SlideShare une entreprise Scribd logo

Why we need a "Dark Web"

Télécharger en tant que ODP, PDF
Jeroen Baert
Jeroen Baert

Presentatie op De Privacyproef, @jbaert, 1/06/2017

Technologie
1  sur  45
Why we need a Dark Web Jeroen Baert - @jbaert De Privacyproef – Ghent, 2017 / 06 / 01
Why we need a Dark Web - @jbaert About me ● Jeroen Baert (@jbaert) – Engineer – Computer Scientist – PhD Student (Computer Graphics @ KU Leuven) – Improv / Stand-up comedian ● Belgian Improv League – jeroen-baert.be – forceflow.be – PGP: 30F2 857D 9129 3519
Why we need a Dark Web - @jbaert GRAPHICS! ALL THE GRAPHICS! ● Out-of-core construction and visualisation of Sparse Voxel Octree structures on modern GPU hardware NOT TODAY
Why we need a Dark Web - @jbaert BAD NEWS EVERYONE
Why we need a Dark Web - @jbaert The internet is broken because ... ● TRACKING – Websites, apps, … – Ads = Trackers (+ malware vector) – Without knowledge or consent ● Everybody hates reading ToS / Cookie warnings – Profiling / identifying you ● Content is not free – Business model: You pay with private data
Why we need a Dark Web - @jbaert Tracking: Websites ● Belgian news sites – Not only connect to site itself – Background: 30+ third-party connections http://www.forceflow.be/2015/11/11/tracking-users-across-websites-wheres-my-data-going/
Why we need a Dark Web - @jbaert Tracking: Websites (2) ● Third parties following you across ALL sites
Why we need a Dark Web - @jbaert Tracking: People Farmers ● Facebook = “People Farmer” – Build advertising profile – Everywhere you see – All over the web – Logging out won’t help – Behavioural Advertising Tech https://www.theguardian.com/technology/2017/may/01/facebook-advertising-data-insecure-teens
Why we need a Dark Web - @jbaert Tracking: Big Data = Big Business ● Cambridge Analytica – Buy/collect massive amounts of data ● From Social Media, web trackers, ... – Data mining & analysis – Political microtargeting ● Influenced Brexit, Trump Victory ● Would be impossible without current state of the internet to gather tracking data Adam Curtis – Hypernormalization (2016)
Why we need a Dark Web - @jbaert The internet is broken because of... ● CENSORSHIP – Internet services not decentralized = easy to censor – Easy to filter at ISP level ● Packet inspection, DNS block ... – For a lot of people: Internet = Social Media Platforms – Private companies decide ● What you see ● When you see it ● What you can and cannot share
Why we need a Dark Web - @jbaert Censorship ● Turkey – Protests: National shutdown of all social media – Sharing Erdogan cartoons = block ● China – “Great Firewall of China” – No Wikipedia (no “Tiananmen Square”)
Why we need a Dark Web - @jbaert Centralization: DNS ● October 2016 – Infected IoT devices (Mirai worm) – DdoS attack on Dyn.org (DNS provider) ● DNS : 9.21.102.183 → Paypal.com – Twitter, Paypal, Spotify, … hit
Why we need a Dark Web - @jbaert The internet is broken because ... ● Not designed with ANONIMITY in mind ● Not designed with PRIVACY in mind ● Problem for – Journalists (protect identity sources) – Activists / Whistleblowers (face prosecution) ● Snowden / Manning – Companies (protect communication) – Everyone
Why we need a Dark Web - @jbaert The internet is broken because ... ● Using the internet = leaking very personal info – Sites you visit tell your (intimate) story (Tim Berners-Lee) – American ISP’s : Selling your browsing history ● Technical identifiers: – IP address ● In the clear (by design), (pretty) unique Identifier – HTTP protocol and Browsers ● Provide unique footprint ● Time, Browser, Version, plugins, screen size, GPU, IP, Network, Settings, … ● Check it yourself! amiunique.org
Why we need a Dark Web - @jbaert Am I Unique? - amiunique.org
Why we need a Dark Web - @jbaert We need an alternative web ● The internet is a wonderful place – But by design, it makes it easy to track, censor and identify users ● Need alternative, different network with better privacy properties
Why we need a Dark Web - @jbaert Enter ... THE “DARK WEB”
Why we need a Dark Web - @jbaert The “Dark Web” ● A lot of misconceptions – Blame: ● Media & Politics ● Technical nature ● Confusing terminology ● “Dark Web” is actually really interesting from privacy POV
Why we need a Dark Web - @jbaert “Dark Web” versus “Normal Web” ● Often explained: – Surface web – Deep web – Dark web ● But Dark Web is: – Alternative, parallel – Can be used to access surface web D A R K W E B
Why we need a Dark Web - @jbaert Dark Web(s) ● There is no such thing as one Dark Web ● Alternative networks focused on privacy: – Tor (The onion router) ● Most popular, we’ll focus on this – I2P Project – Freenet – … (TRY THEM ALL!) ● All different specifications / properties
Why we need a Dark Web - @jbaert Tor: The Onion Router ● Most popular alternative network ● Open-Source – Original development: US Navy, DARPA – Now: Non-profit org – Network nodes run by volunteers – Endorsed: EFF, HRW, Amnesty, … – Unrelated to torrents ● Internal content: – Websites hosted on the Tor network : “Hidden services” ● Link with Surface Web
Why we need a Dark Web - @jbaert Tor: How it works
Why we need a Dark Web - @jbaert Tor: How it works
Why we need a Dark Web - @jbaert Tor: The onion Acpe 2014 Internet Anonymity Using Tor
Why we need a Dark Web - @jbaert Tor: How it works
Why we need a Dark Web - @jbaert Tor: How does it protect you ● Anonimity / Privacy – Original IP stays hidden – Strong encryption – New circuit for every site ● Cannot track users across websites – No logs
Why we need a Dark Web - @jbaert TOR: How does it protect you (2) ● Anti-censorship – Internal Tor content cannot be censored ● Nobody knows where it’s hosted – Circumvents surface web censorship ● Exit nodes in different countries – Tor traffic can be “disguised” ● As regular traffic: Browsing, Skype Call, … ● Very hard to filter at ISP level
Why we need a Dark Web - @jbaert Tor: Current status ● Network = growing
Why we need a Dark Web - @jbaert Tor: Detecting censorship events ● Censorship events = sudden peak in TOR usage
Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● Using an alternative network is not illegal ● You are simply using a – Different communication protocol – Different way to exchange information – Different way to output 0’s and 1’s ● Like you do for a lot of other things – E-mail protocol: POP3 / IMAP
Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● Media get it wrong all the time
Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● National council of medical professionals:
Why we need a Dark Web - @jbaert The “Dark Web” and criminality ● Alternative networks are not exclusively used for criminal activities ● Technology = inherently neutral ● Protecting your identity & privacy ● Useful services – Blogging platforms – E-mail / File storage – News – Whistleblowing services – ...
Why we need a Dark Web - @jbaert The “Dark Web” and criminality ● What about – Drugs / Guns / Fake ID’s? – Terrorist forums? Murder plots? ● Same % of services on Surface Web ● A lot of Hidden Web services are scams – Anonimity + untraceable Bitcoin ● Hidden Web is actually tiny – 7k – 30k sites = 0.03% of surface web
Why we need a Dark Web - @jbaert The “Dark Web” and child pornography ● Child pornography is a problem on every network ● Research by Internet Watch Foundation (2015) – 31,266 URLs with CP content – 51 (0.2%) on Dark Web ● Break association Dark Web ↔ CP – Without ignoring / minimalizing CP problem
Why we need a Dark Web - @jbaert Using the “Dark Web” ● Using the Dark Web does not require advanced technical knowledge ● For example, Tor: – Go to www.torproject.org – Download the TOR Browser Bundle – Install – Go!
Why we need a Dark Web - @jbaert Tor on your desktop: Browser Bundle ● Custom version of Firefox – Great browser – Pre-configured for Tor – Masked fingerprint – Scripts blocked by default – Auto-updater ● Safety out-of-the-box
Why we need a Dark Web - @jbaert Tor on your phone: Orbot ● Android: Orbot – In Play Store – VPN for all traffic – Free ● iOS – Onion Browser – App Store – Free
Why we need a Dark Web - @jbaert Maybe start using it ... ● Unsafe networks – Free wifi networks ● All the time? ● More users = more diversity = more security
Why we need a Dark Web - @jbaert Tor: Helping the network ● Run a TOR node – I run a node! ● Dystopia: CCE6294300F6E075733E247DD05ADFE9875BCF 08 – VPS / Self-hosted – Limit bandwidth ● Donate at torservers.net
Why we need a Dark Web - @jbaert Tor: Helping the network ● Webmasters / IT: – Don’t block Tor usage – Don’t block Tor exit nodes ● Other ways to mitigate abuse (Captcha, …) ● If you use Cloudflare: explicitly allow Tor ● See Tor Abuse FAQ: – https://www.torproject.org/docs/faq-abuse.html.en
Why we need a Dark Web - @jbaert Tor: Helping the network ● Media / Press – Offer your site as a Hidden Service – Set up a SecureDrop
Why we need a Dark Web - @jbaert Tor: Helping the network ● Programmers / Writers / Educators/ Jurists / Enthousiasts / Designers – Development – Documentation – Discussion – Education – Assist with legal issues of running Tor nodes
Why we need a Dark Web - @jbaert And you ... ● Try it! ● Spread the word – Educate friends & family – Talk to your IT department – “Well actually” when you hear misconceptions
Why we need a Dark Web - @jbaert Questions? @jbaert Jeroen.baert@cs.kuleuven.be Poke me @reception “The internet is a mirror which reflects the society we live in. If you don’t like what you see, don’t break the mirror.” - Vint Cerf

Recommandé

Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep WebTrend Micro
 
The dark web
The dark webThe dark web
The dark webBella M
 
The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?Pierluigi Paganini
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsAndres Baravalle
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark WebMd. Nazmus Shakib Robin
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark WebSwecha | స్వేచ్ఛ
 
Nerdland CRISPR Special
Nerdland CRISPR SpecialNerdland CRISPR Special
Nerdland CRISPR SpecialJeroen Baert
 

Recommandé

Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep WebTrend Micro
 
The dark web
The dark webThe dark web
The dark webBella M
 
The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?The Dark web - Why the hidden part of the web is even more dangerous?
The Dark web - Why the hidden part of the web is even more dangerous?Pierluigi Paganini
 
Dark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsDark web markets: from the silk road to alphabay, trends and developments
Dark web markets: from the silk road to alphabay, trends and developmentsAndres Baravalle
 
Deep and Dark Web
Deep and Dark WebDeep and Dark Web
Deep and Dark WebMd. Nazmus Shakib Robin
 
The Deep and Dark Web
The Deep and Dark WebThe Deep and Dark Web
The Deep and Dark WebSwecha | స్వేచ్ఛ
 
Nerdland CRISPR Special
Nerdland CRISPR SpecialNerdland CRISPR Special
Nerdland CRISPR SpecialJeroen Baert
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Contenu connexe

Dernier

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Dernier (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

En vedette

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

En vedette (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Why we need a "Dark Web"

  • 1. Why we need a Dark Web Jeroen Baert - @jbaert De Privacyproef – Ghent, 2017 / 06 / 01
  • 2. Why we need a Dark Web - @jbaert About me ● Jeroen Baert (@jbaert) – Engineer – Computer Scientist – PhD Student (Computer Graphics @ KU Leuven) – Improv / Stand-up comedian ● Belgian Improv League – jeroen-baert.be – forceflow.be – PGP: 30F2 857D 9129 3519
  • 3. Why we need a Dark Web - @jbaert GRAPHICS! ALL THE GRAPHICS! ● Out-of-core construction and visualisation of Sparse Voxel Octree structures on modern GPU hardware NOT TODAY
  • 4. Why we need a Dark Web - @jbaert BAD NEWS EVERYONE
  • 5. Why we need a Dark Web - @jbaert The internet is broken because ... ● TRACKING – Websites, apps, … – Ads = Trackers (+ malware vector) – Without knowledge or consent ● Everybody hates reading ToS / Cookie warnings – Profiling / identifying you ● Content is not free – Business model: You pay with private data
  • 6. Why we need a Dark Web - @jbaert Tracking: Websites ● Belgian news sites – Not only connect to site itself – Background: 30+ third-party connections http://www.forceflow.be/2015/11/11/tracking-users-across-websites-wheres-my-data-going/
  • 7. Why we need a Dark Web - @jbaert Tracking: Websites (2) ● Third parties following you across ALL sites
  • 8. Why we need a Dark Web - @jbaert Tracking: People Farmers ● Facebook = “People Farmer” – Build advertising profile – Everywhere you see – All over the web – Logging out won’t help – Behavioural Advertising Tech https://www.theguardian.com/technology/2017/may/01/facebook-advertising-data-insecure-teens
  • 9. Why we need a Dark Web - @jbaert Tracking: Big Data = Big Business ● Cambridge Analytica – Buy/collect massive amounts of data ● From Social Media, web trackers, ... – Data mining & analysis – Political microtargeting ● Influenced Brexit, Trump Victory ● Would be impossible without current state of the internet to gather tracking data Adam Curtis – Hypernormalization (2016)
  • 10. Why we need a Dark Web - @jbaert The internet is broken because of... ● CENSORSHIP – Internet services not decentralized = easy to censor – Easy to filter at ISP level ● Packet inspection, DNS block ... – For a lot of people: Internet = Social Media Platforms – Private companies decide ● What you see ● When you see it ● What you can and cannot share
  • 11. Why we need a Dark Web - @jbaert Censorship ● Turkey – Protests: National shutdown of all social media – Sharing Erdogan cartoons = block ● China – “Great Firewall of China” – No Wikipedia (no “Tiananmen Square”)
  • 12. Why we need a Dark Web - @jbaert Centralization: DNS ● October 2016 – Infected IoT devices (Mirai worm) – DdoS attack on Dyn.org (DNS provider) ● DNS : 9.21.102.183 → Paypal.com – Twitter, Paypal, Spotify, … hit
  • 13. Why we need a Dark Web - @jbaert The internet is broken because ... ● Not designed with ANONIMITY in mind ● Not designed with PRIVACY in mind ● Problem for – Journalists (protect identity sources) – Activists / Whistleblowers (face prosecution) ● Snowden / Manning – Companies (protect communication) – Everyone
  • 14. Why we need a Dark Web - @jbaert The internet is broken because ... ● Using the internet = leaking very personal info – Sites you visit tell your (intimate) story (Tim Berners-Lee) – American ISP’s : Selling your browsing history ● Technical identifiers: – IP address ● In the clear (by design), (pretty) unique Identifier – HTTP protocol and Browsers ● Provide unique footprint ● Time, Browser, Version, plugins, screen size, GPU, IP, Network, Settings, … ● Check it yourself! amiunique.org
  • 15. Why we need a Dark Web - @jbaert Am I Unique? - amiunique.org
  • 16. Why we need a Dark Web - @jbaert We need an alternative web ● The internet is a wonderful place – But by design, it makes it easy to track, censor and identify users ● Need alternative, different network with better privacy properties
  • 17. Why we need a Dark Web - @jbaert Enter ... THE “DARK WEB”
  • 18. Why we need a Dark Web - @jbaert The “Dark Web” ● A lot of misconceptions – Blame: ● Media & Politics ● Technical nature ● Confusing terminology ● “Dark Web” is actually really interesting from privacy POV
  • 19. Why we need a Dark Web - @jbaert “Dark Web” versus “Normal Web” ● Often explained: – Surface web – Deep web – Dark web ● But Dark Web is: – Alternative, parallel – Can be used to access surface web D A R K W E B
  • 20. Why we need a Dark Web - @jbaert Dark Web(s) ● There is no such thing as one Dark Web ● Alternative networks focused on privacy: – Tor (The onion router) ● Most popular, we’ll focus on this – I2P Project – Freenet – … (TRY THEM ALL!) ● All different specifications / properties
  • 21. Why we need a Dark Web - @jbaert Tor: The Onion Router ● Most popular alternative network ● Open-Source – Original development: US Navy, DARPA – Now: Non-profit org – Network nodes run by volunteers – Endorsed: EFF, HRW, Amnesty, … – Unrelated to torrents ● Internal content: – Websites hosted on the Tor network : “Hidden services” ● Link with Surface Web
  • 22. Why we need a Dark Web - @jbaert Tor: How it works
  • 23. Why we need a Dark Web - @jbaert Tor: How it works
  • 24. Why we need a Dark Web - @jbaert Tor: The onion Acpe 2014 Internet Anonymity Using Tor
  • 25. Why we need a Dark Web - @jbaert Tor: How it works
  • 26. Why we need a Dark Web - @jbaert Tor: How does it protect you ● Anonimity / Privacy – Original IP stays hidden – Strong encryption – New circuit for every site ● Cannot track users across websites – No logs
  • 27. Why we need a Dark Web - @jbaert TOR: How does it protect you (2) ● Anti-censorship – Internal Tor content cannot be censored ● Nobody knows where it’s hosted – Circumvents surface web censorship ● Exit nodes in different countries – Tor traffic can be “disguised” ● As regular traffic: Browsing, Skype Call, … ● Very hard to filter at ISP level
  • 28. Why we need a Dark Web - @jbaert Tor: Current status ● Network = growing
  • 29. Why we need a Dark Web - @jbaert Tor: Detecting censorship events ● Censorship events = sudden peak in TOR usage
  • 30. Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● Using an alternative network is not illegal ● You are simply using a – Different communication protocol – Different way to exchange information – Different way to output 0’s and 1’s ● Like you do for a lot of other things – E-mail protocol: POP3 / IMAP
  • 31. Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● Media get it wrong all the time
  • 32. Why we need a Dark Web - @jbaert The “Dark Web” is not illegal ● National council of medical professionals:
  • 33. Why we need a Dark Web - @jbaert The “Dark Web” and criminality ● Alternative networks are not exclusively used for criminal activities ● Technology = inherently neutral ● Protecting your identity & privacy ● Useful services – Blogging platforms – E-mail / File storage – News – Whistleblowing services – ...
  • 34. Why we need a Dark Web - @jbaert The “Dark Web” and criminality ● What about – Drugs / Guns / Fake ID’s? – Terrorist forums? Murder plots? ● Same % of services on Surface Web ● A lot of Hidden Web services are scams – Anonimity + untraceable Bitcoin ● Hidden Web is actually tiny – 7k – 30k sites = 0.03% of surface web
  • 35. Why we need a Dark Web - @jbaert The “Dark Web” and child pornography ● Child pornography is a problem on every network ● Research by Internet Watch Foundation (2015) – 31,266 URLs with CP content – 51 (0.2%) on Dark Web ● Break association Dark Web ↔ CP – Without ignoring / minimalizing CP problem
  • 36. Why we need a Dark Web - @jbaert Using the “Dark Web” ● Using the Dark Web does not require advanced technical knowledge ● For example, Tor: – Go to www.torproject.org – Download the TOR Browser Bundle – Install – Go!
  • 37. Why we need a Dark Web - @jbaert Tor on your desktop: Browser Bundle ● Custom version of Firefox – Great browser – Pre-configured for Tor – Masked fingerprint – Scripts blocked by default – Auto-updater ● Safety out-of-the-box
  • 38. Why we need a Dark Web - @jbaert Tor on your phone: Orbot ● Android: Orbot – In Play Store – VPN for all traffic – Free ● iOS – Onion Browser – App Store – Free
  • 39. Why we need a Dark Web - @jbaert Maybe start using it ... ● Unsafe networks – Free wifi networks ● All the time? ● More users = more diversity = more security
  • 40. Why we need a Dark Web - @jbaert Tor: Helping the network ● Run a TOR node – I run a node! ● Dystopia: CCE6294300F6E075733E247DD05ADFE9875BCF 08 – VPS / Self-hosted – Limit bandwidth ● Donate at torservers.net
  • 41. Why we need a Dark Web - @jbaert Tor: Helping the network ● Webmasters / IT: – Don’t block Tor usage – Don’t block Tor exit nodes ● Other ways to mitigate abuse (Captcha, …) ● If you use Cloudflare: explicitly allow Tor ● See Tor Abuse FAQ: – https://www.torproject.org/docs/faq-abuse.html.en
  • 42. Why we need a Dark Web - @jbaert Tor: Helping the network ● Media / Press – Offer your site as a Hidden Service – Set up a SecureDrop
  • 43. Why we need a Dark Web - @jbaert Tor: Helping the network ● Programmers / Writers / Educators/ Jurists / Enthousiasts / Designers – Development – Documentation – Discussion – Education – Assist with legal issues of running Tor nodes
  • 44. Why we need a Dark Web - @jbaert And you ... ● Try it! ● Spread the word – Educate friends & family – Talk to your IT department – “Well actually” when you hear misconceptions
  • 45. Why we need a Dark Web - @jbaert Questions? @jbaert Jeroen.baert@cs.kuleuven.be Poke me @reception “The internet is a mirror which reflects the society we live in. If you don’t like what you see, don’t break the mirror.” - Vint Cerf

Notes de l'éditeur

  1. Welkom Deze pipo is erin geslaagd verkouden te raken in een hittegolf
  2. This is me Lieven Scheire van den aldi
  3. (titel) Geweldige beelden Graphics, graaf Maar niet vandaag Ik praat niet voor de KUL
  4. Slecht nieuws Het internet is kapot. Beetje een beerput.
  5. Geevolueerd naar tracking Overal Websites, Apps Advertenties – trackers Profiel opbouwen, en vaak is uw portemonne het doel – juiste reclame, goedkopere of duurdere tickets Miljoenenindustrie van bedrijfjes met vage namen Kom voor de ads, blijf voor de content
  6. Zelf test gedaan Grote belgische krantenwebsites Meer dan 30+ verbindingen naar derde partijen Telkens jij pagina laadt: weet elk van die partijen dat Kunnen je over alle websites volgen Ingelogd op sociale media? Identiteit ook
  7. Ochtendroutine: wat nieuws lezen: Handvol bedrijven weten waarnaar u gekeken hebt
  8. Internet is kapot, maar het is niet kapot voor Facebook of Google Mark Zuckerberg (president) – open park, plaats voor meningsuiting… shopping center Hidden Facebook pixels Maken het gemakkelijk om te commenten Goorste voorbeeld
  9. Canadees bedrijf, gesponsord door oprichter Breitbart Robert Mercer, briljante computerwetenschapper AI, goeie vriend van immer onfrisse Steve Bannon Psychologische profilering toepassen op gedrag sociale media Juiste boodschap, juiste profiel, juiste moment. Hoeveelheden data ondenkbaar te verkrijgen 10 jaar geleden: mee internet gevormd
  10. Vroeger: nu too centralized Packet inspection, DNS zit bij ICANNN Single Point Of Failure Voor veel mensen – vooral jonge mensen Is het internet = sociale media Privé bedrijven die beslissen Enorm veel macht
  11. Genoeg voorbeelden van internetcensuur Erdogan – stel dat je zou impliceren dat die man g.. n… China Noord Korea Iran Saudi-Arabië Egypte
  12. Structuur van het internet is ook te gecentraliseerd Pijnlijk duidelijk hoe kwetsbaar onze internet-infrastructuur is
  13. Snel, gemakkelijk om te parsen, toegankelijk, compact om te versturen Ontwikkeld toen er 3 universiteiten een link met elkaar hadden: ARPANET Journalisten die werken met bronnen Activisten / klokkenluiders Bedrijfsstrategie Gewone gebruikers
  14. Tim Berners-Lee: uitvinder van het internet – onlags 20 jaar oud Wat voor een intiem verhaal de sites waar je naartoe surft, en wanneer vertellen Niet alleen je browserhistory Je browser zelf geeft ook heel veel data vrij: dit om het internet interactief en snelt e maken – al die datapunten vormen een redelijk uniek beeld van je
  15. Begrijp me niet verkeerd: internet is een fantastische plek waar heel veel dingen mogelijk gemaakt worden Maar, om historische redenen, en onder druk van grote multinationals is het langzaamaan veranderd in We zouden een alternatief, ander netwerk kunneng ebruiken met betere privacy-eigenschappen
  16. Veel misverstanden / misvattingen over Dark Web Ik ben hier om lans te breken – op deprivacyproef dat het gebruik van zo’n Dark Web interessante implicaties heeft Aan de hand van die misvattingen fietsen we erdoor
  17. Eerst specifiëren wat we bedoelen met het dark web Wordt vaak zo uitgelegd: maar ik vind die uitleg niet zo geweldig Parallel
  18. Er is er niet 1 Heel veel Allemaal andere eigenschappen qua snelheid, opzet, scope, ontwikkelmodel, ondersteuning, …
  19. Tor: Niets te maken met torrents Origineel ontwikkeld jaren 90 Draait op vrijwilligers Aangeraden – geen shady organisatie In volle ontwikkeling TOR hidden services: websites op het TOR netwerk TOR network op surface web
  20. Alice gebruiker: Krijgt lijst van alle tor nodes in het netwerk 3 soorten nodes: Entry, relay, en exit
  21. Wordt een circuit opgezet door minstens 3 computers: 1 entry, 1 relay, 1 exit Server Bob ziet enkel exit: encryptie laatste stuk hangt af van of de webserver Bob beveiligde verbindingen ondersteunt Betekent niet dat identiteit Alice niet beschermd is:
  22. Hierom de ui: Elke node voegt laagje encryptie toe Geen enkele node weet totale pad door netwerk Onmogelijk om terug te traceren
  23. Voor elke website wordt een nieuw circuit opgezet: Alice zal dus telkens een ander en ander pad gebruiken – heel moeilijk cross site tracken
  24. Origineel IP blijft verborgen Strenge Encryptie Geen logs: geen enkele node kent totale circuit Netwerk of trust: nodes stemmen op elkaars betrouwbaarheid: niemand kan opeens een hoop nieuwe, malicious nodes op netwerk gooien en alle trafiek analyseren
  25. Kan niet censureren: je weet niet waar gehost Tor exit node: bepaalt wat je van surface web kan zien Tor traffic vermommen als skype calls, als surfen naar google … Heel moeilijk voor een Internet Service Provder om te analyseren, zelfs met deep packet inspection Steeds voortdurende wapenwedloop
  26. Dokters: constant bezig met gevoelige data
  27. Technologie: inherent neutraal Goede eigenschappen: Goede services Groeiend
  28. Drugs! Wapens! TOR fixt privacy voor normale mensen zoals u en ik: criminelen hebben al tools genoeg Winst die we halen door gewone mensen beter bestand te maken tegen identiteitsdiefstal / privaciy-inbruiken Parallel: ons nationaal wegennetwerk wordt ook gebruikt
  29. Kinderpornografie: vaak gebruikt als manier om discussie af te sluiten