Interview: Developer Arne Babenhauserheide of pyFreenet & Infocalypse

logo

I had the good fortune of “meeting” developer Arne Babenhauserheide (can you say his name three times fast?) on Google Plus recently…at least as closely as you can meet someone online.  (Yes, he’s the smiling guy above.)

He’s contributed code to The Freenet Project, a peer-to-peer anonymity platform originally designed by Ian Clarke.  I was curious about his background in coding and developing, what his connection to Freenet was, and his views on internet privacy, so we chatted over Google Plus, and went into detail about a few of these ideas.

By the way, I’ve linked to a few English posts on Arne’s blog, Zwillingssterns Weltenwald, if you’re interested in checking those out!

LmSxuHW0vYtKLdcNdVG

How did you first discover Freenet?

Arne Babenhauserheide: I’m not sure.  My oldest communication archive is from 2007, when Freenet 0.7 was released with the friend-to-friend structure called “darknet”.  Plans for this had started in 2005, where Google trends shows the first spike of searches for “darknet”: Google Trends: “darknet”

I already used 0.5 – I remember being unhappy that many sites disappeared with the switch to 0.7 – but I can’t really put a date to that anymore.

I was active in the Gnutella community before discovering Freenet, so it’s likely that I learned about Freenet from other Gnutella users or developers.

I wrote my first article about Freenet in 2009, the first English article in 2010: Simple positive trust scheme threshholds

How do you think Freenet compares to other anonymity networks like Tor, I2P, and GNUnet in terms of privacy, usability, and functionality?

AB: Different from Tor and i2p – Freenet provides hosting without needing a server.  This means that you don’t need to be able to secure a webserver against arbitrary anonymous [sic] to be able to publish.

GNUnet is closest in purpose to Freenet.  The main difference is that Freenet developed its features together with users and following user demand.  At least two of its features were written following requests from users: the update mechanism for websites in Freenet and the Web of Trust to defend against spam.  The latter was developed because an earlier forum system which was easy to spam actually got spammed: People realized that anonymity without spam resistance means freedom to use spam bots to suppress all discussions they don’t like.

Different from GNUnet – Freenet provides anonymous equivalents to most things you find in the normal internet (We call the non-anonymous internet the “clearnet”).

You said you contributed some code to the Freenet Project.  What area of Freenet were you developing? (e.g. forums, links, etc.)

AB: I’m currently maintaining pyFreenet, which makes it easy to use Freenet from Python and which provides several tools, like an optimized commandline tool for managing websites in Freenet.

Also I’m maintaining Infocalypse, a plugin for versiontracking [sic] tool Mercurial which allows programming over Freenet, including pull-requests and getting the code from someone else by simply calling

hg clone freenet://USER/PROJECT

This functionality was created in Google Summer of Code 2011 by Steve (I was mentor for that project).  Steve is now the maintainer of Freenet.

Also I did some statistical calculations to optimize aspects of Freenet, and I talk to people. ☺ Last December I went to the privacy workshop from the EU Parliament as representative of the Freenet Project: STOA: Protecting online privacy by enhancing IT security and strengthening EU IT capabilities

Finally, I’m doing all kind[sic] of stuff I consider important.  My most recent work is finalizing the simulation for mitigating the Pitch Black Attack: Mitigate the Pitch Black attack (the simulation works).

There’s lots of stuff in Freenet which is partly done and just needs someone to put in a medium amount of work to make it actually usable.  Lots of low hanging fruit where putting in some effort can have a huge effect.

Is it recommended, in general, to have some familiarity with coding if you’re browsing darknets like Freenet?

AB: I don’t think so.  If you can browse the web, you can use most things in Freenet – thought you need some tolerance for web interfaces which look as if they were written in the last century.

Do any of the sites on the network disturb you? (Such as some of the ones on Linkageddon [the uncensored link list on Freenet])?

AB: There are some sites on Linkageddon where the descriptions hint at stuff which would disturb me.  I do not look at these because that’s the only way to get rid of stuff on Freenet: when no one accesses it, it gets replaced by new content.

If I could get rid of sites without killing censorship resistance – a central requirement for free speech and freedom of the press which is one of the core requirements of real democracy – there would be some sites I’d remove.  But I can’t give myself the ability to censor without giving it to everyone else.  And once everyone can censor (essentially decide for others what they are allowed to see), no one can speak anymore.  Would you invest in writing something useful when it when it could disappear at any moment just because someone you don’t even know does not like it? [Good point, AB!]

What gives me peace of mind is that this does not help large scale criminals or such: People who can launder money can already publish anonymously.  Some of these already own media cartels.  They don’t gain anything extra from Freenet.  Giving free publishing to everyone via Freenet levels the playing field.  And once money is involved, they make themselves traceable via normal police work, so this does not help organized crime.

Also I recently went afoul of someone by telling him that killing politicians does not help against injustice, because it gives those politicians an excuse to increase their powerbase.  It wasn’t long in that discussion that I was threatened that my websites would be destroyed.  Back then I deeply wished I had had this discussion in Freenet.

Anonymity helps those who are threatened with physical violence.  And if you have children you’ll really not want to have Neonazis, Islamists or Corporate Lawyers at your doorstep for ridiculing their lies.

So you decide to keep quiet and leave the digital space to aggressors.  And censorship takes hold.

Freenet helps me against this: In Freenet I can speak freely.

And for this, I have to grant all other people that same freedom.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iJwEAQEIAAYFAla4rDgACgkQ3M8NswvBBUirMAP9FcsQmRo9tT+cSL1qQcR09vU1
CvIZFCKO6PsjFwQnCTS6xMvbYgMgBuI5jX5+vlROShUHZbcNIDBR7p4q1DDZ4HeE
Fvd1+J2fwflvz7gIzyLSvzal3j62pl6YsOWW/N9jwfQ4h85ue/KwwJdq0CfDePoV
EiL3eaK+BmvELXh0D9g=
=lcn3
-----END PGP SIGNATURE-----

 

 

 

 

Disturbing Dark Web Things, Part 2

1kHYB0x

I’ve already mentioned that I write on Quora, and this is another one of the “Top 10” questions I get – and I’m sure it’s morbid curiosity on the part of most people.

The site above I’ve never seen personally, but yeah, it is from the deep web/dark web, and it was a forum for pedophiles (or “child lovers,” or whatever they liked to be called).  It gives me a shiver just reading a few of the topics there, such as “Kindergarten Shopping,” “Top Ten reasons to snuff a kid,” and “tried it?”  (I can only imagine what the hell that means).

Actually, the latest I had heard was that that particular site had been shut down by authorities – I say good riddance!

As for me, personally, I had already mentioned that site “Scream, Bitch!” in a previous post, and not to repeat myself too much, but that has to be in my “Top 10 Most Disturbing Sites” that I’ve seen so far.  Here it is again, for all you “messed up site” lovers:

A65

Beyond that one, of course, I’ve seen quite a few others.  There was one site I came across called the Cruel Onion Wiki (which is a companion to the Cruel Onion Forum, I assume):

84B

Both sites feature images and videos of animal abuse and other things.  And it would be nicer if that were the only site like that on the dark web, but it isn’t, unfortunately.

Because I’m very much an animal lover, I was thoroughly sickened by this site and others of its type – you can find more explicit screenshots of it on Youtube and Google images, but I’d rather not feature those here.  I just wanted to prove that I’m not making this shit up!

There are a couple of others that have left me open-mouthed as well, in particular the “Vault of Sex and Dead” site, which includes photos and videos of rape, murder, and just death in general.  Here’s about the least explicit photo I could find from that site:

Sample+Photos+2_Sex+and+Dead+%28028%29.jpg.small

I don’t know the identity of the woman in the photo, but if someone specifically asks, I will take it down.  Anyhow, the strange thing about “Vault” is that it’s set up like your average porn site: you get to see a few sample photos and videos, but you have to subscribe to see the real thing.

Apparently, someone out there finds this shit sexually arousing.  Am I really surprised?  No, not that much.

Freenet

image-05-700x379

Many of the videos that talk about the deep web and dark web seem to be referring to Tor. But Freenet is another darknet that has its fair share of disturbing sites as well.

The sites on Freenet are arranged into different indexes that make it easier to navigate, with names like Nerdageddon, Linkageddon, and Enzo’s Index.  Nerdageddon has most of the “offensive” material removed, whereas Linkageddon is completely uncensored.

So in theory, all of the Linkageddon sites that contain “adult” material or “underage material” are supposed to be labeled as such, but that isn’t always the case.  Among the sites on Linkageddon are, unfortunately, some child pornography, or as they refer to it, “underage material.”

In my so-called adventure through Freenet, I stumbled upon a link that was very vaguely labeled, and I clicked on it.  I really don’t want to say what I saw, but suffice it to say that it made me sick to my stomach.  I at least reported my findings, so I feel better about that.

The thing that is strange to me is that with these sting operations, so much attention is focused on the Tor network, that some of these other networks just seem to slip through the nets.  Freenet seems completely and utterly undiminished, so its name is very appropriate.

Oddly enough, I’m not one of these “Censor the internet!” people, but when it comes to exploiting animals, children and others for entertainment, that just doesn’t sit well with me.

 

 

 

 

How Do I Search the Dark Web? (Links Included)

Note: I apologize that the screenshots are so small – try zooming in and see if you can get a better look at the text.

This is a question I get very frequently.  In fact, it’s probably in the Top 10 Deep Web/Dark Web questions.

If it’s Tor you’re referring to, it does in fact have search engines on it.  You just have to look a little bit to find them.  These search engines are the way that I’ve found a lot of the interesting dark web sites.

As with search engines like Google and Bing, you just type in a search term and look through the results.  These search engines, however, don’t function quite the same way.  Let’s experiment and see what results what get, shall we?

Ahmia

 

Ahmia

Ahmia is one of the best search engines on Tor (in my opinion).  It was the first search engine I discovered that could look through sites on the “dark web.”

As with any of the search engines, you may not always come up with what you’re looking for, but it’s worth a shot.  Let’s try searching for “bitcoin.”  Here are the top few results:

Ahmia Results

Interesting, huh?  I’m especially interested in that cannabis one (I joke).  Because bitcoin is the primary “currency” on Tor and other darknet networks, you’re likely to see many other intriguing sites come up.

Now, let’s try a different search engine.

not Evil

I’d say not Evil is about tied with Ahmia in terms of how good its results are.  Again, you probably won’t always find what you’re looking for, but if you fool around and try different search terms, you just might.  Let’s try searching for “conspiracy.”

not Evil conspiracy

That’s what came up on my last search for “conspiracy,” although it might change by the time you try it.  These searches might not be interesting to you, so go to the site and try it yourself if you want to find something really fascinating.  Hint: try just typing in the word “links” and see what you come up with.  The less specific you are, the more crazy results you might get.

Candle

Yet another Tor search engine, Candle comes up with fewer results (at least clickable ones), but they tend to be pretty relevant, most of the time.  Let’s just try the word “links” on here and see what we get:

Candle Results

That may not look like much, but the thing about searching for “links” is that you’ll probably come up with a lot more sites with interesting links inside them.  In fact, that site at the top, “Welcome To Dark Web Links & More!”, is one of my favorite link sites on the Tor network.

Tor! Searchengine

A newer search engine on Tor, it’ll be my first time trying this one, so I guess you could say we’re in the same boat!  What should I search for this time?  Let’s try “weird.”

Tor Search Results

I somehow find it just a little comforting that Weird Al Yankovic is in those search results.  Anyhow, give this one a try too.

These searches may have looked a little boring, but I was really just trying to explain how to use these.  Check out those links, and you can do your own wild and crazy exploring, kids!!

Don’t stay up past your bedtime, OK?

 

Is the Shadow Web a Reality?

hqdefault

Short answer?  Yes, I believe that something like it exists, but I don’t think you can get there from the so-called “Shadow Web” site.

There is (or was) a site that called itself “The Hidden Gateway to the Shadow Web,” and it looked exactly like this:

shadowweb_ss

I had never actually paid my way through to the supposed sites, but as the story goes, there was some extremely sick content on there.  A creepypasta entitled A warning to those thinking of accessing the shadow web has increased its “urban legend” status.  I have a feeling that the creepypasta was made up, but having seen some very sick and disgusting pages on the dark web myself, I was willing to believe that there were worse things in existence.

dungeon

Photo courtesy of darknoise.co.za

One of the features of the shadow web, as the story goes, was live-streamed murder shows, a.k.a. “red rooms.”  People wanting to watch the show would pay a certain amount of bitcoin, and if you wanted to be in control of the show, you would have to pay an even higher price.

It would be extremely difficult to do something like this over the Tor network, because its speed is akin to that of dialup networks (like the old internet of the ’90s).  On the other hand, if you were accessing the dark web through some other method, it would, in theory, be possible.

On Quora, however, I did talk to one writer (whom I won’t named here) who said that not only does something like it exist, it was the sickest thing she had ever seen.  Actually, she didn’t specifically call it “the shadow web.”

She said that she “invested in a non-American SSH Tunnel that I trusted and started digging even deeper.  I had read stories on the surface web relating to these things, and I do not care what absolutely anybody has to say about it.  I know that these sites are not a joke and for somebody to minimize the very real existence of these sites and their victims is not only abhorrently disrespectful but flat out ignorant.”   On top of that, she said that it was her reason for getting off of the dark web completely.

Here’s my take on it:

I think something like this could and does exist.  It may be technologically difficult, but if you were to have enough security protocols in place, I think it could be accomplished.

There are IRC chat rooms that you can access through the Tor network, where people are into some very sick and disturbing things (IMHO, at least).  So, if you contacted someone in one of these chat rooms who had knowledge of such things, they could probably point you in the direction of a site like this.

The caveat, of course, is that if it were the real thing, not only would it be illegal, but it would probably cost you a very high amount of money.  If a group were organizing such a thing, it wouldn’t make sense to offer it for free.

I did come across a similar site on the Tor network, which offered films of women getting raped, as well as videos of real deaths (they just weren’t live streams).  It was more along the lines of something like Faces of Death, which was a shock film, but the filmmakers hadn’t actually killed the victims.  Not that I spent very long on this site, but they basically offered samples of the videos for free, and then you had to pay quite a bit of money to subscribe.  (I’ve talked about the site in another post).

I imagine the same would be true of the so-called “shadow web,” that is, if something like it existed.  I’m trying to be rational about this, believe me!!

So there’s my two cents.  Take it or leave it.

 

Deep Web: Fake Words and Secret Codes

It should come as no surprise to anyone who’s used the dark web that concealing your identity is a priority.

Even if you aren’t involved in anything criminal, it’s still a good idea. So, if you’re creating an account for a site of some kind, it’s definitely safer if you don’t use the same login credentials as you do on other sites.

What I sometimes do, when trying to come up with a login name, is use a nonsense word generator. One of the best ones is at Soybomb.com (yeah, it’s named after this dude):

gty_soy_bomb_grammy_wy_120209_wg

The program generates a list of 50 nonsense words each time you click the “generate” link.  I don’t know if you can actually read those, but that aside…

soybomb

It’s crazy, but some of these actually make perfect login names (in my opinion, anyway)!  Another great site for this is Fake Word Generator For Great Made-Up Words!  That site, though, tends to repeat words more often than Soybomb does.

Anyway, let’s say you pick a name off one of those lists, like “andocide.”  Now comes the second part – your password/passphrase.  Weak passwords are often one of the reasons that people’s accounts get hacked easily, whether on the dark web or the surface web.

Dice or No Dice?

A good technique for generating more secure passwords is to use the “diceware” method, which comes up with random words based on a series of dice rolls.  This may not work for everyone, but hear me out.

The way diceware works is that you use dice (actual, physical dice) to come up with a series of random numbers.  You arrange the numbers into sets of five digits, each of which represents a word.

For example: 11651 =aloft /  11311 = addle

What words am I talking about, you ask?  There are several standard lists of diceware words, listed in numerical order.  One of those can be found here: Diceware Passphrase FAQ.  But, if you want to take the time and effort, you can also randomly generate your own diceware words using the same system – it’s just more tedious.

So, here’s an example of a passphrase generated with the diceware technique (not one I’ve actually used for anything):

“lyman.shrank.cross.welsh.percy.lamb.jukes.loy.chute”

That might not seem that secure, but the key is that a human didn’t come up with it.  People, in general, are pretty predictable when it comes to things like passwords (like using someone’s birthday, favorite color, favorite food, etc.).  A pair of dice is a lot more unpredictable.  You do still have to remember the passphrase that comes out, so you might want to record it somewhere.

Onto the Websites!

Now that you have your randomly generated name and randomly generated passphrase, you’re better prepared for exploring the dark web.  Again, you don’t have to do it this way, but it seems like a smarter option than using the same login you use for, say, your email or bank account.

Yes, it takes a little extra time to do, but I think the result is worth it.

 

 

 

Most Disturbing Dark Web Sites?

Deep-Web2

Disturbing is an Understatement

Shameless plug: I also write on Quora at Eric Pudalov – Quora, and many of the questions I get are about the deep web and dark web.  One of the ones that people ask most frequently is “What’s the most disturbing deep web site you’ve ever seen?”

I’ve seen quite a few, but they might differ from the stories you hear on Youtube.  One of the most disturbing ones I came across, though, was called “Scream, Bitch!”  It was essentially a forum, but possibly the sickest one I’d ever seen.

A65

It was meant for people who wanted to see photos, videos, and stories of rape, abuse, and murder.  In fact, it’s possible that some of these people were the ones actually committing such crimes (but I have no proof of that).  I’m not sure if the site is still active, but the front page still exists.

As you can see above, the “Introductions” section features this caption: “Looking for new friends?  Introduce yourself to the rest of the sick fucks here.”  Then there’s a page entitled “No Limits Discussion,” described as “A no limits discussion area.  Let us know how you would really treat them.”

I haven’t dared to venture into any of these, but I can only imagine what kind of horrible, disgusting things people have “explored” on this forum.  What’s even more disturbing, to me, is that some of the people posting on here have likely abused children, animals, or adults.

The site’s registration is now closed, but as far as I know, it hasn’t been taken down completely.  Sorry to disappoint, but I’m not sharing the link to it.  I’m sure you can find it if you really want to.

This Youtube video explains it a bit more (in Spanish): entro a la Pagina mas Extrema del Inframundo SCREAM BITCH!! y te lo muestro 2015

Cruel and Unusual

I also once came across a site called “The Cruel Onions Forum,” which was described as a “forum for ‘bad things.'”  While it was, in theory, just a forum, there were all manner of disturbing things being discussed on it.

I recall one person asking for the video “Daisy’s Destruction,” which, if you aren’t familiar, is a video of a young girl being tortured and sexually abused.  It was produced by the notorious Australian pedophile and child molester Peter Scully, former owner of a company called No Limits Fun, that created such videos.

The part I distinctly remember the most, however, was a young woman (supposedly) who said, “Hi!  I’m a 15-year-old girl!  Who wants to rape me and abuse me, and make me their slave?”

Someone else on the forum piped up, “What?  Are you serious?”

Her response: “Totally serious.”

His response: “Here’s my number: xxx-xxx-xxxx.  Hit me up.”

Of course, I have no idea what was really going on there – it could’ve been a sting operation, for all I know.  I suppose if it were consensual, that’s slightly less disturbing, but still…

These are only two examples – I’ve come across others, but perhaps that’s for a future post.

 

Deep Web vs. Dark Web…

I seem to frequently hear the term “deep web” being used on Youtube, and various news sites and blogs, lately.

For better or worse, it’s become the catch-all term for hidden websites, but I’d like to help clear up the confusion.

Technically, the term “deep web” just means anything that isn’t indexed by major search engines, like Google, Bing, and Yahoo!

Google, for example, finds web pages via links and XML sitemaps that communicate to the search engine that you want your site to be found in results. If a site isn’t set up that way, however, it won’t show up in search results. Thus, that page is technically in the “deep web.”

Even the confidential details of certain sites are considered part of the deep web. If, for example, you log into your bank account with a username, password, and sitekey, then the part of the site that’s meant only for you to see is the “deep web.”

Dark Web…

forbidden

 

The “dark web” is, technically, what all the news stories and scary videos are referring to. The dark web is comprised of sites that are built on top of “darknets,” networks which require special software or configurations to access.

That being said, I know slang terms change over time, and so if people want to call it the deep web, that’s fine too.

One of the most popular ways of accessing the dark web is through the Tor network. “TOR” was originally called “The Onion Router,” because of the way in which the network is set up. (See diagram)

How_tor_works

Tor routes traffic through a series of “nodes” (the various connections), to help obscure the IP addresses of users on the network.  While you can browse the “surface web” or “clearnet” with Tor, the network also hosts Tor hidden services, which are referred to as .onion sites.  If you’re on an onion site, that’s technically part of the “dark web.”

Perhaps you’ve heard of the Silk Road? The 2013 shutdown of this darknet market was one of the things that popularized the terms “deep web” and “dark web,” and made the general public more aware that this “evil” side of the internet existed.

There are other dark web networks that exist besides Tor as well, such as I2P, Freenet, and GNUnet.  Tor just happens to be the most well known (and the most notorious, at the moment).  Most of the Youtube videos with the “deep web horror stories” are referring to the Tor network (although that isn’t always the case).

In spite of the Silk Road being shut down, there are many other markets that sell drugs on the dark web, as well as child pornography sites, animal abuse videos, hacked credit cards, hacked PayPal accounts, counterfeit money, and more (use your imagination).

On the other hand, there are dark websites that are more or less harmless – some are just blogs, social networks, or sites related to cryptography and privacy.  The thing that I find scariest about the networks is that they’re hard to navigate.

You could be innocently browsing a search engine, click on a link, and suddenly you’re confronted with horrific images on your screen.  Or someone (unbeknownst to you) gains access to your computer through some kind of backdoor.

So, no – the dark web is not a joke.  Feel free to try accessing it, but it does have its fair share of frightening and disturbing sites.

And don’t do anything I wouldn’t do.