Stephen E Arnold: Dark Web Use Expected to Increase

June 27, 2017

Author predicts filtering and other restrictions on the open Internet will push more users toward secret encrypted platforms

Despite stepped-up efforts by federal and local law enforcement agencies, the Dark Web and the contraband markets that thrive there will continue to grow in the coming years. That’s the conclusion shared by author and consultant Stephen E Arnold in his new book Dark Web Notebook, a practical guide for law enforcement, intelligence, and corporate security personnel.

Dark Web Notebook Cover 31617

Arnold was a featured speaker this month at the at the Techno Security & Digital Forensics Conference in Myrtle Beach, SC, where he explained how the Dark Web operates and how investigators can assume a secret identity and acquire the necessary tools to explore hidden online communities.

In his lectures, Arnold noted that governments in the UK, China, Egypt, and other countries are implementing tighter restrictions on electronic communications while private companies such as Facebook and Google are implementing more content filtering. The result, he said, is that more activities that are normally conducted on the “surface web” are migrating to the encrypted platforms offered by the Dark Web. At the same time, private citizens are adopting apps and other encryption tools to protect their personal privacy.

“It’s like squeezing a sponge or a tube of toothpaste,” Arnold said. “The substance has to go somewhere. The Dark Web will become more attractive to people who want to conduct their affairs in secret and that will make the Dark Web an increasing area of interest to law enforcement, security and intelligence professionals.”

The Dark Web is also flashing on the radar of state and local law enforcement agencies. A June 10 article in the New York Times ( described how police in the resort town of Park City, UT, had to learn about the Dark Web after two 13-year-old boys died after taking a synthetic opioid called “Pinky” that was purchased on the Dark Web.

“This terrible tragedy is an example of how the influence of the Dark web is spreading into small town in the US and around the world. Law enforcement personnel at all levels are going to need to understand how this new environment functions if they hope to protect the citizens in their communities,” Arnold said.

Although much has been written about the Dark Web, Arnold’s book is unique in that it was created specifically for investigators. It presents step-by-step instructions that help investigators safely explore the digital underworld. The book is available as a 250-page digital download for $49 at

In addition to his lectures, Arnold also offers a hands-on tutorial for small groups of qualified participants. In these sessions, participants use a secure computer to create a “legend” identity and explore the Dark We. They also learn how to acquire other digital tools and services including Bitcoin, the digital currency favored by Dark Web vendors.

Arnold will present his lectures and tutorial again at the 2017 Techno Security & Digital Forensics Conference September 18-20 in San Antonio. Information about the conference is available at

About the Book

The 250-page book includes a tour of the Dark Web with profiles of vendors and markets, explanations of access tools such as the Tor browser, reviews of services for searching Dark Web content, research resources available on the public Internet, and details about commercial solutions.

Detailed descriptions of each chapter are posted at

The book is available as a digital download for $49 at

About the Author

Stephen E Arnold’s career includes work at Halliburton Nuclear Utility Services and Booz, Allen & Hamilton. He built and sold several stary-up ventures including The Point Internet Service. He and his team built the online system for the Threat Open Intelligence Gateway (TOSIG) for the US government. He is the author of The Google Legacy (2005), Google Version 2 (2007), and Google: The Digital Gutenberg (2009). In 2015, he published CyberOSINT: Next Generation Information Access. He is a Summa cum laude graduate of Bradley University and he has completed work on his PhD at the University of Illinois.

About ArnoldIT

Arnold Information Technology conducts research into online information and services. Founded by Stephen E Arnold in 1991, the company has provided technology services to organizations worldwide.

Ric Manning, June 27, 2017

Dark Web Notebook Now Available

June 5, 2017

Arnold Information Technology has published Dark Web Notebook: Investigative Tools and Tactics for Law Enforcement, Security, and Intelligence Organizations. The 250-page book provides an investigator with instructions and tips for the safe use of the Dark Web. The book, delivered as a PDF file, costs $49.

Orders and requests for more information be directed to Purchasers must verify that they work for a law enforcement, security, or intelligence organization. Dark Web Notebook is not intended for general distribution due to the sensitive information it contains.

The author is Stephen E Arnold, whose previous books include CyberOSINT: Next Generation Information Access and Google Version 2.0: The Calculating Predator, among others. Arnold, a former Booz, Allen & Hamilton executive, worked on the US government-wide index and the Threat Open Source Intelligence Gateway.

The Dark Web Notebook was suggested by attendees at Arnold’s Dark Web training sessions, lectures, and webinars. The Notebook provides specific information an investigator or intelligence professional can use to integrate Dark Web information into an operation.

Stephen E Arnold, author of the Dark Web Notebook, said:

“The information in the Dark Web Notebook has been selected and presented to allow an investigator to access the Dark Web quickly and in a way that protects his or her actual identity. In addition to practical information, the book explains how to gather information from the Dark Web. Also included are lists of vendors who provide Dark Web services to government agencies along with descriptions of open source and commercial software tools for gathering and analyzing Dark Web data. Much of the information has never been collected in a single volume written specifically for those engaged in active investigations or operations.”

The book includes a comprehensive table of contents, a glossary of terms and their definitions, and a detailed index.

The book is divided into 13 chapters. These are:

  1. Why write about the Dark Web?
  2. An Introduction to the Dark Web
  3. A Dark Web Tour with profiles of more than a dozen Dark Web sites, their products, and services
  4. Dark Web Questions and Answers
  5. Basic Security
  6. Enhanced Security
  7. Surface Web Resources
  8. Dark Web Search Systems
  9. Hacking the Dark Web
  10. Commercial Solutions
  11. Bitcoin and Variants
  12. Privacy
  13. Outlook

In addition to the Glossary, the annexes include a list of DARPA Memex open source software written to perform specific Dark Web functions, a list of spoofed Dark Web sites operated by law enforcement and intelligence agencies, and a list of training resources.

Kenny Toth, June 5, 2017

Dark Web and Tor Investigative Tools Webinar

January 5, 2016

Telestrategies announced on January 4, 2016, a new webinar for active LEA and intel professionals. The one hour program is focused on tactics, new products, and ongoing developments for Dark Web and Tor investigations. The program is designed to provide an overview of public, open source, and commercial systems and products. These systems may be used as standalone tools or integrated with IBM i2 ANB or Palantir Gotham. More information about the program is available from Telestrategies. There is no charge for the program. In 2016, Stephen E Arnold’s new Dark Web Notebook will be published. More information about the new monograph upon which the webinar is based may be obtained by writing benkent2020 at yahoo dot com.

Stephen E Arnold, January 5, 2016

Index and Search: The Threat Intel Positioning

December 24, 2015

The Dark Web is out there. Not surprisingly, there are a number of companies indexing Dark Web content. One of these firms is Digital Shadows. I learned in “Cyber Threat Intelligence and the Market of One” that search and retrieval has a new suit of clothes. The write up states:

Cyber situational awareness shifts from only delivering generic threat intelligence that informs, to also delivering specific information to defend against adversaries launching targeted attacks against an organization or individual(s) within an organization. Cyber situational awareness brings together all the information that an organization possesses about itself such as its people, risk posture, attack surface, entire digital footprint and digital shadow (a subset of a digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary). Information is gathered by examining millions of social sites, cloud-based file sharing sites and other points of compromise across a multi-lingual, global environment spanning the visible, dark and deep web.

The approach seems to echo the Palantir “platform” approach. Palantir, one must not forget, is a 2015 version of the Autonomy platform. The notion is that content is acquired, federated, and made useful via outputs and user friendly controls.

What’s interesting is that Digital Shadows indexes content and provides a search system to authorized users. Commercial access is available via tie up in the UK.

My point is that search is alive and well. The positioning of search and retrieval is undergoing some fitting and tucking. There are new terms, new rationale for business cases (fear is workable today), and new players. Under the surface are crawlers, indexes, and search functions.

The death of search may be news to the new players like Digital Shadows, Palantir, and Recorded Future, among numerous other shape shifters.

Stephen E Arnold, December 24, 2015

Insight into Hacking Team

November 25, 2015

Short honk: Curious about the world of exploits available to governments and other authorized entities? You may find “Metadata Investigation: Inside Hacking Team” interesting.” Keep in mind that “metadata” means indexes, entity extraction, and other controlled and uncontrolled data content. The report from Share Lab was online on November 23, 2015, when I last checked the link. I discuss Hacking Team and several other firms in my forthcoming monograph about the Dark Web.

Stephen E Arnold, November 25, 2015

Improper Information Access: A Way to Make Some Money

November 24, 2015

I read “Zerodium Revealed Prices” (original is in Russian). the main point of the write up is that exploits or hacks are available for a price. Some of these are attacks which may not be documented by the white hat folks who monitor the exploit and malware suburbs connected to the information highway.

The paragraph I noted explained what Zerodium will pay for a fresh, juicy exploit.


Here’s the explanation. Please, recognize that Russian, unlike one of my relative’s language skills, is not my go to language:

For a remote control access exploit which intercepts the victim’s computer through Safari or Microsoft’s browser company is willing to pay $ 50 000. A more sophisticated “entry point” is considered Chrome: for the attack through Zerodium pays $ 80,000. Zerodium will pay $5,000 for a vulnerability in WordPress, Joomla and Drupal. Breaking the TorBrowser can earn the programmer about $30.000… A remote exploit bypassing the protection Android or Windows Phone, will bring its author a $100,000. A working exploit of iOS will earn the developer $500,000.

Zerodium explains itself this way:

Zerodium is a privately held and venture backed startup, founded by cybersecurity veterans with unparalleled experience in advanced vulnerability research and exploitation. We’ve created
Zerodium to build a global community of talented and independent security researchers working together to provide the most up-to-date source of cybersecurity research and capabilities.

The company’s logo is nifty too:


The purple OD emphasizes the zero day angle. Are exploits search and information access? Yep, they can be. Not advocating, just stating a fact.

Stephen E Arnold, November 24, 2015

Wynyard Telstra Deal

November 16, 2015

I know that search vendors are busy doing customer relationship management, governance, indexing, and many other jargon choked activities in an increasingly desperate attempt to grow organic revenues.

I want to highlight this news item, “Telstra First on Board as Wynyard Seals $3.2 Cyber Solution Deal.” The announcement is important for the low, low profile Wynyard outfit. The company combines a range of content processing functions with a solution that delivers high value, actionable outputs.

High value means that the company reduces the costs of certain tasks and services which can be linked directly to outcomes. Value also means that the services are less expensive than a mosaic of individual content functions.

You will have to do some digging to get information about Wynyard, one of the leaders in the cyber OSINT and related disciplines. According to the write up:

According to Richardson [Wynyard CEO] , ACTA [Wynyard service] identifies cyber breaches that have compromised traditional defenses, operating inside the company network by processing big-data network logs using advanced machine learning techniques to analyze data for anomalous patterns that are out of step with usual behavior. Terms of the deal will see Telstra – one of the world’s largest telecom companies – use ACTA across its internal ICT network to assist in preventing high consequence cyber crime.

Wynyard offers other interesting services. Worth paying attention to this outfit in my opinion. Real value is more than made up MBA silliness.

Stephen E Arnold, November 16, 2015

Ebsco Discovers Discovery and Finds Lunch Other Ways

September 7, 2015

If you are in Paris in September 2015, you might want to swing by and catch the Ebsco Subscription Services lecture about “Bien choisir son portail documentaire, un enjeu statégique pour l’enterprise.” Ebsco, like other vendors of expensive “real” content is feeling the economic squeeze. The solution is to find a way to sell library-oriented information to a broader world. The idea is to package up software and expensive information from “real” publishers in a buzzword bundle.

Here’s what the Ebsco expert will explain:

To meet the new needs of research and professional content in business and in particular to help professionals identify, query and operate more easily useful resources, Ebsco Discovery Service has developed a new generation of information portals, marketed as discovery solutions.  Ebsco Discovery Service provides company employees with a single access, not only to all [I love these categorical affirmatives] professional information available within the company in paper or electronic format; for example, journals, magazines, books, databases, etc.), but especially to the most reliable and latest information for all [here we go again with precise logical explanations] their research, their business documents, their briefs, their training program, etc.

I noted the two etc. Very comprehensive.

The question is, “Will Ebsco be able to make headway in markets outside of libraries?” Like other for fee content companies, the costs of marketing, technology, and licenses continue to rise.

Diversification is necessary for Ebsco and similar firms. Perhaps Ebsco will succeed. Cambridge Scientific Abstracts, LexisNexis, and other old school outfits are facing the same challenges as Ebsco.

My hunch is that Ebsco and these other old school firms missed out on business and technical information “plays” which were captured by faster moving, more strategic competitors.

For business information today, I find it essential to review the information available on LinkedIn and similar non traditional publishing platforms.

I dearly love the Harvard Business Review and Nature, but I find the information stale and out of touch with my information needs. The here and now problems senior managers face demand different types of information services. Diffeo, maybe? What about Recorded Future?

The decline of the commercial database sector which was thriving in the 1980s is history. Now the aggregators face the same challenge.

Discovering a solution is more difficult than a pleasant afternoon in Paris in September. I assume that “excellence in all we do” means having lunch at L’Atelier de Joel Robuchon. How does one choose a restaurant after a lecture about discovery? I did not use Ebsco, gentle reader. I used a modern, real-time service with hooks into streams of social content.

The indexes of HBR and other “academic” content are for another time, another world.

Stephen E Arnold, September 7, 2015

It Is a Recommended Title

August 24, 2015

Centripetal Networks offers a fully integrated security network specializing in threat-based intelligence.  Threat intelligence is being informed about potential attacks, who creates the attacks, and how to prevent them.  Think of it as the digital version of “stranger danger.”  Centripetal Networks offers combative software using threat intelligence to prevent hacking with real-time results and tailoring for individual systems.

While Centripetal Networks peddles its software, they also share information sources that expand on threat intelligence, how it pertains to specific industries, and new developments in digital security.  Not to brag or anything, but our very own CyberOSINT: Next Generation Information Access made the news page!  Take a gander at its description:

“The RuleGate technology continues to remain the leader in speed and performance as an appliance, and its visualization and analytics tools are easy-to-use. Because of federal use and interest, its threat intelligence resources will continue to rank at the top. Cyber defense, done in this manner, is the most useful for its real time capacity and sheer speed in computing.”

CyberOSINT was written for law enforcement officials to gain and understanding of threat intelligence as well as tools they can use to arm themselves against cyber theft and track potential attacks.  It profiles companies that specialize in threat intelligence and evaluates them.  Centripetal Networks is proudly featured in the book.

Whitney Grace, August 24, 2015

Sponsored by, publisher of the CyberOSINT monograph




Software AG Revenue Drifts Downward Even with JackBe Technology

August 18, 2015

JackBe was an interesting intelligence system. In 2013, Software AG purchased JackBe, and the cyber OSINT brand dropped off my radar. In the 2013 news release, the company explained its positioning in this way:

Software AG (FRA: SOW) helps organizations achieve their business objectives faster. The company’s big data, integration and business process technologies enable customers to drive operational efficiency, modernize their systems and optimize processes for smarter decisions and better service. Building on over 40 years of customer-centric innovation, the company is ranked as a leader in 15 market categories, fueled by core product families Adabas and Natural, ARIS, Terracotta, webMethods and also Alfabet and Apama. Software AG has ca. 5,300 employees in 70 countries and had revenues of €1.05 billion in 2012

With a flurry of management changes, Software AG describes itself this way 24 months after the JackBe deal:

Software AG (Frankfurt TecDAX: SOW) helps organizations achieve their business objectives faster. The company’s big data, integration and business process technologies enable customers to drive operational efficiency, modernize their systems and optimize processes for smarter decisions and better service. Building on over 40 years of customer-centric innovation, the company is ranked as a leader in 14 market categories, fueled by core product families Adabas-Natural, ARIS, Alfabet, Apama, Terracotta and webMethods. Software AG has more than 4,400 employees in 70 countries and had revenues of €858 million in 2014.

Notice that the company is smaller in revenues and staff. There was also a stock market shift. The JackBe technology does not appear to have provided the type of lift I anticipated.

Stephen E Arnold, August 18, 2015



Next Page »

  • Archives

  • Recent Posts

  • Meta