The dark side of the web — exploring darknets | Kyle Terry | TEDxSalem


Reviewer: Queenie Lee The term “darknet” was coined in the 70s, and it was meant as a way to describe networks
isolated from ARPANET. ARPANET eventually
became the commercial internet run by the private telecoms
we all use today. ARPANET was created
by the US Department of Defense, and it was created to share data about their projects
in research laboratories, with the universities. And for those of you
familiar with networking, it was a first packet-switching Network, which is the foundation
to modern networking. Now, we’re not talking about
the World Wide Web here. That didn’t show up until 1990, when Tim Berners-Lee set up
the first web server at CERN. The internet is a massive
piece of hardware. It enables communication instantly, on a global scale. [He’s lying; it’s totally
a series of tubes.] (Laughter) [It’s absolutely massive.] And in fact, there are hundreds
of cables spanning the ocean along with ground-
to-satellite communication and radio-to-radio communication, just to make this thing work. I like to tell people
I circumnavigated the globe once, and I start with that because it sounds a lot cooler
than it actually is. What I did was to set up
a bunch of virtual servers around the world, running Netcat. And I cloned the left
computer’s hard drive to the right computer by streaming the data through the tunnel. And it’s so awesome
that that works at all. But I feel like people
have ruined this for us. They’ve ruined it with spying
and surveillance. And there’s a constant need
to watch everything we do. So a lot of us are scared to read a certain page on the internet
or maybe download a publication that’s a little too leftist
or rightist in content. And my hope is,
darknets help solve this problem. So I’m going to explore
and share a couple with you here today. When it comes to darknets,
there are a couple different types. Historically, they were meant
to be private file-sharing networks but these days they’re dynamic pages rich with media content
and pictures and videos, so they’re already familiar to us. With darknets, some are peer to peer, some are centralized, but most are going
for a decentralized model, and we’re looking for
specific types of philosophy when we consider whether or not
our network is a darknet. We’re looking for take-down resistance: that is the government,
or anyone else for that matter, can’t just come in, unplug the thing and watch it disappear. We’re looking for anonymity, so nobody knows who’s reading,
uploading, or creating content. And content-richness, because if there’s nothing
to see or read, or it all sucks, then really what’s the point
of even having a darknet? Turns out they’re pretty useful. And they’ve been used
for political safe-haven, journalism, piracy, black markets, but most importantly, at least to me, privacy. You’ve all heard
of the Silk Road, I’m sure. Well, the Silk Road was running
on a network known as “Tor.” Tor is a node-based,
decentralized anonymity network. It was initially researched
by the US Naval Research Laboratory, and has been since handed over to a 501c3 known as the Tor project. Around 80% of their budget
still comes from the US government, and the rest of it from private
donors and even other governments. Tor made its way into the public’s hands
because that’s the only way it could work. It would be completely pointless if every request the Navy
wanted to make anonymously came from a Navy controlled network. So I like to think that they
created Kansas City Shuffle, where they just dropped this thing
into the public’s hands and everybody went buck-wild with it. So while everybody’s looking left,
at headlines about the Silk Road, and drugs, and guns,
and all the bad stuff, the Navy’s going right
and blowing shit up. Tor works by having relay and exit nodes. A node is just a computer
running Tor software, and a relay node takes a request, peels off a layer of encryption and hands it off
to the next node in the route, still encrypted. An exit node takes
a now unencrypted request when it reaches through
the end of the route, and makes the call to Google.com
or whatever you’re trying to access, and the response comes back
and everything happens in reverse until the content is displayed
in the Tor browser. Tor is cool because it lets
you browse the normal internet along with these things
called “hidden services,” unlike other darknet-like software where you pretty much just have
what the network provides to people, what people can upload and whatnot. Hidden services are like normal websites; they’re dynamic in nature, but you access them
with a “.onion” address. And the .onion address is like
a normal domain but less memorable. Because it’s a bunch of random
characters followed by “.onion.” So you don’t really just say “Hey, I’m going to go to xyz409.onion,” you’re going to use
a search service and find it. So, that could be a hurdle to some people. These sites are really
the darknet side to Tor and are often referred
to as “the Deepweb.” So, we’re going to explore Tor, and here’s the first screen you get
when you launch the Tor browser. The Tor browser comes
in “the Tor browser bundle,” and it’s a nice, neat package. And I love that they did this because nobody’s going
to use this stuff if it’s hard. This is something familiar. This is Firefox, but kind of
configured in a way to use Tor. This is the first screen you get – green. It says we’re connected
to the Tor network, and if it was red,
you should stop right there because you’re not anonymous,
and you’re going to do something stupid. Trust me, you’re going
to do something stupid. (Laughter) This is an example of me
using a service called “DuckDuckGo.” A lot of you probably
started to hear about this because it’s an alternative to Google,
kind of gaining popularity. And I’m searching for “Tails,” and Tails is an incognito live system. So, it runs Tor and is very relevant here. I’m getting to the download page,
and I’m going to download Tails on Tor, so nobody knows I’m downloading Tails. Here’s an example
of the Washington Post SecureDrop. “SecureDrops” are these things that news organizations are starting
to add to their websites that allow people to connect to Tor, go to an Onion address, and deliver some papers
or maybe some intel to journalists. Here’s an example
of a .onion search service. You search for a term,
and you get some results back. So here I searched for “black market.” And I’ve clicked on a link. I put this in here because this is a good example
of things not being taken down on Tor. Yes, the Silk Road got taken down, but it’s very rare,
and it was their own fault. So, here you can spend
Bitcoin on assault weapons. And here are some of the ways
that they concealed it. Here’s a social network. It’s a really boring social network; don’t get excited. But I put this in here because the registration page
is really interesting. It specifically says: “No child porn. No porn. No hate speech,” and “No commercial activities.” And this is a great example
of the community that you get on Tor. They want privacy, and there’s a lot of trying
to keep the thing clean and safe for people to use. Here’s an example of me logging in.
There’s a stream. And I put this in here
because this is the first question I get whenever I talk about
the Deepweb to somebody. They say, “Can I buy a hitman?” (Laughter) And I’m like, “I’m showing you this thing
that makes you anonymous on the internet, and you ask me about a hitman. That’s the first thing you ask me.” Here’s Aphex Twins announcing
their new album on a hidden service. Here’s an example of something you should
not be doing on Tor, and it’s Facebook. It’s because their terms of service
are very antipseudonym. So it’s just inherently a bad idea. Same with LinkedIn, antipseudonym – you are who you legally are; therefore, you should not be using
an anonymization service. And here’s something
that’s maybe okay, and that’s Twitter. I see a lot of people
using Twitter anonymously. I haven’t read the terms of service
so I’m not sure if that’s okay or not. Tor is great. My experience with Tor
has been very pleasant. The network is actually pretty fast,
contrary to popular belief. And a lot of people use it. Edward Snowden used it to upload documents
to journalists about the NSA files. And it was used during the Arab Spring, in 2011 Iran protests. I also looked at Freenet. Freenet is a decentralized,
peer-to-peer file sharing network. It’s similar to BitTorrent
but everything’s encrypted, so it’s really hard
to detect Freenet traffic. And you share your hard-drive space
and some bandwidth with the network, and it basically stores things
on your hard-drive. They’re encrypted, so you’re not really held accountable
for what you’re serving up to the network, and you can be serving
some pretty shocking things. They have these things called
“Freesites” and “Flogs.” They are static; they’re not dynamic. So people have to re-upload the content
over and over and over again. So things kind of go out of date. The last Flog that I saw updated
was in like 2011. So we’re going to take a look at Freenet. Here’s the first thing you see
when you first install it, and I don’t like that, because it
is a setup screen, and nobody likes that. Nobody likes setup screens. Here’s another setup screen. More setup. Now you have to choose
which security mode you want. And you’re like: “I want high security,
but I have no friends using Freenet.” Here’s a browser advisory telling you
not to browse in non-incognito mode. Data store size, bandwidth limits,
more setup. It’s just setup. And here’s the first page that you get to. It’s confusing already. And here’s an index page;
finally, I’m in an index page. And I scroll through this thing,
and I can’t find anything that I want. So I get another index page. I download this one,
and now I have a virus on my computer. (Laughter) Here’s an index page
that’s just offering me a bunch of porn. Here’s a cleaned up index page; ah, finally. I’ve found the links I’m looking for. Freenet is slow and hard to use. I put it in here because it’s a good
example of a different type of darknet. It’s harder to use and I don’t think
it’s the right direction. But it exists. How many of you read
Linux Journal or Boing Boing? I see a couple hands. You’re all extremists. (Laughter) Darknets are very important
and have played an important role in uprisings, journalism overseas,
and in states of political turmoil. They’re pretty useful. They became especially useful
after the Snowden leaks of 2013. Specifically, because
of what the files contained. That is, according
to the XKeyscore system, Linux Journal and Boing Boing
are extremist forums, and will make you
a target for surveillance if you visit certain links to those sites. So it’s safe to say – if you’re
unfamiliar with XKeyscore, it’s an SA program designed to help
analysts pick targets for surveillance by searching for keywords
such as emails, emails body content, and other types of data collected as part
of its broad data-collection activities. So it’s safe to say that I do
a lot of reading on Tor. And it’s because –
I don’t know about you all – I don’t want to feel like I’ve done
something wrong doing research. And I just don’t want to feel judged
in general while I’m on the internet. So, I hope this got you as excited as I am
about darknets and the deepweb. And there’s a lot more than this
to learn and explore as well. But I’ll leave you with this: Darknets are an important piece
to surviving a surveillance state. And the past a year and a half
has made it very clear that the entire world is living
in a surveillance state. Thank you. (Applause)

Comments 100

Leave a Reply

Your email address will not be published. Required fields are marked *