Security

The Darknet Is Open Source: A Conversation with Google’s Nwokedi Idika

24 Nov 2016 5:09am, by

idika Dr. Nwokedi Idika would like you to know a few things about the Internet’s underbelly. For starters: actually, it’s more of an overbelly, if that can be a thing. If you happen to be attending Node Interactive in Austin next week, you’ll be able to catch his live talk, “Shedding Light on the Darknet.” If not, here are a few of the ideas he will be presenting. TL;DR: nobody really completely comprehends the Darknet. Especially if you think you do — then you really, really don’t.

Idika, a software engineer in Google’s security and privacy division, has a sideline these days explaining the Darknet to the rest of us who think of it as that place you don’t really know how to get to but is where you’d want to go if you ever needed to hire a professional hit man. It’s a vocation that, he says, he stumbled into almost accidentally — but once down inside the rabbit hole, found so fascinating that he’s never stopped.

So! You’re an expert on the Darknet? How’d that happen?

I wouldn’t even characterize myself as a Darknet expert. It’s such a nascent field that it’s really not possible for anyone to be an expert. But I got into it as part of my previous job  at Shape Security, a web security company specializing in defense against automated application attacks. Somebody needed to learn this stuff, given that many attacks have origins in the Darknet, and I got tagged to be that person.  We were a startup at the time, everyone wore so many different hats, and this one landed on me.

So I started learning all I could about the Darknet, and in learning, I realized there is a LOT of confusion. That even many technical people truly did not understand the Darknet, even if they felt they did. But I also found that this lack of understanding is mainly due to the fact that new technologies aren’t documented or even explained very well when they’re new. Over time people find good ways to explain it to themselves and then the rest of us. So that’s pretty much my thing, that somebody needed to explain all this as Darknet technology becomes more popular and people get more and more aware of it and interested in accessing its capabilities. I’m that guy, but I’d never say I’m an expert.

My job at Shape was to explain it to everyone in the company, not just other tech staff but also people in sales and human resources. In my early days of framing and communicating an understanding of the Darknet, I had a colleague tell me, “I understand all the words that just came out of your mouth, but I still don’t understand what you’re talking about.”

So I worked hard at putting complex technical concepts into simple, everyday language. Tech folks think they might want always technical language, but it can be just as hard for them to wrap their minds around truly new technology. Straightforward explanations aren’t just for the folks in HR. Anyone learns concepts better when they are made more concrete. So rather than opening sockets and http, overlay it with something people already understand: Eddie Murphy getting  Adele’s email message.

What makes the Darknet so, well, dark?

The marketing people for the Darknet chose a bad name (laughs). Many people associate dark with bad. But the “dark” in Darknet refers to anonymity, not evil.

The Darknet is all about anonymity. Simply put, it’s an online space where anyone, from criminals to activists to everyday citizens trying to browse the web without advertisers tracking their every click, can find privacy.

Any website captures your IP info. Hiding the IP is the principal reason to use the Darknet. So it appeals to people in countries like China where they are oppressed by their nation state. And appeals naturally also to nefarious actors and criminals. If you’re a botmaster sending out command and control to your bots embedded in infected computers across the globe, the Darknet makes it that much harder for security defenders to track back and shut you down.

The regular Internet, the one most people use every day, we call the Clearnet. And any bad thing that happens on the Darknet happens on Clearnet too — pornography, gambling. The only difference is that whatever you’re doing on the Darknet, you are able to do with a relative assurance of anonymity. Many people have the impression is that this is the truly nefarious neighborhood of the internet, but it is just a tool. People put that tool to their own uses.

Just like how a chainsaw is a tool that can be used to cut down a tree — or go on a serial killing spree?

Um. Ok. Kind of, yeah, you could put it that way.

Thanks, we will! So, most people have a negative impression of the Darknet?

Non-tech people, if they’ve heard of it at all, think Darknet is criminal, it’s Silk Road. More sophisticated tech folks think Darknet is Tor. Both these beliefs are inaccurate.

So what is accurate, then…?

First, nobody just goes online and chooses to just hop on the Darknet. It’s still very nascent technology, and we need better understanding of what this tool can or can’t do for them.

2016-11-30_nodesummit_austin_dayofpodcasting_eventspagepromo-1

The Darknet has two modes. One is to use Darknet to get to a site that is on the Darknet itself — Silk Road was one of these, so black market sites, that’s what many people think of, and those are absolutely there. As long as there have been laws controlling commerce there have been people circumventing them. But the Darknet houses plenty of other things beyond black markets: email, chat rooms, personal websites etc.

The other mode is to use it to cover your tracks. Using the Darknet to get to a Clearnet site via proxy, so the logs don’t have your IP address. Hiding your IP address is the principal reason to use the Darknet — masking your location, activity and identity. This is appealing to political activists in countries like China where they are oppressed by their nation state. Journalists who want to get information without having to divulge or endanger their sources might leverage the Darknet’s anonymity.

…And, what is Tor?

Tor is a network that attempts to provide anonymous communication over the Internet. The Tor Browser is a browser that allows you to mask your location and activity. It was developed by the US government back in the 1990s, as a secure network for government agencies and the military. It’s the best known, and probably the most organized, but Tor is just an example of a Darknet. It is not THE Darknet.

There are other projects that are Darknets — Freenet, I2P aka the Invisible Internet Project. Also possibly a few more that are more academic, as in they have been proposed but I don’t know if you can actually go somewhere and download and start using any of them.

How big is the Darknet?

Well, the Darknet is all about anonymity. Ideally, it would be impossible to know how many nodes are on the Darknet — we should not be able to know if they’re doing their job right!

So as far as coming up as a mapping of the Darknet, I’d be dubious of any claims that someone has actually made an accurate version. The Tor Metrics Project tries to track the extent of its own ecosystem. It’s one of the most organized attempts at creating a snapshot of the Darknet, but even so, it’s far from complete. There is simply no way no way to talk with great authority about hard and fast numbers.

For example, a study I saw recently claimed, “55 percent of sites on the Darknet are legal.” But they were just talking about sites on Tor — again, the confusion between Tor and the entire Darknet. There’s such a wide swath of people who use the Darknet, and for the same reason it’s hard to count nodes, it’s hard to count users and the reasons they are there.

When you do look at what’s out there, what trends do you see?

Organized crime. Which is, after all, simply a network of people working together to achieve some mutual enterprise goal that happens to be illegal. These networks vary dramatically in how well “organized” they are, from tier one elite operations making things occur, globally and effectively, to freelance human traffickers to plain old hackers. The marketplaces that exist on the Darknet help hackers find gigs, help those with illicit needs find contractors to fulfill them.

So a definite trend, an indication of the growing sophistication of the underground economy, is the modularization of these roles: your group no longer needs to do an entire caper on your own. On the Darknet, you can do what any business would do: search for and hire subcontractors with the different skill sets you need.

And, dude, the Darknet is Open Source?

Yup. Freenet is on GitHub. I2P runs on all kinds of volunteer support.

You can download source code and contribute that way. I2P or Freenet, both allow and encourage people to create new tools and contribute them.

Like a tool that will scan a server to identify idiosyncrasies that could allow fingerprinting of that particular server, and then correct whatever way that it’s leaking information about what and where it is: the Darknet needs resources to make it more robust, add more tooling. There are all kinds of open source opportunities on the Darknet.

Even if you’re not trying to hire a hitman!

(Sighs.)

 

 

Feature image: Bender from Futurama.

A newsletter digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.