ISIS Exploits User-Friendly Encryption Apps to Plan and Recruit
March 21, 2016
The article on Discovery News titled ISIS Taps Dark Web, Encryption Apps to Coordinate discusses the news that ISIS orchestrated the Paris terrorist attacks using encrypted messaging apps. The big social media companies like Google and Facebook enable an encryption method they call “perfect forward secrecy,” which lacks any sort of master key or backdoor. The article explains other systems,
“Extremist groups are even using messaging services found on Play Station 4 gaming consoles, a favorite of young male jihadis who particularly like “Call of Duty,” according to Steven Stalinsky, executive director of the Middle Eastern Media Research Institute, a group that monitors social media by extremist groups…Of particular concern is Telegram, a relatively new instant messaging app designed in Russia that has recently been upgraded to allow more secure communications by groups.”
The article points out that most of these techniques are intuitive, designed for regular people. Their exploitation by ISIS is due to their user-friendliness and the difficulty of interception. Rather than trying to crack the codes, some analysts believe that reverting to good old-fashioned methods like spies and informants may be the best answer to ISIS’s use of Western technology.
Chelsea Kerwin, March 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Sci Hub May Be Relegated to Dark Web Only
March 18, 2016
Academics are not done with innovating when it comes to the dissemination of free knowledge. Science Alert recently published Researcher illegally shares millions of science papers free online to spread knowledge. The article details Sci-Hub, an online service opened up by a researcher in Russia offers free access to more than 48 million journal articles, which is almost every peer-reviewed paper in existence. Additionally, it describes how Elsevier has sued Sci-Hub. The article summarizes how Sci-Hub works,
“The site works in two stages. First of all when you search for a paper, Sci-Hub tries to immediately download it from fellow pirate database LibGen. If that doesn’t work, Sci-Hub is able to bypass journal paywalls thanks to a range of access keys that have been donated by anonymous academics (thank you, science spies). This means that Sci-Hub can instantly access any paper published by the big guys, including JSTOR, Springer, Sage, and Elsevier, and deliver it to you for free within seconds. The site then automatically sends a copy of that paper to LibGen, to help share the love.”
What is fascinating about this case is that whether Elsevier or Sci-Hub wins, there may still be a means for Sci-Hub to continue offering unlimited journal access. As other articles on this subject have alluded, the founder of Sci-Hub sees its relegation to the Dark Web as its worst-case scenario.
Megan Feil, March 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tails Increases Ease of Online Anonymity
March 17, 2016
The interest in browsing the internet anonymously does not appear to be fading. Softpedia recently posted Debian Makes It a Lot Easier for Users to Install the Tails Anonymous Live CD. Called the “amnesic incognito live system”, Tails is a GNU/Linux Live CD distribution which is based on the Debian operating system and allows your online activities to remain anonymous. Tails is driven by Tor and provides its users access to the anonymous Tor network. The article tells us,
Now, we all know how to write a Live ISO image on a USB key or a CD disc, right? But what you probably don’t know is that there’s an app for that, called Tails Installer, which the skilled Debian Privacy Tools maintainers team included in Debian repos. “The previous process for getting started with Tails was very complex and was problematic for less tech-savvy users,” developers explained. “It required starting Tails three times, and copying the full ISO image onto a USB stick twice before having a fully functional Tails USB stick with persistence enabled.”
As the article points out, Tails has a stamp of approval from Edward Snowden. It seems like before Debian, it would have been quite the stretch for many users to even consider adopting the use of Tails. However, using a Linux-based operating system, the pre-requisite for Tails, may also be a hurdle preventing wide-scale adoption. Time will tell.
Megan Feil, March 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bitcoin Textbook to Become Available from Princeton
March 16, 2016
Bitcoin is all over the media but this form of currency may not be thoroughly understood by many, including researchers and scholars. An post on this topic, The Princeton Bitcoin textbook is now freely available, was recently published on Freedom to Tinker, a blog hosted by Princeton’s Center for Information Technology Policy. This article announces the first completed draft of a Princeton Bitcoin textbook. At 300 pages, the manuscript is geared to those who hope to gain a technical understanding of how Bitcoin works and is appropriate for those who have a basic understanding of computer science and programming. According to the write-up,
“Researchers and advanced students will find the book useful as well — starting around Chapter 5, most chapters have novel intellectual contributions. Princeton University Press is publishing the official, peer-reviewed, polished, and professionally done version of this book. It will be out this summer. If you’d like to be notified when it comes out, you should sign up here. Several courses have already used an earlier draft of the book in their classes, including Stanford’s CS 251. If you’re an instructor looking to use the book in your class, we welcome you to contact us, and we’d be happy to share additional teaching materials with you.”
As Bitcoin educational resources catch fire in academia, it is only a matter of time before other Bitcoin experts begin creating resources to help other audiences understand the currency of the Dark Web. Additionally, it will be interesting to see if research emerges regarding connections between Bitcoin, the Dark Web and the mainstream internet.
Megan Feil, March 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Social Media Still a Crime Hub
March 14, 2016
It seems that most crime is concentrated on the hidden Dark Web, especially with news of identity thief and potential threats to national security making the news over the latest social media hotspot. Social media is still a hot bed for Internet crime and Motherboard has a little tale tell about, “SocioSpyder: The Tool Bought By The FBI To Monitor Social Media.” Social media remains a popular crime hub, because of the amount of the general public that use it making them susceptible to everything from terroristic propaganda to the latest scam to steal credit card numbers.
Law enforcement officials are well aware of how criminals use social media, but the biggest problem is having to sift through the large data stockpile from the various social media platforms. While some law enforcement officials might enjoy watching the latest cute kitten video, it is not a conducive use of their time. The FBI purchased SocioSpyder as their big data tool.
“ ‘SocioSpyder,’ as the product is called, ‘can be configured to collect posts, tweets, videos and chats on-demand or autonomously into a relational, searchable and graphable database,” according to the product’s website. SocioSpyder is made by Allied Associates International, a US-based contractor for government and military clients as well as other private companies, and which sells, amongst other things, software.
This particular piece of kit, which is only sold to law enforcement or intelligence agencies, allows an analyst to not only keep tabs on many different targets across various social networks at once, but also easily download all of the data and store it. In short, it’s pretty much a pre-configured web scraper for social media.”
SocioSpyder maps relationships within the data and understand how the user-generated content adds up to the bigger picture. Reportedly, the FBI spent $78,000 on the SocioSpyder software and the US Marshals bought a lesser version worth $22,500. SocioSpyder is being used to gather incriminating evidence against criminals and avoid potential crimes.
My biggest question: where can we get a version of SocioSpyder to generate reports for personal use?
Whitney Grace, March 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Open Source Academic Research Hub Resurfaces on the Dark Web
March 11, 2016
Academics are no strangers to the shadowy corners of the Dark Web. In fact, as the The Research Pirates of the Dark Web published by The Atlantic reports, one university student in Kazakhstan populated the Dark Web with free access to academic research after her website, Sci-Hub was shut down in accordance with a legal case brought to court by the publisher Elsevier. Sci-Hub has existed under a few different domain names on the web since then, continuing its service of opening the floodgates to release paywalled papers for free. The article tells us,
“Soon, the service popped up again under a different domain. But even if the new domain gets shut down, too, Sci-Hub will still be accessible on the dark web, a part of the Internet often associated with drugs, weapons, and child porn. Like its seedy dark-web neighbors, the Sci-Hub site is accessible only through Tor, a network of computers that passes web requests through a randomized series of servers in order to preserve visitors’ anonymity.”
The open source philosophy continues to emerge in various sectors: technology, academia, and beyond. And while the Dark Web appears to be a primed for open source proponents to prosper, it will be interesting to see what takes shape. As the article points out, other avenues exist; scholars may make public requests for paywalled research via Twitter and using the hashtag #icanhazpdf.
Megan Feil, March 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Organized Cybercrime Continues to Evolves
March 10, 2016
In any kind of organized crime, operations take place on multiple levels and cybercrime is no different. A recent article from Security Intelligence, Dark Web Suppliers and Organized Cybercrime Gigs, describes the hierarchy and how the visibility of top-level Cybercrime-as-a-Service (CaaS) has evolved with heightened scrutiny from law enforcement. As recently as a decade ago, expert CaaS vendors were visible on forums and underground boards; however, now they only show up to forums and community sites typically closed to newcomers and their role encompasses more expertise and less information sharing and accomplice-gathering. The article describes their niche,
“Some of the most popular CaaS commodities in the exclusive parts of the Dark Web are the services of expert webinjection writers who supply their skills to banking Trojan operators.
Webinjections are code snippets that financial malware can force into otherwise legitimate Web pages by hooking the Internet browser. Once a browser has been compromised by the malware, attackers can use these injections to modify what infected users see on their bank’s pages or insert additional data input fields into legitimate login pages in order to steal information or mislead unsuspecting users.”
The cybercrime arena shows one set of organized crime professionals, preying on individuals and organizations while simultaneously being sought out by organized cyber security professionals and law enforcement. It will be most interesting to see how collisions and interactions between these two groups will play out — and how that shapes the organization of their rings.
Megan Feil, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Facebook Exploits Dark Web to Avoid Local Censorship
March 9, 2016
The article on Nextgov titled Facebook Is Giving Users a New Way to Access It On the ‘Dark Web’ discusses the lesser-known services of the dark web such as user privacy. Facebook began taking advantage of the dark web in 2014, when it created a Tor address (recognizable through the .onion ending.) The article explains the perks of this for global Facebook users,
“Facebook’s Tor site is one way for people to access their accounts when the regular Facebook site is blocked by governments—such as when Bangladesh cut off access to Facebook, its Messenger and Whatsapp chat platforms, and messaging app Viber for about three weeks in November 2015. As the ban took effect, the overall number of Tor users in Bangladesh spiked by about 10 times, to more than 20,000 a day. When the ban was lifted, the number dropped..”
Facebook has encountered its fair share of hostility from international governments, particularly Russia. Russia has a long history of censorship, and has even clocked Wikipedia in the past, among other sites. But even if a site is not blocked, governments can still prevent full access through filtering of domain names and even specific keywords. The Tor option can certainly help global users access their Facebook accounts, but however else they use Tor is not publicly known, and Facebook’s lips are sealed.
Chelsea Kerwin, March 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Search Dually Conceals and Retrieves for an Audience
March 8, 2016
There are many ways to trace a digital footprint, but Google is expanding European users’ ability to cover their tracks. An article entitled, In Europe, Google will now remove ‘right to be forgotten’ search results from all its sites, from The Verge tells us the story. Basically, European users who request links to be removed protect those links from being crawled by Google.fr in addition to all their other homepages. The write-up explains,
“So, for instance, if someone in France had previously requested that a link be hidden from search results, Google would just remove it from its European homepages, including google.fr. But a savvy searcher could have just used google.com to dig up all those hidden results. Now, however, the company will scrub its US homepage results, too, but only for European users. The company didn’t provide specifics on how it’ll detect that a user is in Europe, but it’s likely going off IP addresses, so in theory, someone could use a VPN to subvert those results.”
As the article mentions, European privacy regulators are happy about this but would still prefer contested links not appear, even if the searcher is in the U.S. or elsewhere. Between the existence of the Dark Web and the “right to be forgotten” protections, more and more links are hidden making search increasingly difficult.
Megan Feil, March 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Place to Express Yourself on the Dark Web
March 7, 2016
For evidence that the dark web is not all about drugs and cybercrime, check out this article at Motherboard: “The Dark Web Now Has a Literary Journal.” As it turns out, anonymity is also good for people who wish to freely explore their creativity and private thoughts.
The new journal, the Torist, was just launched by a professor at the University of Utah, Robert W. Ghel, and a person known simply as GMH. Inspired by the free discussions on their dark-web-based social network, Galaxy, they have seized their chance to create something unexpected. The journal’s preface asks:
“If a magazine publishes itself via a Tor hidden service, what does the creative output look like? How might it contrast itself with its clearweb counterparts? Who indeed will gravitate towards a dark web literary magazine?”
So, why is one of the Torist’s creators anonymous while the other is putting himself out there? Writer Joseph Cox tells us:
Gehl, after being pitched the idea of The Torist by GMH, decided to strip away his pseudonym, and work on the project under his own name. “I thought about that for a while,” Gehl said. “I thought that because GMH is anonymous/pseudonymous, and he’s running the servers, I could be a sort of ‘clear’ liason.”
So while Gehl used his name, and added legitimacy to the project in that way, GMH could continue to work with the freedom the anonymity awards. “I guess it’s easier to explore ideas and not worry as much how it turns out,” said GMH, who described himself as someone with a past studying the humanities, and playing with technology in his spare time.
Gehl and GMH say part of their reasoning behind the journal is to show people that anonymity and encryption can be forces for good. Privacy furthers discussion of controversial, personal, and difficult topics and, according to GMH, should be the default setting for all communications, especially online.
Submissions are currently being accepted, so go ahead and submit that poem or essay if you have something to get off your chest, anonymously. If you dare to venture into the dark web, that is.
Cynthia Murrell, March 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
