2016 was an active year for the dark web. New cryptocurrencies found use alongside Bitcoin (BTC), and the general offerings of the dark web markets shifted significantly. Several high-profile hacker forums and underground marketplaces have disappeared, with new ones popping up to take their place. Interesting and new darknet-based privacy services were announced in the forms of an ISP and a VPN offering. Additionally, 2016 saw impactful policy and enforcement efforts targeting the dark web and its users. These State-backed efforts continue to be a major topic of discussion in dark web user and market forums, driving individuals to share analysis of takedowns, potential impacts of new policy, operational security (OPSEC) tutorials and advice, personal and secondhand accounts of interactions with law enforcement, and suggestions for how best to guard particular dark web services and their users from future enforcement efforts by the State.
Deep web, Dark web, Darknet — while these terms may be used interchangeably by the media, they represent distinct, but related segments of the Internet. The deep web refers to pages and services on servers that are accessible through standard Internet browsers and methods of connection, but not indexed by major search engines. Often the deep web is not indexed by search engines because of website or service misconfiguration, search listing opt-out requests, paywalls, registration requirements, or other content access limitations. The dark web, a relatively small portion of the deep web, relates to web services and pages that are intentionally hidden. These services and pages cannot be directly accessed through standard browsers alone, they rely on the use of an overlay network requiring specific access rights, proxy configurations, or dedicated software. Darknets are frameworks where access is restricted at the network level, for example Tor or I2P. Private VPNs and mesh networks also fall into this category. Network traffic over these frameworks is masked in such a way that snooping shows only which darknet you are connected to and how much data you move, without necessarily revealing what sites you visit or the content of said data. This is in contrast with simply interacting with the clearnet or unencrypted surface and deep web services, in which case your ISP and network operators between you and your requested resources can openly see the content of the traffic you generate.
Tor is not the only darknet framework out there. While it is the most popular, there are a number of increasingly popular “anonymity networks” to be aware of. None of these should be expected to offer any anonymity from a dedicated adversary: they are research projects in the ergonomics of anonymous communication. Almost as old as the Tor project, is the Invisible Internet Project (I2P). I2P, like Tor, is a network that sits on top of the Internet and provides some masking of its user’s identities. However, to claim that I2P makes its users fully anonymous would be misleading at best. Most commonly implemented using Java, the open-source I2P protocol currently supports Web surfing, chatting, blogging, and file sharing. Released in March of 2000, Freenet is probably the most well known darknet after Tor and I2P. A peer-to-peer (P2P) platform that aims to be censorship and surveillance resistant, Freenet suffers from a relatively small number of nodes, making it potentially easier to unmask targeted individuals, especially if an actor has the drive and resources to run a significant number of their own nodes, which is suspected to have happened with the “Black Ice Project”1. This is an aspect of the framework the Freenet developers and user community are working to make more resilient.
Zeronet is another such framework, but it is based on BTC cryptography and the BitTorrent network. Much like Freenet, Zeronet aims to be a decentralized P2P network that resists orders to be taken down or otherwise knocked offline. Python-based and open source, the project allows users to access specific "ZeroNet URLs" through regular browsers with the option for users to mask their IP addresses. Another P2P mesh network in development is Netsukuku. Unlike Tor, Netsukuku isn’t another overlay network. Netsukuku is a separate physical network and dynamic routing system capable of handling up to 2^32 nodes without the need for centralized servers. Riffle, an MIT project, is being reported as potentially faster than Tor, providing stronger security guarantees, and boasting a “bandwidth and computation efficient communication system with strong anonymity”2,3,4,5. We believe it is worth following the development of these darknet technologies, their potential adaptations, and their future adopters to better understand how they are being used. This knowledge will then help us realize how darknet technologies may impact our customers.
In December 2015, the former Executive Director and President of the Electronic Frontier Foundation (EFF), Shari Steele, was brought on as the Tor Project’s new director. In May 2016, Jacob Applebaum resigned from the Tor Project, and an entirely new board of directors was appointed. Additionally, the group’s headquarters moved from Cambridge, MA to Seattle, WA6. In response to this large shake-up, one of the project’s oldest and largest contributors, Lucky Green, also walked away from Tor., Lucky Green reportedly took the critical Bridge Authority node, 'Tonga', and several fast Tor relays with him. In a June 2016 article by the Pew Research Center titled, “The State of Privacy in Post-Snowden America,” the authors state that their research found that, “some 86% of internet users have taken steps online to remove or mask their digital footprints, but many say they would like to do more or are unaware of tools they could use.” The report goes on to explain that “some 74% say it is 'very important' to them that they be in control of who can get information about them, and 65% say it is 'very important' to them to control what information is collected about them.”7 With sentiments like these, we expect that we’ll continue to see a rise in usership of privacy oriented services such as Tor.