If you hang around serious Internet nerds long enough, you’ll eventually hear talk of the “Dark Net” or “Deep Web.” These are the shadowy corners of the Internet, in which tracing users or finding websites is made extremely difficult.
Conventional search engines don’t find Dark Net websites. Encrypted communications are conducted in such a way that neither private security firms, nor government agents, can trace the users. This is done by bypassing the convenient servers that make normal Internet traffic swift and easy. You need hard numbers, tricky software, and carefully-guarded passwords to access a Dark Net site. In many ways, it’s frozen in a primitive pre-Nineties state, keeping the vast majority of users out by using the sort of communications that only skilled users can manage. The public sites that account for the vast majority of Web traffic are like brightly-lit cities huddled at the center of a wilderness larger and wilder than most of us imagine; some freaky stuff goes down in the hinterlands, where the conveniences of modern Internet navigation are wholly absent. The roads are unpaved, there are no street signs, your GPS doesn’t work, and you’ll never find anything unless you know exactly where to look.
What sort of people inhabit the Dark Net? According to a new study discussed at Wired, you’re going to be sorry you asked:
At the Chaos Computer Congress in Hamburg, Germany today, University of Portsmouth computer science researcher Gareth Owen will present the results of a six-month probe of the web’s collection of Tor hidden services, which include the stealthy websites that make up the largest chunk of the Dark Web. The study paints an ugly portrait of that Internet underground: drug forums and contraband markets are the largest single category of sites hidden under Tor’s protection, but traffic to them is dwarfed by visits to child abuse sites. More than four out of five Tor hidden services site visits were to online destinations with pedophilia materials, according to Owen’s study. That’s over five times as many as any of the other categories of content that he and his researchers found in their Dark Web survey, such as gambling, bitcoin-related sites or anonymous whistle-blowing.
The researchers’ disturbing statistics could raise doubts among even the staunchest defenders of the Dark Web as a haven for privacy. “Before we did this study, it was certainly my view that the dark net is a good thing,” says Owen. “But it’s hampering the rights of children and creating a place where pedophiles can act with impunity.”
That’s the problem with impunity: everybody wants it, but those who desire it most tend to abuse it. Impunity is a heady brew often drunk to excess. It’s not surprising to learn that people act very differently when they’re confident no one is looking, but it’s horrifying to discover exactly what so many Dark Net users seem to have been doing. Among the more noble uses Tor suggested for its anonymous Web services are communications between human-rights activists seeking to evade the notice of oppressive regimes, and people looking for a way to collaborate constructively with guaranteed privacy.
As the UK Guardian put it, “more than 80% of so-called ‘dark net’ Internet traffic is generated by visits to websites offering child abuse material,” if the results of the University of Portsmouth study hold up. That’s much worse than either the researchers or Tor technicians evidently expected. On the bright side, the Guardian notes that “less than a sixth of hidden services sites that were online in March when the research started were still online in September when it concluded, suggesting a short average lifetime for these websites.”
Tor has officially disputed the accuracy of the University of Portsmouth study, drawing distinctions between its own anonymity services and various other techniques used to hide illicit sites on the Dark Net, and noting that some of the traffic detected by university researchers might have come from law enforcement officials scoping them out. (That would seem congruous with the short lifespan of child-abuse websites, although international police agencies have not openly mentioned bagging a lot of pedophiles when announcing recent busts of Dark Net money-laundering and drug operations.) It’s also important to remember that traffic volume may not correspond directly with the number of illicit users, whose identity is difficult to determine by design. A small number of clients paying frequent visits to a small number of sites can generate a lot of traffic, especially compared with the light usage patterns typical of these difficult-to-access hidden websites.
Some other observations they made to Wired, accompanied with an honorable full-disclosure grain of salt from the lead author of the blockbuster study:
In some cases, hackers may have launched denial of service attacks against the sites with the aim of taking them offline with a flood of fraudulent visits. Unstable sites that frequently go offline might generate more visit counts. And sites visited through the tool Tor2Web, which is designed to make Tor hidden services more accessible to non-anonymous users, would be underrepresented. All those factors might artificially inflate the number of visits to child abuse sites measured by the University of Portsmouth researchers.1
“We do not know the cause of the high hit count [to child abuse sites] and cannot say with any certainty that it corresponds with humans,” Owen admitted in a response to the Tor Project shared with WIRED, adding that “caution is advised” when drawing conclusions about the study’s results.
The researchers say they did make efforts to screen out bot traffic, denial-of-service hacker attacks, and various forms of malware, some of which are still plodding across the Internet like automated war machines from a sci-fi novel, long after their creators were nabbed by law enforcement and the servers that control them were taken offline. (See what I meant about freaky things happening out on the wild frontiers of the Internet?) Another limitation faced by the researches was the need to engage with suspected pedophile sites very carefully, lest they inadvertently download child-abuse materials and become guilty of Internet crimes. One of the bizarre details mentioned in the study is that most Dark Net pedophile sites actually have the phrase “pedo” brazenly inserted in their names.
Wired leaves the discussion of Dark Net chaos right back at the same conflict between liberty and security we’ve been having on the sunlit slopes of the regular Internet over the past few years, noting that the university research team had some ideas for blocking access to pedophile sites, but the whole point of the anonymous deep Web is to defeat censorship:
The study could nonetheless lead to difficult questions for the Tor support community. And it could also dramatically shift the larger public conversation around the Dark Web. Law enforcement officials and politicians including New York Senator Chuck Schumer have railed against the use of Tor to enable online drug sales on a mass scale, with little mention of child abuse. Owen’s study is a reminder that criminal content is hiding in the shadows of the Internet that make drug sales look harmless by comparison—and whose consumers may be more active than anyone imagined.
In every walk of Western life, we are asked: How much liberty are you willing to trade for security? Does your answer change when we’re talking about security against terrorists, drug lords, and pedophiles? It’s not surprising to find these vital questions becoming exceptionally urgent on the Internet, where every question is asked faster, every answer is given louder, every disagreement is livelier, and nobody really knows what’s going on everywhere.