Exploring the Deep Web

More documents

Recommendations

Info

The Deep Web and the real worldMainstream adoptionServices that rely on rogue TLDs or Namecoins offer too high an adoption barrier to common users and veryfew advantages for average users to be considered publicly significant. But we’ve witnessed more and moreusability improvements in systems like I2P and especially TOR that have slowly become viable solutions foreveryone to go anonymous with hardly any setup requirements.TOR applications with anonymous browsers integrated are readily available for all major desktop and mobileplatforms, allowing everyone to go anonymous and to access hidden sites in just a few touches. For journalistsand people requiring an even higher level of privacy, a fully tailored OS integrating TOR and anonymousbrowsers can be downloaded and installed on a USB key for use on any available machine.Example of a downloadable anonymity program36 | Below the Surface: Exploring the Deep Web
True anonymityIn practice, traffic between two TOR nodes is not traceable, but that to and from entrance and exit TORgateways are. If an organization operates enough TOR gateways, there is a possibility that traffic using theTOR network can be tracked. Using TOR in countries that don’t have enough budgets to operate a criticalmass of gateway nodes can be considered safe. But in other countries with high intelligence service budgetslike the United States or China, using TOR may not be as safe.In addition, any anonymizing system is only as effective as its user. As advanced as an anonymizing systemmay be, even those like TOR and I2P only cover the transport layer of communication but remain powerlesstoward the content of communication. Simply put, no anonymizing system can hide a user who posts his/herhome address and details in the open.We can, therefore, list two major types of risk linked to anonymity in the Deep Web:• Environmental vulnerabilities• Social vulnerabilitiesEnvironmental vulnerabilities refer to every possible flaw that can be linked to other software used togetherwith TOR. For example, a notorious bug affecting the Adobe® Flash® version embedded in the browser thatcomes with a version of TOR once put the whole system in jeopardy since it was possible to exploit the bug toleak sensitive data despite the use of TOR.Social vulnerabilities are related to user behavior and the precautions users may take other than simply usingTOR. Dread Pirate Roberts who was recently convicted to life in prison due to his Deep Web marketplacewas caught by the FBI due to his use of a private email address in a public forum. Correlating the identitiesof Deep Web users with their Surface Web alter egos is an interesting research field that involves disciplineslike social network analysis and stylometry.“If you go to the doctor and undergo surgery and youwake up in your hospital room and violate all thehygiene rules, you will die even if you have the bestsurgeons, the best tools, the best hospital. Same thingwith anonymity, if you are behaving in an unwisemanner, even the best tool can’t protect you.”—Martin Rösler,Senior Director,Threat Research37 | Below the Surface: Exploring the Deep Web
Page 1 and 2: Below the Surface:Exploringthe Deep
Page 3: Interestin the Deep Web peaked in20
Page 6 and 7: What are the uses of the Deep Web?A
Page 8 and 9: The state of the Deep WebMany studi
Page 10 and 11: Looking at the language distributio
Page 12 and 13: What makes up the Deep Web?Many use
Page 14 and 15: The following table provides a brea
Page 16 and 17: VAWTRAK C&C server that shows a leg
Page 18 and 19: 18 | Below the Surface: Exploring t
Page 20 and 21: The availability of illegal narcoti
Page 22 and 23: Bitcoin and money-laundering servic
Page 24 and 25: Sites that offer counterfeit US$20
Page 26 and 27: Unverified PayPal accounts sold in
Page 30 and 31: Leaked details: Government, law enf
Page 34 and 35: As shown, prices vary based on the
Page 38 and 39: Law enforcement and the Deep WebLaw
Page 40 and 41: The future of the Deep WebWhile pub
Page 42 and 43: ConclusionThe Trend Micro Forward-L
Page 44 and 45: AppendixCatching NionSpy (aka Mewse
Page 46 and 47: References1. The Tor Project, Inc.
Page 48: Created by:The Global Technical Sup

Exploring the Deep Web

Create successful ePaper yourself

Delete template?

Save as template?