Wikipedia For Tor - The Encyclopedia of Evil and of Cyber Criminal Profiles?

Introduction

There you go, I caught you with the title!

Perhaps I caught you as you don't actually know the answer, even though you've read about it in the media? If I, as a Professor, told you that there was an evil version of Wikipedia which contained profiles of evil people, would you believe me? Then you wouldn't have to visit the Dark Web to find out for yourself.

So anything with the word "Tor" or "Dark Web" is often immediately tainted with evil doings. Even the term "Dark Web" casts pictures of a sinister place where light never shines and when those with dark plans can operate freely. It seems like a completely different place than our "nice"(?) Internet.

So can you answer the question I posed?

Has a new Wikipedia been created on the Internet with profiles of the top cyber criminal and an encyclopedia of doing evil things? Will it be a place that those who use the Dark Web to write bad things on profiles, and that will not be seen by most of the world?

If you read the newspapers about the Tor network, and your Sunday newspaper told you, then you would probably think that it was a Dark version of Wikipedia. So will the new Wikipedia for Tor look a bit like this ...

Introduction

The Internet protocols that we use today - such as IP, TCP, and HTTP - were designed in a time when security was not really a major concern, and, for many, it related to making sure your coffee cup was a least 12 inches away from the keyboard. But if we were to start again, we certainly won't be using the hotch-potch of protocols we use for existing client-server architectures. Our new protocols would have end-to-end encryption and only use encrypted and trusted data transmissions. We certainly wouldn't be constrained with 1500 byte data frames, and would instead send cells of data.

For the Internet we have now, we still cannot trust any email we receive to be from the person it says it is from, and we cannot verify if it has no been viewed or modified by someone. We cannot verify that someone is running a proxy on your network, and breaking our communications, or even pretending to be you or your computer. It's all a mess, and even at the most based level - Layer 2 - we still use the most broken of all protocols - ARP. With ARP, anyone connecting to your network, and confuse the infrastructure into thinking that they are the gateway to the network, and route packets through them. It's all rubbish! But it works!

Tor - Liberator and Protector of Privacy or Supporter or Evil?

So the Internet we should have created perhaps looks a bit like the Tor network, where we run data over nodes which cannot spy on our communications, or turn bad. While Tor (Onion Routing) gets a bad wrap with the services that currently run on it, it is infinitely more secure than the PKI-based infrastructure - "a sticking plaster" fix - which we have created for the "main" Internet.

What is the Dark Web and will I fall into it?

People at conferences often ask me ... "What is the Dark Web, and will I fall into it?", and I realise that many people don't actually know what it is. For me, it is a network which completely protects from one end service to the another and not the host to the host. This is important as most of our security problems occur on the machines hosting services and not on the network communications (which SSL/TLS protects).

Snowden says that the NSA don't need backdoors on cryptography, as they have other ways, and the ways often involve installing backdoors as proxies on the actual machine. With Tor the application (such as the browser) binds with the Web service, and then they communicate directly over a secure channel. The packets which appear on the network just look scrambled and completely random.

On HTTPS, we have a sticking plaster which breaks our traditional network stack and inserts a key negotiation phase, and then create a tunnel between the two computers (and not the service!). When the original network stack was developed, applications binding to each other was an alien concept, and they just created a port on either side to listen to. Along with this HTTPS only verifies one of the hosts involved in the communications, and does little to protect against hi-jacking on the service and for man-in-the-middle attacks on the host.

Overall HTTPS (with the SSL/TLS sticking plaster) is a lazy way to secure applications, and there is probably no need for it, as we could use a Signal infrastructure (or What's App) to secure all our communications. But it's a legacy IT work that we have created.

Gentrifying Dark Nets

Alec Muffett in his Twitter profile defines that he wants to gentrifying Dark Nets, and he thus has a large task on this hands. This week we took to Twitter and told the world that he had built Wikipedia on the Tor network:

But which kind of Wikipedia has he produced? Would it be a Wikipedia site for cybercriminal profiles, and be full of nasty recipes for drugs? Would it just be a few simple entries on things for other to start to populate? Well, it looks mostly complete as we can see my profile below. It also mostly renders okay, but not quite linking the images:

So it looks like it is mostly a carbon copy of the main Wikipedia site, and Alex now says he will run it for a few days, and then wants Wikipedia to take it over. If we look at the Tor version and the main Internet version side-by-side, we see that are the same (apart from broken images):

Conclusions

The lack of understanding of what Tor is, is a worry. But can it ever get over its bad press? It is certainly a place where criminals can thrive, and which is difficult to police. It has built for good, and to protect the citizen, but has been used for bad. I think the cyber security community needs to perhaps articulate what the Tor network is, and perhaps allow the general public (and the media) to understand the technical nature of it.

You can build a playpark for kids to enjoy, but it can be difficult to stop people coming along and spraypainting their viewpoints on it. As a society, we perhaps need to understand if we want to clean up the spray paint on the playground that we created for good, or just leave it alone.