Thursday, 25 February 2016

When Facts about the Dark Web are Fiction

Security Summit and Seminar

I had the privilege to attend a security summit organized by InnoXcell called CIFI Security Summit and a half day seminar organized by Winzlinx. What interest me most about these two events was the fact that both events had talks and presentations about the Dark Web. As a Dark Web enthusiast and researcher, I tend to visit these talks and try to seek and gain knowledge on the subject matter. With over 10 talks in the course of 3 days, allow me to summarize the presentations.


The ‘Facts’ about the Dark Web (presented during the talks)

The talks were generally good and some, entertaining, however, some of the 'facts' that were laid out by the presenters were not entirely correct and I would like to take this opportunity to share based on my understanding on the subject.

Deep Web is the Dark Web: One of the most common facts that were presented was the way the Dark web was defined. It seems that the Dark web is equated to the Deep web which is false. The Deep Web is simply the part of the Internet that are not indexed and the contents are not easily found via search engines like Google, Bing or Yahoo. The Dark Web however, is a small area exists in the Deep Wed. In short, the Dark Web is part of the Deep Web but the Dark Web is NOT the Deep Web. 

Deep Web is where Child Pornography lies: This is not true. The Deep web has far more positive than negative things. The contents in Amazon, the emails in Gmail, Yahoo, Hotmail, the books you searched in the NLB database, those are some of the contents that make up most of the Deep Web. Child pornography, along with other hidden services such as hacking forums, carders forum, fake documents services are actually in the Dark Web.

Hidden services slides: Every talk I attended seems to present similar items. Snapshots of the Hackers for Hire, Fake Passport services, Drug Marketplace, Weapons for sale Marketplace and these are usually found in most articles about the Dark Web by journalists and researchers. I kinda have a feeling that most of the contents of the slides are actually taken from the articles floating around the web. Some of the hidden services snapshots being shown are actually no longer active. Even some of the ‘Rent a Hacker’ services were actually scams rather than ‘legitimate’ services.

TOR Browser is created for the Dark Web: This is not true at all. The TOR browser was originally created and designed to provide privacy and a sense of anonymity to the users. One can use the TOR browser to access everyday stuffs like your emails, finding stuffs in Google, accessing Facebook, Youtube and Twitter. To say that the TOR browsers is created specifically for the Dark Web is a misconception and could mislead the public about the true intent and design of the technology.

Big Bad Bitcoin: This is something that is hard for me to understand. For every presentation/talk about the Dark Web, the subject of Bitcoin is being raised as part of the presentation. Just because the transactions preferred in the Dark Web are Bitcoin doesn’t make Bitcoin a bad thing. Bitcoins are used most commonly in the surface web. There are over 200 000 merchants using Bitcoins as a form of payment. You can see some of the many and well known companies using Bitcoins as a form of payment; http://www.bitcoinvalues.net/who-accepts-bitcoins-payment-companies-stores-take-bitcoins.html

Light in the Dark Web

Despite the small mistakes and assumptions made about the Dark Web, it was good to see that many people were interested in the Dark Web and curious about the technologies and solutions that are provided in that area. Almost all the sessions were full house and I am glad to see the Dark Web has been shined with some light of interest and awareness to the public. 


Tuesday, 2 February 2016

Leaks, Databases, Dumps in the Deep Web and it's only January!

The Deep Web is vast. Thousands of times larger than the visible internet what's called the surface web. But the deep web is not a place, it simply accounts for all the unindexed content online - banking data, administrative code for governments, corporations and universities. It's like looking under the hood of the internet.” – Neo

In the previous month (January 2016), we have seen several reported cases involving the Dark Web, how cybercriminals are utilizing it to trade, sell and expose data. Below are some of the reported news that you may have come across: (see link below)

Read it here on LinkedIn: https://www.linkedin.com/pulse/leaks-databases-dumps-deep-web-its-only-january-fadli-b-sidek