Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Saturday November 08 2014, @07:18PM   Printer-friendly
from the not-as-dark-as-we-thought dept.

Silk Road 2.0 and 400 other sites believed to be selling illegal items including drugs and weapons have been shut down. The sites operated on the Tor network - a part of the internet unreachable via traditional search engines. The joint operation between 16 European countries and the US saw 17 arrests.

Although details of how the sites were identified are not given, it does suggest that software now exists that removes the veil that behind which the DarkNet once hid. Any Soylentils have any ideas of how this might be achieved? This story might be the clue.

More information can be found here : http://www.bbc.co.uk/news/technology-29950946

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Informative) by Anonymous Coward on Saturday November 08 2014, @08:01PM

    by Anonymous Coward on Saturday November 08 2014, @08:01PM (#114101)

    "To find high volume darknet markets, rank the quantity of TCP SYN packets from exit nodes and then investigate each site for illegal commerce. An investigation of the top 1,000 sites may yield about, oh, 400 marketplaces."

    Tor hidden service traffic does not leave the Tor network. No exit nodes are involved.

    Among other things, this means to run a Tor hidden service you don't need to disclose your location or IP, you don't need a fixed IP, and you don't need a globally routable address: you can serve Tor hidden services from behind NAT with a fire wall and a dynamic IP. It's pretty nice for home servers even if you don't need the privacy.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  

    Total Score:   1  
  • (Score: 2) by cafebabe on Saturday November 08 2014, @08:29PM

    by cafebabe (894) on Saturday November 08 2014, @08:29PM (#114103) Journal

    I define an exit node as the last node in the chain to emit a TCP SYN packet. Sites of interest receive large numbers of TCP SYN packets but don't emit a corresponding number.

    --
    1702845791×2
    • (Score: 0) by Anonymous Coward on Saturday November 08 2014, @09:47PM

      by Anonymous Coward on Saturday November 08 2014, @09:47PM (#114116)

      Tor hidden service connections as far as TCP go are outgoing from both the user and the server. They meet somewhere in the middle of the Tor network. This makes clients and servers pretty similar from a traffic perspective.

  • (Score: 0) by Anonymous Coward on Sunday November 09 2014, @06:18PM

    by Anonymous Coward on Sunday November 09 2014, @06:18PM (#114301)
    Your traffic to the hidden service is likely to have its last hop be through a tor node (if it goes straight from you to the service it probably means tor is broken right?). Guess who owns and runs many of those tor nodes?

    So they can figure out which hidden services are popular.