Friday, 24 August 2012

Deep Web, Deep Privacy

By Conrad Jaeger:

Tell someone that you know how to go off-radar on the Internet and, as a rule, they won’t believe you. They imagine shadowy intelligence agencies have state-of-the-art technology and can see everything you do. Bkut they would be wrong.

No doubt they do have amazing technology, but it is perfectly possible to hide yourself on the Internet, to send and receive emails that nobody can intercept or read, to upload and download securely, to visit banned websites, blog anonymously, and do anything you want without being followed, profiled or analysed. Those that know how use the Deep Web.

In essence, the Deep Web is the same Internet we’re using now but it’s the hidden parts of it, the parts not indexed by Google and the other search engines. Most of it is made up of databases and archives, many of which can be accessed by anyone with the right knowledge.

Twitter Joke TrialAnd then there are the Hidden Networks of the Deep Web. Nobody knows how many there are because that’s the nature of the thing. The most popular and easiest to access is Tor. You can start now by downloading the Tor/Firefox covert browser but, be warned, there are a lot of seriously bad people down there and it’s very easy to give yourself lasting nightmares by following some of the links at the main entry point, the Hidden Wiki.

But not everybody who uses these Hidden Networks is up to no good. Lots of people would rather that the Internet allowed them to be anonymous and to go and look up things and chat and all the rest of it without having someone or something looking over their shoulder.

Journalists use these networks to talk securely with whistle-blowers and dissidents. Aid agencies use them to stay in touch with base from inside repressive regimes. Activists of all sorts can organise amongst themselves and get their message out to the rest of the world.

And to do so they use much the same tools as we use on the Surface Web. To send emails that cannot be traced, consider an email re-mailer like awxcnx.de or cotse.net which strip off any identifying codes and add new ones along the journey. When the email arrives at its destination, there is no way that it can traced back to you.

The Deep Web has several email options, such as TorMail, which allows you to send and receive secure email with a you@tormail.org address both to addresses within and outside of Tor.
Additionally, the content of emails can easily be encrypted with both free and paid-for programs like PGP keys which are uncrackable even by the new mega-computers being used by the National Security Agency.

You can send someone a harmless-looking photo of yourself on holiday but nobody need know that the image contains a secret document. You can hide almost any kind of digital file by embedding it inside another digital file. This art is called steganography and there are a number of programs that perform this magic, some free like QuickCrypto.

Top Secret documents can be embedded inside a photo, short videos can be transmitted secretly inside a music file, and messages can be passed on by a digital ‘drop box’ held on a photo within a website. Counter-technology is next to hopeless.

And when the authorities force the ISPs to switch off access to Twitter and Facebook during civil unrest, the Deep Web allows those that know how to maintain connection. There are even Twitter and Facebook clones on Tor.

You can upload and download any amount of data via dozens of free hosting sites on the Deep Web, such as PasteOnion. Here you can make your post public or set a password, and determine how long it stays up there. Use can also use this service to construct a simple webpage in HTML or even as an image file and then upload it and pass on the address.

You can also go all James Bond and install the covert browser in a smart-phone or onto a USB thumb drive which you can then plug into a computer in a cybercafé or public library and leave no trace.

But don’t assume that everything done on the Deep Web will make you invisible. The Hidden Networks have their flaws and these need to be fully understood before embarking on anything that might cause a problem.

The art is to combine the different techniques available, to mix and match, until not even the most determined adversary can find you.

Conrad Jaeger


Conrad Jaeger is the author of Deep Web Secrecy and SecurityDeep Web
(available for Kindle at Amazon.co.uk and at Smashwords for
all other formats).

No comments: