Téchne Digitus InfoSec Artigos

<índice "[ Hacking ]-[ Redes de Comunicação ]-[ DeepWeb ]-[ Anonimato ]-[ Criptomoedas ]-[ Programação ]-[ InfoSec em Geral ]-[ Off-Topic but Important ]-[ Redes Sociais ]" />

Logo Téchne Digitus InfoSec

Deep Web - Same Article, English Version

    After the big volume of access that was received to this article in Brazilian Portuguese that I posted in Reddit (http://redd.it/2h5i5s) I was forced to translate to English. Sorry about my language... (But my grammar in portuguese is not very well too... lol)

Deep Web Logo

What is Deep Web?

    Deep Web is popular term to sites that can't be indexed by tradicional web crawlers (Google, Bing, Baidu, Yandex etc).

    But don't have doubt that companies as Google are already studying ways to index it... If they not already did it...

    In a technical focus (personally I must admit that still under development), considering that normal websites with a robot.txt blocking web crawlers will not be considered here, Deep Web actually are, some encrypted networks designed to keep your users free of surveillance and technically or even impossible to be censured. Allows content access and disclosure in a way that is impossible (or at least very hard) to trace the origin of communications.

    The main part of Deep Web's ideology is the free speech. It would means that any information can be spreaded or accessed anonymously without fear of reprisals.

    See below the three main networks that are considered as "DeepWebs":

    - The Onion Router

Tor Logo

    - Freenet

URL: https://freenetproject.org/
Freenet Logo

    - I2P

URL: http://geti2p.net/en/
I2P Logo

How I started my research about this:

    I started my studies with Tor Network.

    First I installed the client for Windows and started to browse and look for content.
I glimpsed some possibilities about protesters (this from more than a year ago - keep in mind the scenario in Brazil in Jun of 2013) publishing content without their origin be traced.


    No one system is 100% safe. So, there is no way to keep 100% of anonymity. Using a group of techniques, free proxies, VPNs, public internet (taking care to not be monitored by cameras), "deep web" and etc. in a combined way, will create a high level of difficult to be trace the destiny and origin of communication. But, of course, it must be done professionally.

    Talking specifically about Brazilian government and only expressing my opinion based in my limited knowledge, I believe that brazilian government don't have technology or ready resources to do a forense response in Tor Network.

Brazilian Federal Police
Source: Wikipedia

    In turn, North American Government, represented here by NSA, have (they created) technology for this.

    Back to the example of specialized professional that wants to "test" the NSA: I believe that a well done job can bring difficulties to NSA, in turn, should spend time and resources to trace this guy. But NSA will really needs have a motivation to do that because this will spent some money and time.

NSA Building
NSA Building


    The Tor Network is particularly vulnerable when the data is passing through exit-relays (the Tor last mile), where that runs before arrive to your destiny.

    In that moment, anyone that created an exit-relay and installed a sniffer (tcpdump, wireshark and others), could make a man-in-the-middle attack, getting all data traffic with destiny (even using SSL/TLS encryption, a ssl-strip technique could unencrypt all traffic - and remember vulnerability like Heart Bleed that could steal the https certificate and simulate a trusted connection).

    If someone with middle knowledge can do this, imagine so what can do the biggest spy agency in the world!

    After glimpsed possibilities, I started to study how I could help the free speech ideology through Deep Web, making my computer turn a volunteer resource in Tor Network. Doing this meant working for something that aims at a common good and also, a technical challenge!

    I learned how to configure bridges, relays, Hidden Services (publish content) and so more...

    Another very interesting utility about networks like Tor is the capability to overcome censorshit (ops censorship) and internet filters. About this, I will write two examples:

    - Recently, Turkey blocked the population access to Twitter due a political censorship. The first workaround method was change their network card DNS configuration pointing to Google DNS. In few hours the Turkish government blocked this workaround. And second and liberating solution was use Tor Browser to access Twitter.

Google DNS

Graffiti on Turkish walls acclaiming the first bypass solution to censorship

Turkish Censorship Meme

    - Another example is in corporate environment, here in Brazil, enterprises blocks a lot of sites: social networks, news etc. Use the Tor Network is a great workaround in many cases! And the most interesting is, if the company don't have a rigorous access control, Tor can't be defeated!

Get Started in Tor Network in Two Steps:

1. Access the site www.torproject.org, and download Tor Browser and execute the browser.

If you liked, please, share this article! :)