A walk on the dark side of the internet

ANU College of Law military and security law expert, Clive Williams. Photo: Claire Atteia/ANU

By Professor Clive Williams

Most people have probably heard of "Silk Road" which was the first modern Darknet online cryptomarket, best known for selling illegal narcotics. As part of the Dark Web, it operated as a Tor service, such that potential buyers were able to browse it anonymously and securely without being monitored.

Let me explain those terms in case you are not familiar with them.

The "Darknet" is an internet overlay network – part of the worldwide web – that can only be accessed with specific software, configurations, or authorisation. Two typical network types are friend-to-friend networks (often used for file sharing) and privacy networks, such as Tor (which I will cover later).

The "Dark Web" is a small part of the Deep Web, the part of the worldwide web not indexed by search engines. Deep Web was also a 2015 documentary film directed by Alex Winter, chronicling the events surrounding Silk Road, Bitcoin, and the politics of the Dark Web. The Deep Web is several orders of magnitude larger than the above surface web, much like the underwater part of an iceberg.

Much of the internet's information is buried in deep, hard to access sites, where standard search engines will not find it. It has been estimated that the most powerful search engine, Google, searches up to 16 per cent of the surface web – and none of the Deep Web. (Google's "search market share" is 67.49 per cent as of September 2015; Bing is second with 12.26 per cent; and Yahoo third with 9.19 per cent.)

"Tor" is free software for enabling anonymous communication, the name being derived from "The Onion Router". ("Onion routing" is encryption in the application layer of a communication protocol stack – hence layered like an onion.) Ironically, Tor originated as a project at the US Naval Research Laboratory with the purpose of protecting US intelligence communications online. It continues to receive US government funding.

Tor directs internet traffic through a free, worldwide, volunteer network consisting of more than 7000 relays to conceal a user's location and internet usage from anyone conducting network surveillance or traffic analysis. Tor makes it difficult for internet activity to be traced back to the user.

The first Silk Road cryptomarket (Silk Road 1.0) was launched in February 2011. Initially, new sellers had to buy a limited number of sales accounts at auction. Later, a fixed fee was charged for each new seller account. In October 2013, the FBI shut down the website and arrested American Ross Ulbricht on charges of being the site's founder, operating under the pseudonym "Dread Pirate Roberts". In February 2015 Ulbricht was convicted of money laundering, computer hacking and conspiracy to traffic narcotics. He is serving a life sentence without possibility of parole.

On November 6, 2013, Silk Road 2.0 came online, run by former administrators of Silk Road. It too was shut down and the alleged mastermind, American Blake Benthall, who called himself "Defcon", was arrested on November 6, 2014. This was part of an international law enforcement operation titled Operation Onymous, which exploited a Tor vulnerability that allowed the physical location of servers to be determined. Benthall is yet to be convicted.

There is now "Silk Road 3.0 Reloaded". Instead of using the Tor network like other cryptomarkets, it uses special I2P software to configure a user's computer to connect to I2P web pages, called "eepsites", which end in the suffix .i2p. I2P takes a peer-to-peer approach, and makes every user's computer a node in the network. "Essentially all peers participate in routing for others", which allegedly makes it more secure than Tor.

For payment, the Silk Road and Silk Road 2 only accepted Bitcoin, but Silk Road Reloaded processes transactions in one of the nine established cryptocurrencies, including Anoncoin, Darkcoin, Dogecoin, Feathercoin, and Litecoin, converting them into Bitcoin for a lucrative 1 per cent conversion fee.

Internet drug dealing is said to be up by 100-200 per cent since Silk Roads 1.0 and 2.0 were closed down, with markets more plentiful and diverse than ever before.

The anarchist group Anonymous says the best Darknet market today is Agora Marketplace. At the cryptomarkets one gram of cocaine costs around $136 whereas in Australia it costs $235. About one in 10 Australian drug users now buys his or her drugs online.

The lead Australian law enforcement agency tackling Darknet drugs is the Department of Immigration and Border Protection. Its predecessor organisation noted in 2015 that "Darknet markets continue to be volatile and while the number of listings and marketplaces may have expanded, so too has the incidence of listings fraud, marketplace failures and Bitcoin losses".

Law enforcement agencies monitor activity on the Deep Web because it is an obvious place for drug dealers, terrorists and paedophiles to hang out. Sigint agencies are also interested in terrorism links and the activities of foreign intelligence agencies who might be using it to communicate anonymously.

A 2014 report by Der Spiegel based on Snowden leaks revealed that the US sigint agency NSA deemed Tor a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, ZRTP, RedPhone, Tails, and TrueCrypt ranked as"catastrophic", resulting in a "near-total loss/lack of insight to target communications".

The main directory on the Dark Web is the "Hidden Wiki", which assists users not only in finding data, but also gaining access to illegal services such as money laundering, contract killing, contract computer hacking, restricted chemicals, counterfeiting of all types, revenge porn, gambling, unauthorised downloading of movies and music etc.

One of the characteristics of Dark Web terrorist websites is their ability to manage rapid changes of internet addresses. When authorities force a site to close, informal networks based on chat rooms or e-mail inform the group's supporters of the new network address. This word of-mouth system is very effective. It also reinforces a sense of inclusion in the group and empowers the group against those who would close it down.

Anonymous encourages internet users to sign up to the Anonymity Newsletter to "receive invaluable information about how to remain anonymous online to hide your Deep Web activities. You will also receive the latest news on what is happening on the Darknet Marketplaces and Deep Web as well as great resources to use on your journey through the Darknet".

The Deep Web is an important and legitimate research resource, but be warned – you could attract unwanted attention if you inadvertently go to sites engaged in illegal activities.

Clive Williams is Visiting Professor at the ANU College of Law, adjunct professor at the Australian Defence Force Academy and an honorary professor at the Australian National University's Centre for Military and Security Law. This article was first published in the Sydney Morning Herald.


Updated:  10 August 2015/Responsible Officer:  College General Manager, ANU College of Law/Page Contact:  Law Marketing Team