24 January 2017

COVERING YOUR DIGITAL TRACKS: THE DARK WEB……IS ABOUT TO GET DARKER; ‘DARK NET SITES TO GET NEW, STEALTHIER APPLICATIONS;’ THE NEXT WEAPON OF MASS DESTRUCTION MAY BE DOWNLOADED FROM THE INTERNET


Covering Your Digital Tracks: The Dark Web……Is About To Get Darker; ‘Dark Net Sites To Get New, Stealthier Applications;’ The Next Weapon Of Mass Destruction May Be Downloaded From The Internet

“The Man In The Iron Mask,” is one of the most enduring mysteries in history. While many of the myths surrounding this event have been dispelled, the mask was not made of iron — the fact that there is still debate about who this individual was over four hundred years ago, is remarkable. But, the ability to hide one’s true identity is a tall task in the 21st century. DNA shedding, facial and iris recognition, body scans at airports and elsewhere, the shape of one’s ears and veins, and yes — one’s digital footprints — are all working against someone who is trying to stay hidden. No wonder there is a burgeoning off-the-grid movement. But, according to WIRED.com’s Andy Greenberg, there is a concerted effort ongoing with respect to the Dark Web, aimed at hiding our digital tracks. In a January 20, 2017 article on WIRED.com, Mr. Greenberg notes that hiding in plain sight on the Internet is about to get a big boost.

“While anyone who know’s a dark web’s site can visit it, no one can figure out who hosts that site, or where,” [well not entirely, but, close enough] Mr. Greenberg wrote. “It hides in plain sight. But, changes coming to the anonymity tools underlying the Dark Net,” he notes, “promise to make a new kind of online privacy possible. Soon,” he writes, “anyone will be able to create their own corner of the Internet that’s not just anonymous and untraceable, but entirely undiscoverable without an invite.”

“Over the coming months, the non-profit Tor Project, will upgrade the privacy and security of the so-called, “onion services,” or “hidden services,” that enable the Dark Net’s anonymity,” Mr. Greenberg wrote. “While the majority of people who run the Tor Project’s software use it to browse the web anonymously; and, circumvent censorship in countries like Iran and China, the group also maintains code that allows anyone to host an anonymous website or server, — the basis for the Dark Net.”

“That code is now getting a revamp, set to go live sometime later this year [2017], designed to both strengthen its encryption, and let administrators easily create fully secret darknet sites that can only be discovered by those who know a long string of unguessable characters,” Mr. Greenberg wrote. “And, those software tweaks,” says Tor co-founder Nick Mathewson, could not only allow tighter privacy on the Dark Net; but, also help serve as the basis for a new generation of encryption applications.”

“Someone can create a hidden service just for you that only you would know about; and, the presence of that particular hidden service would be non-discoverable,” said Mr. Mathewson — who helped code some of the first versions of Tor in 2003. “As a building block, that would provide a much stronger basis for relatively secure and private systems that we’ve had before.”

Beyond Anonymity

“Most Dark Net sites today make no secret of their existence, widely publicizing their “onion” web addresses on the regular web and social media for potential visitors. Any whistleblower can visit Wikileak’s anonymous upload system, for instance, by pasting wlupld3ptjvsgwqw.onion into their Tor browser, and many thousands of drug customers and dealers knew that the notorious Dark Web drug market Silk Road, could be found at silkroadvb5piz3r.onion before the FBI took it offline,” Mr. Greenberg wrote.

But, even without knowing a Tor hidden service’s address, another trick has allowed snoops, security firms, hackers, and law enforcement to discover them. Tor’s network comprises volunteers’ computers that serve as “nodes,” bouncing traffic around the globe. Anyone can position their computer as a particular sort of node — one of thousands of “hidden service directories” that route visitors to a certain hidden service.”

“For that routing system to work, all hidden services have to declare their existence to those directories,” Mr. Greenberg wrote. “A study released at the Defcon hacker conference [held each year in Las Vegas] last year, showed that more than a hundred of 3,000 or so hidden service directories were secretly crawling, every site whose address they learned, in order to scan the Dark Web for previously undiscovered sites.’

“The only people who should know about your hidden service, are the people you tell about it,” said John Brooks, the creator of the Tor-based chat program Picohet. “That’s a pretty simple concept, and it’s currently not true.”

“The next generation of hidden services will use a clever method to protect the secrecy of those addresses.”Mr. Greenberg wrote. “Instead of declaring their .onion address to hidden service directories, they’ll derive a unique cryptographic key from that address, and give that key to Tor’s hidden service directories. Any Tor user looking for a particular hidden service can perform that same derivation to check the key and route themselves to the correct Dark Net site. But, the hidden service directory can’t derive the .onion address from the key, preventing snoops from discovering any secret Dark Net address,” Mr. Greenberg wrote. “The Tor network isn’t going to give you any way to learn about an onion address you don’t already know,” said Mathewson.

“The result,” Mathewson says “will be Dark Net sites with new, stealthier applications.” “A small group of collaborators could, for instance, host files on a computer known only to them,” Mr. Greenberg wrote. “No one else could ever find that machine, much less access it. You could host a hidden service on your own computer, creating a way to untraceably connect to it from anywhere in the world, while keeping its existence secret from snoops. Mathewson himself, hosts a password protected family wiki and calendar on a Tor hidden service, and now says he’ll be able to do away with the site’s password protection without fear of anyone learning his family’s weekend plans. (Tor already offers a method to make hidden services inaccessible to all but certain Tor browsers, but it involves finicky changes to the browsers configuration files. The new system, Mathewson says, makes that level of secrecy — far more accessible to the average user),” Mr. Greenberg wrote.

“The next generation of hidden services will also switch from using 1024-bit RSA encryption keys to shorter, but tougher-to-crack ED-25519 elliptic curve keys. And, the hidden service directory changes mean that hidden service urls will change to, from 16 characters to 50. But, Mathewson argues that change doesn’t effect the Dark Web’s addresses’ usability since they’re already too long to memorize,” Mr. Greenberg noted.

Feds Won’t Know What They Don’t Know

“The security of Tor hidden services has come under scrutiny since a massive law enforcement purge took down/offline dozens of Dark Web sites, including a reincarnation of the Silk Road in 2014. The attack, that allowed the take-down of supposedly untraceable sites — now believed to have been developed by Carnegie Mellon security researchers and obtained by the FBI with a subponea — also took advantage of the network’s hidden service directories. The researchers found a way to “mark” [tag] hidden services’ Tor traffic with a unique piece of data that could be recognized by both the node that hidden services first connected to (which knows the services’ IP address), and the address tracked by the hidden service directory (which knows its .onion address). By combining the data between those two computers, police had enough information to pin down the locations of servers running the illegal sites and seize them,” Mr. Greenberg wrote.

“The Tor Project fixed the flaw that allowed those attacks within days of its discovery,” Mr. Mathewson said, “But, even if a similar vulnerability were found in the future, the new hidden service directory system would in theory mean the most secret hidden services would remain safe: Law enforcement wouldn’t be able to use the attack on any site whose address it didn’t know, though ones with highly publicized addresses might [would likely] still be vulnerable,” according to WIRED.

“That potential to foil law enforcement, raises the inevitable question: Will undiscoverable, hidden services become a magnet for the worst parts of the Dark Net, including [digital] markets for stolen data, hacking tools, [and the latest, industrial-grade stealth malware], or child pornography?,” Mr. Greenberg asks. “Mathewson offers the answer that Tor, and much of the rest of the encryption the world has maintained for years: That strong privacy tools offer a societal trade-off, and one that’s worth making,” Mr. Greenberg contends. “If the only way to ensure that socially deleterious uses of the Internet were insecure is to make everyone insecure, I don’t think that leaves the world better off,” Mr. Mathewson argues. “On the whole, humanity deserves privacy, and does better with it — than without it, even if some of the things people do with that privacy, are things we’d prefer to control,” or prevent.

The Next Weapon Of Mass Destruction May Be Downloaded From The Internet

It is the age-old tug-of-war between those who advocate more privacy and civil liberty, versus the intelligence and law enforcement need to ferret out and hopefully prevent a catastrophic act of terrorism. It used to be that you needed a nuclear weapon to threaten mankind and societies with a weapon of mass destruction. Not any more. An average biology graduate, determined to lash out at the world, or a jihadist hoping to kill hundreds of millions of people — can now do so — without having to possess a nuclear device. Now, with a few pieces of equipment one can obtain from Home Depot, or Amazon.com, an individual can genetically alter a virus, or bacteria and create a doomsday bug, without having to have a Ph.D. or Masters degree in molecular biology. The Internet, and the Worldwide Web have altered the playing field; and, a ‘Dr. No’ in cyberspace can create such a doomsday bug, without having to have a large amount of resources,manpower, time, money, and equipment. 

And, the move to encryption and other tools and techniques designed to help one hide their digital tracks, will most certainly be embraced by the darker angels of our nature. In fact, they already have. In the aftermath of the Edward Snowden leaks, al Qaeda, and the Islamic State, and others such as Iran and North Korea, all changed and enhanced their encryption, and stepped up their game in disguising their activities and communications. Many of our previous, critical intelligence sources and methods used to track and surveil jihadi activities, are no longer useful. In many cases, and in many ways, our ability to ferret out and prevent catastrophic acts of terrorism — has been significantly undermined. In law enforcement and intelligence slang — many of our former sources and collection methods have gone cold.

That’s not to say that we are helpless, far from it. But, there is no doubt that we have had to scramble, and deepen/extend our human intelligence (HUMINT) presence in places and areas where our sources are at grave risk if discovered/compromised.

All is not lost if we see much more use of the Dark Net, with these new methods and techniques to disguise or hide one’s digital presence. But, these new means and methods of hiding on the Worldwide Web, will no doubt present significant challenges to our ability to surveil the darker angels of our nature. And, even if these same bad guys take all of the precautions as discussed earlier, there are still ways to overcome those obstacles — such as patterns of life research — but, this kind of research effort can be time consuming, complex, rigorous, and demanding. Yes, deep learning, artificial intelligence, and better algorithms will help cut down those time lines; but, my guess is that we still have a ways to go before those techniques mature to the point we need, if faced with an imminent, and potentially catastrophic threat.

Then of course, there is also a young, but robust …off-the-grid movement, which would render all of these techniques useless. 

The bottom line to all of this is: Even with enhanced encryption and other methods to disguise ones digital presence, there is no ‘bullet-proof’ method — as of now, or in the near future — that would guarantee complete anonymity. But, these new means and methods do present a significant enough challenge — that if faced with a situation where the threat is imminent, we will need a little luck on our side.

The debate between more privacy on the web, versus allowing enough visibility by law enforcement and intelligence agencies to monitor for the really bad guys, isn’t going away anytime soon. In the aftermath of the 9/11 terrorist attack, the Patriot Act was created; and, most Americans understood, or embraced the need to allow for more law enforcement and intelligence collection — because we feared another such attack. As we move further and further away from that catastrophic event, the pendulum has swung back in the direction of more privacy. That will change, if the circumstances change. But in the meantime, stronger border controls, ‘extreme’ vetting of those seeking refuge in the United States from the war zone, a greater emphasis on HUMINT collection in the communities and areas where we believe the threat is highest — is a must. 

Napoleon Bonaparte once said that “one well placed spy was worth two battalions.” Now, once well-placed spy may be worth an entire city, or a nation’s entire electrical grid. 

We have our work cut out for us; but, at least POTUS Trump’s national security team will no longer be preoccupied with climate change; and strategic patience — but, eradicating militant jihadism. That’s a refreshing, and welcome change V/R, RCP.

No comments: