Illegal darknet marketplace on the Darknet. How dark is it really?
Investigators have crippled the second-largest Illegal darknet marketplace. But what about the dark part of the Internet? And what do those users who use the darknet have in mind?
The word darknet is not clearly defined," says René Mayrhofer of the Institute for Networks and Security at the University of Linz. Some people mean the possibility to surf the net undetected on pages with special software, which can also be reached with a normal internet browser. Others mean special websites, which exist only in a parallel network and which some criminals use, such as the Munich assassin, who obtainshis weapons on the darknet.
Both paths work with the so-called Tor software and the associated network: The traffic runs over different, randomly selected nodes and is encrypted several times. These nodes are computers of private individuals or organizations that voluntarily make them available. These nodes Illegal darknet marketplace coordinate with each other and transport network requests and data over three different points.
None of the participants knows exactly what data is running through their computer. Each node decrypts a layer and passes the encrypted data in it to the next random node, which then decrypts and passes the next layer. Hence the name "onion" (English for onion), which the websites of the parallel network carry as an ending: the data is packed in several layers. An attacker or spy cannot read the original data in this way, nor does he know which sender is targeting which website.
The way into the network runs via different computers, so-called nodes
Users who make their private computers available for this network have in very few cases illegal things in mind. René Mayrhofer and his fellow institutes operate such a node, a so-called exit node, for research purposes. This makes it one of the smaller knots in the last place in the obfuscation chain: it has direct contact with the websites that users visit. "The last one is the most dangerous position," says the researcher, "because it looks like the request came from us." He has therefore already received one or two requests from the investigating authorities.
When the institute set up the node, the university's traffic network doubled: currently, about 1.2 terabytes per day run across the node. "There are too few exitnodes, because it puts your computer in direct contact with potentially criminal content," says Mayrhofer. Illegal darknet marketplace many users prefer to offer one of the middle nodes, whose connection to certain websites cannot be traced.
Anonymous surfers bypass censorship
Mayrhofer and his colleagues may not know the content that crosses their nodes, but the nature of the data suggests which services are being used in the Tor network: video streaming. "The nature of the data packets suggests that much of it is videos that are transmitted unencrypted." While the major streaming services are now encrypting, there is one industry that is too expensive: Mayrhofer assumes that many use Tor's anonymity to watch porn because they would be embarrassed to do so through a normal browser.
The vast majority of Tor users are believed to visit normal websites. "Many people, including me, surf anonymously because they want to protect their data," says Mayrhofer. In this way, even the big data collectors like Google and Facebook do not know who is behind a request. According to the latest research, the importance of the shadow world with its illegal offerings is much less than many think. And even among the websites that can only be accessed with the Torbrowser and all end up on the syllable "onion", many are legitimate: these so-called "hidden services" – hidden offers – also protect against censorship. "Facebook probably operates one of the largest hidden services," says Mayrhofer: this is how the social network bypasses censorship regulations of some governments.
Darknet users are not necessarily criminals
Researchers at London's King's College observed about 2700 of these "onion" addresses over three months, calculating that about 57 per cent contained illegal content, drugs were offered in one in six, and one in eight financial transactions, such as money laundering or credit card details. Extremism and pornography each ranked them five percent of the sites, and arms trafficking only detected them on 1.5 percent of the sites.
Researchers from the American Carnegie Mellon University approached the Illegal darknet marketplace economically and found that about one percent of the observed 9,000 traders earned half of the total trade volume, mainly selling drugs and drugs. Cigarettes, electrical appliances and weapons were among other goods, which together accounted for less than five percent of sales. "However, such figures must be viewed with caution, as they can only reflect a snippet," mayrhofer warns. Nobody has an overview of the entire darknet.
Intelligence agencies are also operating numerous knots in the hope of learning more. But only those who happen to operate all three nodes through which a request is running can assign content to users – and that is mathematically highly unlikely. While a study by researchers at Georgetown University found that those who have access to a high number of nodes are more likely to deanonymize users: "But this global attacker does not exist on the Internet," says Mayrhofer.
The Us Federal Police FBI had managed to smuggle in malicious code from time to time, which then infested and sniffed out individual nodes. But when the so-called "Silkroad" was excavated by authorities a few years ago, a large hub of drugs and weapons in the parallel network, the "classic policing" was: well coordinated, but without cracking a gate.