Sunday, November 9, 2014

The Darknet hype - 75% or more scam sites?

If you have followed this blog for some time, it will not come as a surprise that we looked into privacy and anonymity on the internet. This included such steps as switching to a search engine that does not leak private information like a sieve, as well as some work with TOR. Acerbic tweets and posts under the K-Landnews banner were part of the process of investigating this question:

What narratives are playing out in public discourse regarding the Darknet, and how dangerous is the Darknet?

Why would you want to read a pseudonym blog post on this question? A lot has been, and is still being written about this by people with great credentials...

When the terms Darknet and TOR burst into the media, our resident nerd went: "????"

One question mark is normal, two are okay - but four needed some investigation. What was this "safe, anonymous" way to move around the internet about? After witnessing how software sausage is made and who makes it, this was not an idle question.

The first realization was interesting: there is much more to the Darknet than TOR although most of the mainstream media use the two as synonyms. This use is compounded by the fact that illicit market operations under TOR are being called dark markets. Add to this the common jargon Black Hat and White Hat to denote the main groups of "hackers", and Darknet takes on a strong emotional charge. Another term used to describe the internet "outside" of the standard dot addresses is Deep Web, a better description and not as emotionally charged but also not as widely used in current reporting.

The frantic reporting on the Darknet and TOR focused on the illegal areas, especially on the underground markets, the most famous of which was the defunct Silk Road. Tied to these markets, the electronic decentralized "currency" Bitcoin was given wide coverage**.

The K-Landnews investigation of the Deep Web included many fun areas, for example, how to obtain a web site with a .geek, .parody, or .free address. These domains are outside of your standard .com., net. etc. system, and they are run for free and for fun by small groups of true nerds. At least some of these domains have been under threat since ICANN, the powerful regulator decided to expand the possible domain names for the "visible" internet and may well be pushed out. A more widely known sector of the "darknet" internet is the huge peer to peer arena, mostly associated with filesharing, another not very positive aspect of the internet.
Almost never mentioned in mainstream reporting are more exotic packages, like I2P, an anonymous network layer for the more patient users.

This overview is, hopefully, enough to allow us to continue to the reinforcing narratives.

Going back to the first wave of reports about the Silk Road phenomenon, the sensationalist approach of both online media, like Gawker, and mainstream media becomes glaringly obvious.

Recurring short phrases are "so easy, everybody can do it",  "highly anonymous", "no risk" or "almost no risk". Reporting in U.S. media has been generally much better than anything we have seen in the German press. Forbes, for instance, has several well researched and well-documented articles on the subject.

We looked at a different angle: scams. 

There were a number of highly publicized thefts from Bitcoin exchanges, but we wanted to get a better understanding of scams among TOR hidden services. Going through forums and discussion groups for several months, our estimate of the number of scam "commercial" sites is around 75%. In addition to forum and discussion site feedback, criteria for evaluation were "legality", "scope and complexity", "match with real world scams", "presentation of site". Getting highly reliable, hard data on the prevalence of scams is well nigh impossible for a small blogging outfit.

"Don't go there and get ripped off" certainly does not get the number of page views than a teasing "buy everything"  write-up.
The "buy everything" hype conveniently reinforces the narrative of the evil darknet. This narrative can then be used to attack anonymization services in general.

Drug sales indictments of darknet operators proudly list controlled buys that yielded great quality drugs. It might not make a difference to a judge, but the public would certainly chuckle when they read something like "officers made ten attempts to buy drugs on market X, five of these attempts turned out to be scams, four yielded mediocre products, one was high quality merchandise. And no, we failed to buy weapons, and that hitman, too, was a scam. Scam, well, we lost about half of the bitcoins to scammers, but since this was confiscated, the taxpayer did not suffer".

Media, hungry for sensations, and law enforcement, hungry for success and more, are not the only ones who feed the darknet narrative. You could even argue that they have been more restrained  than other actors in this arena: bitcoin evangelists and dark market operators.
Some bitcoin proponents hyped their currency as initiating the demise of the likes of dollar, euro, or yen. Dark market operators added a layer of hype about freedom and sticking it to the man, even giving interviews.

So, the narrative of site owner, law enforcement, and media - plus a helping of soundbite savvy politicians - made Silk Road a symbol.

Say what you will about U.S. law enforcement: they know a symbol when they see one. Silk Road 2.0 further ratcheted up that narrative by presenting a direct challenge and, in turn, eliciting a more powerful response.

This time around, the U.S. did not go it alone but shared the credit with the Europeans. The author of this post would love to know what this signifies beyond acknowledging cooperation. In addition to allowing a more substantial operation in terms of seized domains, our theory is that it will help to avoid possible issues around questions of "parallel construction". That's just a hunch.

The two basic strategies are not very spectacular as concepts.  We discussed ring fencing of TOR* as one of the next big steps in the wake of the Snowden revelations in an email exchange with a German journalist (not published on the blog but available for research if needed).
The second tenet is follow the money, in this case Bicoin at the intersection with the real world. When the news of a guy bying a Tesla with bitcoins blipped on social media and under the misc. section in the mainstream press earlier this year, our resident nerd went 'hope that is legal dough'.

As a matter of fact, the tiny Bitcoin economy is likely to show a more distorted picture of wealth distribution than the general real world economy. Big Bitcoin fortunes, at this time, have very few legitimate sources, which should make checking out larger holdings relatively easy, offsetting the relative anonymity.
A final, more hypothetical, aspect of the close cooperation in the Silk Road 2 + operation could well be easier use of physical surveillance boots on the ground.

Will the nicely reinforcing narratives about the darknet change any time soon? Unlikely, because they are too juicy for all parties.

How dangerous is the darknet? Well, that depends on who you are and what you are using it for. There are atrocious corners but the anonymous community makes an effort to mark them, so you won't stumble on them. Overall, there are so many nonsense sites and scam sites that painting the darknet as just like the normal internet with an Amazon-like illegal shopping experience is disingenuous at best.

* This arstechnica article discusses one potential avenue in the overall strategy.
** There are other electronic currencies based on the same design principles as Bitcoin, Dogecoin and Litecoin being two more prominent ones of the lot.



No comments:

Post a Comment