Skip to main content

DarkNet, Deep Web and Bitcoins

Mwahahaha. Muahahahahahahah. Finally they got me. I tried to defy crossing to the dark side for so long... But I couldn't help myself. Resistance was futile. It always is. As from today, I am proud to announce that I finally joined and opened my first darknet page. Every Yin has its own Yang and today this blog earned its own yang page. Or was it yin page? Hmmm, that's unclear and surely depends on the point of view and in case of the almighty Internet, and its Darknets and Clearnets, what is Yin and what is Yang is not intelligibly comprehensible, especially if you are familiar with internet background and its traffic, packets, sniffing, crawling, protocols, addresses, tcp sources and lots of other technicalities. Anyhow, please behold my first darknet page which you will never find by googling and searching. For all the mainstream sake, it doesn't exist. Even if they find it, I will change the node and the link and go even deeper into the dark shadows of the network where internet robots and crawlers are not welcome.

Mwahahahahahah... Muaaha.... Ahem.. Sorry I still can't get rid of this evil laughter and I am glad you can't hear me live. To be honest, I have really nothing to hide, so the face on my darknet page is really me. I tried to make something suitable for the occasion so I photoshopped the darkest portrait of me as I could. And of course the text on the page is more than 'right down someone's alley', if you know what I mean. Ok, I will stop with fooling around, get serious and finally try to dive a little into the world of 'dark' networking and learn about the main ideas behind the 'secret' layer of the web that makes it all possible. If you are not familiar with this topic, like me not so long ago, you might be surprised that in the world of Internet there is no actual and visible line between clear and dark networks and that they both suffer with being invaded with all kind of characters and software. Neither the darknet is really evil and place for various hideouts from the mainstream nor the clearnet is a place where all participants are behaving nicely. But, before you learn how to access my darknet onion page or Tor's hidden service, to use its proper technical name, lets try to understand this entire network and all the reasons why it is invented in the first place.

In the nutshell and I will really try to describe it in as little words as possible, global network owns its existence to one and only protocol. Its name is TCP/IP or Transmission Control Protocol (TCP) and the Internet Protocol (IP), designed, not surprisingly, for military purposes back in sixties of the previous century by DARPA, an US agency founded by department of defense or DOD. ARPANET, as it was called back then in the time, included lots of academic research within various universities in USA and probably due to the fact of this "civilian" contribution, it failed to stay behind iron military firewalls and over the years evolved into the Internet we are all familiar today. What was powering it back then, fifty years ago, is still valid today. TCP/IP packets or packet's switching was, and still is, digital communications method that groups the data into suitably sized blocks that travels from the source to the destination computer on the network. To simplify, if you are sending an instant message to me, it is split into numerous digital packets and sent away toward my internet address, or IP. Packets would use the route from your computer by using your and mine internet providers, toward my computer and cross various internet roads, intermediary networks and routers. If you attached large file in your message, there will be lots of packets and they all will come to me pretty fast. Not all of them, however, might use the same route to get to the destination but eventually all of them will assemble in the same form as in the origin point and presented to me as an message you wanted to look like in the first place.

This is basically all that is in works behind the internet no mater it is instant message, email, web page, audio or video streams or anything at all that can be called internet data. It was nice and perfect when it worked between two university labs in the beginning, but today this data carries lots of sensitive information, including passwords, pin codes, banking transactions, business and stock market info and all of your social data. You see the problem? Virtually and practically anything sophisticated enough, in form of a sniffing software is able to park within those internet freeways, or routes, and reads, listens and watches the traffic. Now, internet packets are composed by headers and payloads. Payload is the data and it can be encrypted but header is what defines it and it includes the source and destination addresses and more data that closely describes the packet. Think of it as a car. If you are standing next to the freeway junction you can clearly see passing cars, where they came from, direction where they are going, color of the cars, their type, speed, but you will hardly be able to notice what or who is inside. The same is with internet packets and just by monitoring their headers, we can conclude a great deal about them, even though we are not able to see their payload. If payload is not encrypted it will show everything about it, but if it is, you and me will fail to read it. However, with enough computer power and various decryption software, many internet hackers and agencies with cool acronyms are able to crack the data and see through nevertheless. In the following metaphor with cars and freeways, it would be similar to the car driving with 100 mph while you are trying to see who's inside from the junction point. But if you have a camera capable of taking a snapshot image of the car in a fraction of the second, identifying passengers will be piece of cake.

As I write this on this very day, it is estimated that around 40% of entire worldwide population is using the internet. That is about 3 billion people today plus devastatingly large number of those cracking and sniffing bots doing their intelligence 24/7. If you are owner of a blog, like this one, and if you compare raw statistical data of all visitors with those identified as non-bots or humans it will be easy to conclude that ratio between humans and software bots goes 1 to dozen in favor to all those crawlers and automated robotic schedulers. DarkNet in its initial design is nothing more than just a way to prevent all those monitoring and spying bots to get your data or your online behavior without permission. Even in the beginning of the internet, in the ARPANET times, there were computers able to hide from the network, always in the shadows, never responding to any pings but always able to see the others and free to do whatever they were designed to. If you ask me, all the military aspect of the initial global network is still present and, in a way, DarkNet is a tryout to get rid of it.

So how it works? Does it work? Good questions. Answer to the second question is not really positive. It's simply not possible to make an independent network, built on the top of the existing one, to be completely isolated. But it is adding additional troublesome for the sniffers. Let's see how the most popular anonymous network, called TOR, or "The Onion Router" works. Comparable to onion layers, it uses internet packets, just in usual matter, but it routes them through TOR network nodes. Let's get back to our instant message and its packets from the beginning - instead of connecting source computer software with destination via internet route, TOR is routing IM packets through randomly selected TOR servers and packet's payload is encrypted multiple times. Each TOR server on the way is decrypting only it's layer in order to know where to send it next, but it never knows its real destination and its real source. Only first and last TOR servers on the way know who sent it and to whom. If you are a crawler in the middle of the path, without serious computation power of decrypting the layers it is impossible to know everything in real time. Their TOR browser, based as a layer on the popular Mozilla Firefox, is capable to use the network and in understandable time delay, show browser page without providing your initial request data to the web server. In the following example, if you paste the URL of the clearnet website address, such as, in this case, my previous blog post, TOR browser will choose random servers and send request through five nodes, with four of them belonging to TOR network. In the route on the image, Google's web server, hosting my blog post will send all the packets to the TOR server in UK. It will encrypt them all with three layers of encryption and send it to the TOR server in Czech Republic. This one will decrypt one layer and send ti forward to another TOR server in Germany. This one will decrypt next onion layer and send it to my own computer in Serbia and the TOR browser at the end will decrypt the final layer and pass it to the Firefox. If the original page is already using SSL/TSL encryption, Mozilla will decrypt it once more and finally present it as a blog post in a form of a web page. If on that page were running some additional client scripting, like Google Analytics or ADsense, they will not be sent to Google at all - and as far as web server is concerned, web page is accessed by the last TOR node in the chain and in this case the one in UK. You can access the same page numerous times and every time different path will be chosen.

Now, if you think about it, if you are using TOR or similar DarkNet networks, the obvious issues might be on the path's edges. Your information from initial web requests went from your computer and first TOR server, passed middle nodes and last TOR node in the chain, eventually accessed some internet server at the end of the path and return the data to you. But what if you are not accessing the normal internet at all? What if you want to access a web page that is located on the very TOR network and located inside one of those TOR servers? See it now Trinity? Now we are inside the TOR completely and DarkNet is our only network, parasitically hooked to the internet itself. Those websites are called hidden services and you can only access them via TOR browser or some TOR proxies. And as you guessed, one of those deep web pages was my own DarkNet page from the beginning of this post. Of course it is not the real page - I am not hosting a TOR node or anything, but every time I start TOR browser in a matters of seconds it is propagated through the network and you can see it in your TOR's browser or by some TOR based operating systems or plugins and extensions for regular browsers. For now it is just another proof of concept, but who knows, I might find some use of this in the blog's future. Until then it will be online along with my TOR browser running at my side, which will not be too often.

But how many actually deep web websites and contents are out there really? If you try to google articles about DarkNet and Deep Web sites first thing you will notice is the comparison of all internet traffic with icebergs. Many bloggers and articles are comparing ClearNet with the iceberg above the surface while DarkNet is taking all the ice under the water. There are even large numbers shown to support the claims. But, is this really true? I can't say for sure and I don't believe so. DarkNet society is still young and even though if we consider all unregistered and unsearchable password protected content, tremendously huge size of DarkNet is not swimming in the domain of plausibility to me. However and despite, sort of, noble idea behind DarkNet existence, and I will quote TOR, "to defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy", this realm of the internet is also used for "real dark" activities and with increased ability to share digital data anonymously, without governmental spying and sniffing, it's not surprise that this network is perfect for various perverts, data miners, kidnappers, terrorist sub-networks, spy agencies, drug dealers, pornography, international drug markets, prostitution rings, assassin markets... There are even search engines, like the one called "Grams" dedicated entirely for searching for drugs and guns...

In a way we can look the DarkNet as a system emerged out from previous one trying to solve it's issues and vulnerabilities. Similarly, the same look we can use toward money and all those financial and banking institutions, average people today only vaguely understand and usually take for granted. The trade in the pre-digital and pre-banking era was very simple - I will give you "this" but in return I expect from you to give me "that". If you don't have "that", please give me some gold coins I can trade later with someone who actually offers "that". Today, between "this" and "that" we have dozens of layers in term of intermediary banks and financial markets, including digital services like PayPal and credit/debit card online systems. The logical question arises by itself: is there a way to get rid of all those intermediaries and simplify trade like it was before? I mean we today have computers, can we use them to simplify instead of complicate things? Can we invent something truly transparent and controllable by everyone? And this is the point where one great idea called bitcoins comes in. Just like in old fashion trade between two persons, bitcoins are used as the only intermediary between purchaser and vendor. With no banking in the middle of the trade. It not only eliminates complexity of the system but it shortens the time of processing the transaction and cuts the fees significantly. Instead of bank accounts we only have one ledger that is maintained by open source software. It is accessible and controllable by anyone online and instead of dozens of cards and multiple online accounts one person owns only one wallet with it's own ledger section in it. Bitcoin goes even further from that - it is not just another currency on the financial market. Simply put, it is both, money and payment system and we should not think of it as a state banknote that needs some solid grounds, like gold bars in some state treasury and it's not based on the traditional sense of ownership. Its value started from zero back than in 2008 when it was introduced and for ten months it staid zero until it started to be widely accepted and used. Today it's value is dependable on market and worth more than 300 euros. Now, with additional security of TOR networks it was obvious that bitcoin system would root itself first there and unfortunately, with all dark and criminal human behavior spreading across the nodes as well, we today earned ourselves Dark Markets as well. I will let you use your imagination to deduct what items can be bought within Dark Web for one or two bitcoins...

At the end of the story it is inevitable to point out that very much indeed, like in Newton's third law of action and reaction, DarkNet is nothing more than just a reaction to internet's ever growing digital surveillance by individuals and worldwide governments. It's simple truth, if internet was free and designed to prevent sniffing and spying in the first place, there would be no reason for DarkNet at all. The same goes with Bitcoins - if financial systems were designed in, some would say, honest way, without heavy usage of wealthy intermediates, there wouldn't be any need for the renovation, would it?

Hidden Wiki:


© 2023 Milan's Public Journal