hours for interested parties. 

While searching for dark web sites isn't as easy as using Google—the point is to be somewhat secretive, after all—there are ways to find out what's there.  The screenshot below was provided by Radware security researcher Daniel Smith, and he says it's the product of "automatic scripts that go out there and find new URLs, new onions, every day, and then list them. It's kind of like Geocities, but 2018"—a vibe that's helped along by pages with names like "My Deepweb Site," which you can see on the screenshot.

fresh onions

..and many are perfectly innocent

Matt Wilson, chief information security advisor at BTB Security, says that "there is a tame/lame side to the dark web that would probably surprise most people. You can exchange some cooking recipes—with video!—send email, or read a book. People use the dark web for these benign things for a variety of reasons: a sense of community, avoiding surveillance or tracking of internet habits, or just to do something in a different way."

It's worth remembering that what flourishes on darknet is material that's been banned elsewhere online. For example, in 2015, in the wake of the Chinese government cracking down on VPN connections through the so-called "great firewall," Chinese-language discussions started popping up on the darknet — mostly full of people who just wanted to talk to each other in peace.

Radware's Smith points out that there are a variety of news outlets on the dark web, ranging from the news website from the hacking group Anonymous to the New York Times, shown in the screenshot here, all catering to people in countries that censor the open internet.

nytimes

 

Some spaces are by invitation only

Of course, not everything is so innocent, or you wouldn't be bothering to read this article. Still, "you can't just fire up your Tor browser and request 10,000 credit card records, or passwords to your neighbor’s webcam," says Mukul Kumar, CISO and VP of Cyber Practice at Cavirin. "Most of the verified 'sensitive' data is only available to those that have been vetted or invited to certain groups.

"

How do you earn an invite into these kinds of dark web sites? "They're going to want to see history of crime," says Radware's Smith. "Basically it's like a mafia trust test. They want you to prove that you're not a researcher and you're not law enforcement. And a lot of those tests are going to be something that a researcher or law enforcement legally can't do."

There is bad stuff, and crackdowns means it's harder to trust

As recently as last year, many dark web marketplaces for drugs and hacking services featured corporate-level customer service and customer reviews, making navigating simpler and safer for newbies. But now that law enforcement has begun to crack down on such sites, the experience is more chaotic and more dangerous.

"The whole idea of this darknet marketplace, where you have a peer review, where people are able to review drugs that they're buying from vendors and get up on a forum and say, 'Yes, this is real' or 'No, this actually hurt me'—that's been curtailed now that dark marketplaces have been taken offline," says Radware's Smith. "You're seeing third-party vendors open up their own shops, which are almost impossible to vet yourself personally. There's not going to be any reviews, there's not a lot of escrow services. And hence, by these takedowns, they've actually opened up a market for more scams to pop up."

Reviews can be wrong, products sold under false pretenses—and stakes are high

There are still sites where drugs are reviewed, says Radware's Smith, but keep in mind that they have to be taken with a huge grain of salt. A reviewer might get a high from something they bought online, but not understand what the drug was that provided it.

One reason these kinds of mistakes are made? Many dark web drug manufacturers will also purchase pill presses and dyes, which retail for only a few hundred dollars and can create dangerous lookalike drugs. "One of the more recent scares that I could cite would be Red Devil Xanax," he said. "These were sold as some super Xanax bars, when in reality, they were nothing but horrible drugs designed to hurt you."

The dark web provides wholesale goods for enterprising local retailers...

Smith says that some traditional drug cartels make use of the dark web networks for distribution—"it takes away the middleman and allows the cartels to send from their own warehouses and distribute it if they want to"—but small-time operators can also provide the personal touch at the local level after buying drug chemicals wholesale from China or elsewhere from sites like the one in the screenshot here. "You know how there are lots of local IPA microbreweries?" he says. "We also have a lot of local micro-laboratories. In every city, there's probably at least one kid that's gotten smart and knows how to order drugs on the darknet, and make a small amount of drugs to sell to his local network."

xanax

 

...who make extensive use of the gig economy

Smith describes how the darknet intersects with the unregulated and distributed world of the gig economy to help distribute contraband. "Say I want to have something purchased from the darknet shipped to me," he says. "I'm not going expose my real address, right? I would have something like that shipped to an AirBnB—an address that can be thrown away, a burner. The box shows up the day they rent it, then they put the product in an Uber and send it to another location. It becomes very difficult for law enforcement to track, especially if you're going across multiple counties."

Not everything is for sale on the dark web

We've spent a lot of time talking about drugs here for a reason. Smith calls narcotics "the physical cornerstone" of the dark web; "cybercrime—selling exploits and vulnerabilities, web application attacks—that's the digital cornerstone. Basically, I'd say a majority of the darknet is actually just drugs and kids talking about little crimes on forums."

Some of the scarier sounding stuff you hear about being for sale often turns out to be largely rumors. Take firearms, for instance: as Smith puts it, "it would be easier for a criminal to purchase a gun in real life versus the internet. Going to the darknet is adding an extra step that isn't necessary in the process. When you're dealing with real criminals, they're going to know someone that's selling a gun."

Specific niches are in

Still, there are some very specific darknet niche markets out there, even if they don't have the same footprint that narcotics does. One that Smith drew my attention to was the world of skimmers, devices that fit into the slots of legitimate credit and ATM card readers and grab your bank account data.

And, providing another example of how the darknet marries physical objects for sale with data for sale, the same sites also provide data manual sheets for various popular ATM models. Among the gems available in these sheets are the default passwords for many popular internet-connected models; we won't spill the beans here, but for many it's the same digit repeated five times.

atm skinners

 

It's still mimicking the corporate world

Despite the crackdown on larger marketplaces, many dark web sites are still doing their best to simulate the look and feel of more corporate sites

elude

 

The occasional swear word aside, for instance, the onion site for the Elude anonymous email service shown in this screenshot looks like it could come from any above-board company.

One odd feature of corporate software that has migrated to the dark web: the omnipresent software EULA. "A lot of times there's malware I'm looking at that offers terms of services that try to prevent researchers from buying it," he says. "And often I have to ask myself, 'Is this person really going to come out of the dark and trying to sue someone for doing this?'"

And you can use the dark web to buy more dark web

And, to prove that any online service can, eventually, be used to bootstrap itself, we have this final screenshot from our tour: a dark web site that will sell you everything you need to start your own dark web site.docker

 

Think of everything you can do there—until the next crackdown comes along.

Categorized in Internet Privacy

[Source: This article was Published in techworld.com BY Laurie Clarke - Uploaded by the Association Member: Issac Avila] 

Threat intelligence firm Recorded Future has published new research examining the dark 

The dark web. It’s a name that evokes the damp and dingy crevices of the internet; breeding grounds for a virulent strain of depravity. But is the hype justified? Threat intelligence agency Recorded Future has published research that attempts to demystify our concept of this subterranean section of the web.

The organisation has close ties to In-Q-Tel, the CIA’s investment arm and Google Ventures, after receiving a substantial suffusion of cash from both shortly after being founded in 2009. According to its website, it provides threat intelligence to 91 percent of the Fortune 100, including GSK, Raytheon and Morgan Stanley. 

“The term dark web kind of has a Hollywood aura or mystique around it,” says Garth Griffin, director of data science at Recorded Future. “We wanted to make it more concrete, more specific, and measure what we could about what the dark web really is.”

To conduct the research, the team looked specifically at 'onion sites': those accessible through the Tor (The Onion Router) browser, which is generally seen as the gateway into the dark web. 

One of the team's first findings was the relatively small size of the dark web compared to the clear web. They discovered just 55,000 domains, of which only 8,400 were actually serving a website - a tiny fraction of the millions of domains supported by the clear web.

The instability and unreliability of dark web sites also became apparent, of which uptime is an incisive indicator. “The gold standard on clear websites is the ‘five nines’ - you know, 99.999% uptime,” says Griffin. The uptime on a Tor site generally hovers closer to 90%. Although this doesn’t suggest a radical difference, Griffin says that even the small step between four nines and five nines is noticeable in the user experience on the clear web. 

“This is again counter to the image of the onion network as a sort of metropolis of bustling criminal activity,” says Griffin. “It’s actually kind of hard to use and disorganised.”

Recorded Future found that the dark web is more homogeneous than the clear web in terms of the languages used. Eighty-six percent of the language is English, while this is closer to 54 percent on the clear web.  

Among the criminal sites on Tor, those home to the darkest shades of criminal activity is more concealed than others. The research quantified the visibility of these sites by counting the number of inbound links, that is, other sites hyperlinking back to them. They found that for popular markets on the site which are fairly visible, these numbered around 3,500 links. “Then we had this handful of sites that in our view represent top-tier criminal sites, where there is really scary criminal activity,” says Griffin. “These had a maximum of just 15 inbound links.”

By comparison, a popular site on a clear web like Wikipedia might count millions and millions of inbound links. These findings indicate the tiny scale of the slice of the dark web dealing in severe criminal activity. But even criminal users adept enough to worm their way into the dark web's fetid undercarriage aren’t immune - scams running to catch out criminals abound, including typosquatting, and fake sites that promise to deliver goods or carry out actions they never will. 

Griffin says the company has been harvesting from onion sites on the dark web for a very long time, but this research was novel in its wide-ranging view of the entire dark web, rather than just the explicitly criminal elements. Griffin says their clients are all in the security space, looking to protect their organisations from a variety of cyberthreats. “It gets a lot of attention focused on it by virtue of the Hollywood aura that surrounds it,” says Griffin. “In our view, the dark web is relevant, but it's far from the only thing that matters.” 

But is the dark web the safe haven for rampant, unchecked criminality it's made out to be? Tor was set up by the US army agency, DARPA (Defense Advanced Research Projects Agency), and was solely funded by US government agencies for much of its existence, even at the height of the Edward Snowden leaks (that were orchestrated with the help of Tor).

Today, it still counts a number of US government agencies, or beneficiaries of US government money, among its donors that include the Open Technology Fund, the US Department of State Bureau of Democracy, Human Rights, and Labor and DARPA via the University of Pennsylvania.

That the very site portrayed as a secure space impenetrable to law enforcement agencies was also founded and funded by them should be enough to give most criminals pause. High profile takedowns of criminal users of the dark web, including most notably the founder of Silk Road, and Playpen, the child pornography site, have proved that it’s not beyond the reach of the law. In fact, some commentators have suggested that while Tor was founded by the US government primarily as a place where their operatives could act unseen, it also successfully acts as a honey pot that attracts criminals to congregate usefully in one place.

Griffin concurs: “It's clearly not a silver bullet for the criminal community, because law enforcement has successfully taken down markets and carried out infiltration. It certainly does not prevent law enforcement from successfully disrupting criminal activity.”

This could explain why today there is still more criminal activity taking place on the clear web than through onion sites.

Categorized in Deep Web

[This article is originally published in edp24.co.uk written by Luke Powell - Uploaded by AIRS Member: Daniel K. Henry]

A man from Thetford viewed indecent child abuse images on the dark web as he found it “exciting”, a court heard.

Matthew Norman, of Station Road, was found to have dozens of indecent images on his computer after his home was searched by police.

Norwich Magistrates' Court heard that the 30-year-old repeatedly visited a particular site on the dark web up to four times a day for a year.

Despite this, Norman told police he did not have a sexual interest in children and was instead visiting the site as he found the danger of it “exciting”.

Prosecutor Josephine Jones told the court on Friday (April 26) that police searched Norman's home after his IP address was found to have accessed the dark web.

The dark web is a collection of websites on an encrypted network and cannot be found by using traditional search engines or browsers.

Miss Jones said when officers examined his computer they found 50 indecent images, including 13 'category A' photographs.

Norman provided police with passwords to his computer and initially said when he came across such images online he would stop and close the website.

Miss Jones said: “When asked why he repeatedly returned to the website, he said he did so because of the shock factor knowing it was illegal or wrong. He said he was excited by the danger of being on the website.

“He denied downloading images and denied having a sexual interest in children.”

The court heard how Norman also accessed chat rooms on the dark web where there were conversations around child abuse.

Norman pleaded guilty to making 13 indecent categories A images of a child, 10 category B images of a child and 27 category C images of a child.

All of the offenses were said to have occurred on or before January 5, 2017.

The court heard how Norman, who is married, had no previous convictions or cautions.

Orla Daly, mitigating, asked magistrates for a pre-sentence report.

Norman will return to Norwich Magistrates' Court for sentencing on May 30.

He must not have any unsupervised contact with any child under the age of 16 unless permission is granted by a parent or guardian.


Categorized in Deep Web

[This article is originally published in digitaljournal.com - Uploaded by AIRS Member: Jason bourne]

“ONIONLANDSEARCHENGINE.COM“

People know only one name Google, a search engine by default setting on everyone PC's and works just like water for all. But now a new deep search engine with new specifications. OnionLand Search Engine launched a new search engine i.e.; onionlandsearchengine.com. It is not merely provided deep web information but Anonymity for every user.

OnionLand Search Engine introducing and expanding this new search engine with excellent key features; good results and high-quality access to the information that people actually require with one click. There is a vast section of the Internet which is hidden and not accessible through regular search engines and web browsers. This part of the Internet is known as the Deep Web, and it is about 500 times the size of the Web that we know and everyone can have access to all this information without been tracked, maintaining total anonymity.

Search engines like Google are incredibly powerful, but they can't crawl and index the vast amount of data that is not hyperlinked or accessed via public DNS services. However, there are Deep Web Search Engines that crawl over the TOR network and bring the same result to your regular browser. But, what if, you can still be able to dig the Darknet contents with your regular browsers, without the need of TOR?

OnionLand Search Engine is bringing a big change in human's life because of its Deep Web and Anonymity that you may not be able to find in a giant search engine like Google. OnionLand is introducing and marketing onionlandsearchengine.com with highly effective strategies and trying to make it default search engine by replacing Google and it seems very effective as onionlandsearchengine.com is really changing the lives of people by giving them suggestion options.

Categorized in Deep Web

[This article is originally published in infoworld.com written by Caroline Craig - Uploaded by AIRS Member: Carol R. Venuti]

The government agency that brought us the Internet has now developed a powerful new search engine that is shedding light on the contents of the so-called deep Web

The Defense Advanced Research Projects Agency (DARPA) began work on the Memex Deep Web Search Engine a year ago, and this week unveiled its tools to Scientific American and "60 Minutes." 

Memex, which is being developed by 17 different contractor teams, aims to build a better map of Internet content and uncover patterns in online data that could help law enforcement officers and others. While early trials have focused on mapping the movements of human traffickers, the technology could one day be applied to investigative efforts such as counterterrorism, missing persons, disease response, and disaster relief.

Dan Kaufman, director of the information innovation office at DARPA, says Memex is all about making the unseen seen. "The Internet is much, much bigger than people think," DARPA program manager Chris White told "60 Minutes." "By some estimates, Google, Microsoft Bing, and Yahoo only give us access to around 5 percent of the content on the Web."

Google and Bing produce results based on popularity and ranking, but Memex searches content typically ignored by commercial search engines, such as unstructured data, unlinked content, temporary pages that are removed before commercial search engines can crawl them, and chat forums. Regular search engines ignore this deep Web data because Web advertisers -- where browser companies make their money -- have no interest in it.

Memex also automates the mechanism of crawling the dark, or anonymous, Web where criminals conduct business. These hidden services pages, accessible only through the TOR anonymizing browser, typically operate under the radar of law enforcement selling illicit drugs and other contraband. Where it was once thought that dark Web activity consisted of 1,000 or so pages, White told Scientific American that there could be between 30,000 and 40,000 dark Web pages.

Until now it was hard to look at these sites in any systemic way. But Memex -- which Manhattan DA Cyrus Vance Jr. calls "Google search on steroids" -- not only indexes their content but analyzes it to uncover hidden relationships that could be useful to law enforcement.

DARPA's search tools were introduced to select law enforcement agencies last year, including Manhattan's new Human Trafficking Response Unit. Memex is now used in every human trafficking case it pursues and has played a role in generating at least 20 sex trafficking investigations. The supercharged Web crawler can identify relationships among different pieces of data and produces data maps that help investigators detect patterns.

In a demo for "60 Minutes," White showed how Memex is able to track the movement of traffickers based on data related to online advertisements for sex. "Sometimes it's a function of IP address, but sometimes it's a function of a phone number or address in the ad or the geolocation of a device that posted the ad," White said. "There are sometimes other artifacts that contribute to location."

White emphasized that Memex does not resort to hacking in order to retrieve information. "If something is password protected, it is not public content and Memex does not search it," he told Scientific American. "We didn't want to cloud this work unnecessarily by dragging in the specter of snooping and surveillance" -- a touchy subject after Edward Snowden's NSA revelations.

Memex got its name (a combination of "memory" and "index") and inspiration from a hypothetical device described by Vannevar Bush in 1945 that presaged the invention of PCs, the Internet, and other major IT advances of the next 70 years. Now DARPA and Memex seem set to bring us one step closer to Philip Dick's futuristic police department depicted in "Minority Report."

A new round of testing, set to begin in a few weeks, will include federal and district prosecutors, regional and national law enforcement, and multiple NGOs. According to the Scientific American report, it aims to "test new image search capabilities that can analyze photos even when portions that might aid investigators -- including traffickers' faces or a television screen in the background -- are obfuscated."

By inventing better ways of interacting with and presenting information gathered from a larger pool of sources, "we want to improve search for everybody. Ease of use for non-programmers is essential," White said.

Categorized in Deep Web
Page 1 of 9

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now