Red Tor y Deep Web/en

De FdIwiki ELP
Revisión a fecha de 17:22 21 dic 2015; Rubr (Discusión | contribuciones)

(dif) ← Revisión anterior | Revisión actual (dif) | Revisión siguiente → (dif)
Saltar a: navegación, buscar

The Deep Web, also known as Dark Web or Hidden Web, refers to all content on Internet that can´t be indexed by search engines. Everything Google doesn´t know is part of the Deep Web.

Iceberg clevenger grande.jpg

Deep Web is usually mistaken for ToR, an Internet overlayed network that enhances anonymous web surfing and hosts a great amount of illegal web content. ToR is part of the Deep Web, as its contents can´t be indexed by search engines.

You´re kidding. Google doesn´t know everything there is to know?

Google, as the other search engines, makes use of tracking software (Web crawlers) on a few web pages, surfing through their HTML code, adding the collected data to their own database and accessing the linked content on the already processed and indexed pages recursively. Having this in mind, what happens when a web page hasn´t been linked from any other page? What if a user/password is needed to access a web page? In this situation the search engine can´t access this kind of content, which remains hidden as part of the Deep Web.

Is Deep Web really as dangerous and full of illegal content as we think?

For starters, every profile on a social network needs to be accessed using a user/password, right? Then this kind of content can´t be indexed by search engines and therefore is part of the Deep Web. But is Facebook or Twitter illegal or dangerous? However, since we are talking about illegal content, let´s suppose we are trying to share illegal content on internet, obviously avoiding detention. First choice might be setting a user/password accessed web page, which login data would be only revealed to a chosen few. This method has some serious setbacks, what if you want that content to be accessed freely by anyone? What if any law enforcement organization comes across the login data somehow? What if someone decides to inform against the web page upon browsing its content? Wouldn´t take long to end up in custody, your IP rats you out.

Setting up an unknown IP web page, but not only that, one which absolutely nobody could track visitors´ IP, not even the administrator, would be nicer, wouldn´t it? That is what ToR does.

Considered among the lowest levels of the Deep Web, it enhances users to surf Internet anonymously, through thousands of hidden pages where illegal and unsettling (at least) content may be found. Looking into the legal aspects of it, Deep Web isn´t illegal, not even ToR. It may be used with absolute freedom, at least in Spain. What is illegal is the content hosted in this network though, since it can´t be located, it can´t be deleted or have its access restricted.

Let´s have a look at the levels Internet is distributed into before coming to any conclusions.

  • Level 0 (shallow web): As the picture states, in this level are the most commonly accessed web pages, which don´t need any special program to be surfed.
  • Level 1: This level hosts restricted content but not yet illegal. Some data bases, some VPNs, controversial themes forums, etc…
  • Level 2: In this level we can find from pornography pages to, 4chan, FTP servers, etc.
  • Level 3: A proxy is needed to access this level anonymously. Pedophile pornography, gore content, hacker communities, computer viruses information, etc… are some of the contents that can be found on this level.
  • Level 4: An average user will never surf as deep as this level. Every kind of illegal content can be found.
  • Level 4 Deep: Technical knowledgeable users can access this level using “closed Shell system”, a hardware modification needed for accessing this level.
  • Level 5 Mariana: Little is known about this level. It is said to be controlled by governments.

The currency used in transactions on these webs is Bitcoins and the domain used is .onion. The link is made-up using 16 randomly generated alphanumeric characters based on a public key obtained while configuring ToR. Knowing all this, surfing through the Deep Web is ill-advised unless being completely sure about the content searched.

How does ToR achieve anonymity?

ToR stands for The Onion Router. It uses the onion routing, so that any router only has enough data to know who sent the actual message and who the next receiver is. This is achieved wrapping the original message with several layers as onions, thus its name. ToR is an upgrade of the Onion Routing implementation by United States Naval Research Laboratory.

ToR works as follows.

Red tor.png

Three components can be distinguished:

  • The OR (Onion Routers), ToR routers.
  • The OP (Onion Proxy), local software installed by the user who wants to access ToR.
  • Directory Services are servers which keep the connection scheme between the OR. The OPs communicate with these to plan the route from sender to receiver.

Let´s go step by step:

  1. ToR Web surfer (OP software) connects with a Directory Service which hands out a ORs random route the message will follow until arriving at destiny. By default the message will go through three OR before arrival (entry node, middle node and exit node).
  2. Once the route is planned, the OP makes contact with the other three to negotiate the cipher keys.
  3. The OP wraps the message in an IP package with the original destiny´s IP as destiny IP and before-last OR´s IP as sender IP. This package is ciphered using the key negotiated with the last OR. OP repeats the process using the middle node (exit node as destiny and entry node as origin) and lastly with the entry node. The final package has as many “layers” as OR on the planned route (3 by default).
  4. OP sends the generated package to the first OR on route (entry node), deciphers it using its keys and sends the message along the way to the second OR (middle node) which repeats the process until the message reaches the last node (exit node) which once it has deciphered the message will result in the original, the one sent to final destination.

Certain amount of bandwidth is needed for ToR network to function, who makes it possible?

It is nonprofit donated by individuals and organizations. Since 2006 more than 4300 individual donations have been recorded and it is estimated that more than 6000 computers have been voluntarily linked to ToR network, working as OR routers or Directory Services.

Several organizations have contributed to this project, some of them are:

  • SRI International
  • US Department of State Bureau of Democracy, Human Rights, and Labor
  • National Science Foundation
  • Radio Free Asia
  • Anonymous North American ISP.
  • Ford Foundation.
  • Google Summer of Code

Are there any vulnerabilities in ToR?

When we said that the last node (exit node) deciphers the last layer of protection with its key, what happens if that same OR stores the message? The message would be “readable” by the last node once the protection is removed even though the sender and receiver would remain unknown. Dan Egerstad, Swedish security expert obtained passwords and sensitive information from several multinational companies, embassies from around the world and other organizations using this method. That´s why HTTPS protocol is recommended for it puts another layer of ciphering from origin to destination.

Who makes use of ToR and why?

  • Average users: To protect themselves from identity thieves, irresponsible companies, investigate sensitive issues or to avoid government censorship.
  • Military: To obtain and send information without the enemy noticing or giving away leads about location.
  • Journalists: To attain data uncontrolled from governments of any country, information about countries where censorship is applied.
  • Police: To surf through suspicious sites anonymously, undercover online operations…
  • Activists, dissidents…
  • Businessmen: commercial spying, strategies…
  • IT professionals: test, security breaches…

Is ToR beneficial to society?

According to several sources, up to 83% of all ToR´s traffic is related to pedophile and child abuse sites. These are examples of some of the web pages to be found on ToR.

  • Online drugs and weapons stores.
  • Personal data disclosure sites (bank accounts, addresses, pictures, secrets…)
  • Illegal How Tos sites, like homemade bombs tutorials.
  • Gore and pedophile sites.
  • Hitman hiring sites.
  • Child selling or rental sites.
  • Real deaths YouTube and live murders.

Even after all this, ToR still has beneficial uses for society as it helps avoid governments’ censorship and espionage.

Sources

http://es.wikipedia.org/wiki/Internet_profunda http://es.wikipedia.org/wiki/Tor https://www.torproject.org/about/sponsors.html.en https://www.torproject.org/about/torusers.html.en https://www.torproject.org/docs/tor-hidden-service http://politica.elpais.com/politica/2014/11/12/actualidad/1415794086_687302.html http://apps.washingtonpost.com/g/page/world/nsa-slideshow-on-the-tor-problem/499/ http://blogthinkbig.com/que-es-la-deep-web/ http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-internet-anonymity http://es.wikipedia.org/wiki/Encaminamiento_de_cebolla http://ntrg.cs.tcd.ie/undergrad/4ba2.05/group10/index.html http://zqktlwi4fecvo6ri.onion/wiki/Tor http://j6im4v42ur6dpic3.onion/ http://p3igkncehackjtib.onion/ http://s6cco2jylmxqcdeh.onion/ http://am4wuhz3zifexz5u.onion/