Darknet Series: What is the Darknet?


This week, OWL Cybersecurity officially became DarkOwl, a name change that reflects our ever-growing focus on the darknet and hidden services. To refresh our readers on what that means, and what the darknet actually is, we put together this Darknet 101-style overview to help clarify what is commonly known as the murkiest and most elusive area of the internet.



Before we dive into the darknet, it may be helpful to take a step back and look at the big picture of the internet, which is comprised of several main components: the Surface Web, the Deep Web, and the Darknet. 

The Internet: Surface Web, Deep Web, Darknet

The term internet is short for internetwork, a system created by connecting a number of computer networks together. An internet allows for communication between devices that are a part of that internetwork.

The internet, which until recently was denoted by a capital “I”, is the most well-known example of an internetwork. This is the internet that we find indispensable to our daily lives, and it links billions of devices across the world through a network of networks using standardized procedures or protocol.

Browsing websites on the web is not the only way in which information is shared via the internet. Email, instant messaging, and FTP are other ways to share information like emails, messages, and files.

To clarify, the web is not synonymous with the internet and should not be confused with it. The web is simply a way of accessing webpages over the medium of the internet.



the surface web

The websites we browse each day make up only a small percentage of the internet. These sites, collectively known as the surface web, are visible and accessible to common search engines such as Google and Yahoo. While estimates vary, many experts agree that the surface web comprises roughly 4% of all online content.



below the surface: the Deep Web

Beyond the surface web, 96% of online content is found in the deep web and the darknet.

The deep web consists of content that cannot be found or directly accessed via surface web search engines such as Google and Yahoo. Examples of deep web sites include websites that require credentials (registration and login), unlinked sites that require a direct link to access, sites that are purposefully designed to keep search crawlers out, and databases - the majority of content in the deep web. 

Deep web databases commonly have their own search functionality which allows users to access the data contained within them. Government databases, patient medical records, and library catalogs are just a few examples of deep web databases. While these databases do not have to require login credentials, many of them do.



the darknet

Beyond the deep web is the darknet. The darknet is a network, built on top of the internet, that is purposefully hidden, meaning it has been designed specifically for anonymity. Unlike the dark web, the darknet is only accessible with special tools and software - browsers and other protocol beyond direct links or credentials. You cannot access the darknet by simply typing a dark web address into your web browser. 

Above we mention that the internet we refer to and use daily is the most well-known example of an internet. Similarly, below are several examples of darknets (each links to more information):

  • Tor, or The Onion Router, is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Users connect through a series of virtual tunnels rather than making a direct connection. 
  • I2P, or the Invisible Internet Project, is an anonymous overlay network - a network within a network - intended to protect communication from surveillance and monitoring. 
  • Freenet is free software which allows users to anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums. Communications by Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to determine who is requesting the information and what its content is.
  • DN42 is an example of a darknet, a routing protocol, that is not necessarily meant to be secret - its aim is to explore internet routing technologies.

We'll use Tor, perhaps the most well-known and most-used, to better explain the darknet and dark web. Tor, short for The Onion Router (the project's original name), routes traffic to dark web sites through layers of encryption to allow for anonymity. The term dark web refers to websites on a darknet. In Tor's case, these dark web addresses all end in .onion. 

Onion routing is implemented by encryption, nested like the layers of an onion. Tor encrypts the data, including the destination, multiple times and sends it through a circuit of randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in order to pass the remaining encrypted data on. The final Tor relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source address.

The other darknets mentioned above employ similar methods of data transmission, all with the end goal of keeping users, usage, and information anonymous.



Curious about something you've read on our blog? Want to learn more? Please reach out. We're more than happy to have a conversation.