Become a SOFREP Member

Subscribe now to get news and insider perspective from the former special operations and intelligence professionals that mainstream news media can’t access.

February 21, 2014

Govt. Hackers, Console Cowboys, The Tech Model Railroad Club & The Dark Web Part 1

This article spawns from a conversation on the nature of the “Deep Web” and/or the “Dark Web,” and what is the difference and why.

The “why” is “Why does it matter to me the reader?” It should. It’s your Internet.  To quote William Gibson in Neuromancer: “Cyberspace. A consensual hallucination experienced daily by billions of legitimate operators, in every nation, by children being taught mathematical concepts… A graphic representation of data abstracted from banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the non-space of the mind, clusters and constellations of data. Like city lights, receding…” Your Internet contains parents, children, teachers, students, terrorists, criminals, corporations, entrepreneurs, and of course hackers.

Hackers. I am a hacker. I’m a console cowboy.  I’m not the modern definition of said occupation, which has taken on the most disgusting overtones and pejorative connotations. The origin of the word hacker really arose out of one location…The Massachusetts Institute of Technology (MIT) Tech Model Railroad Club.

Prior to the advent of computing, the club dealt with “switches” in terms of trains and control systems in relation to analog control systems related to power. Later, “The club’s members, who shared a passion to find out how things worked and then to master them, were among the first hackers. The atmosphere was casual; members disliked authority. Members received a key to the room after logging 40 hours of work on the layout,” according to Stephen Levy in his book “Hackers: Heroes of the Computer Revolution”. 

This is also why I work with my local Hackspace now. According to the TMRC Dictionary, a dictionary created to collect the jargon that arose out of the culture, a “hack” is “1) an article or project without constructive end; 2) work undertaken on bad self-advice; 3) an entropy booster; 4) to produce, or attempt to produce, a hack (3).” Remember, information should be free.

I hack on my free time, and I do it on my “box” or console. I got friends out there too. If you can think of a certain patriotic hacker, you probably have heard of him as well. I also hack for the United States Government. That’s part of my R&D function. I use expl01ts, vulns, scripts (I code in Python), and Linux. I use the aforementioned tools against data, and I create simulated/virtualized environments to test “hacks.”

A good example of this is MetaGooFil. Per their webpage, “Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,docx,pptx,xlsx) belonging to a target company.” This information then gets input into high-end analytic programs, separately, to take the data I retrieve to the USG. No. I do not work for the NSA. Yes, I am immoral. In summary, I use tools that would otherwise be used to exploit vulnerable computer systems against massive amounts of data because current tools are not meeting specific goals. I could be buying a Lotus in ten days or less.

How to buy a Lotus in 10 days or Less.

On to the “Deep Web.” The deep web and dark web are euphemistically generated terms. The deep web has been around for a long time, and essentially refers to the pantheon of data the average user on the Internet cares nothing about. Meta-data on web pages (how many times accessed), behavioral patterns of surfers, document repositories (like Thompson-Reuters Web of Knowledge), total amount of data available, etc. Wikipedia claims that dark web and deep web are nearly synonymous.

I disagree. The deep web was always about the depth of analytics you can derive from social behavior on the internet, document repositories available for extrapolation, and otherwise not “popular” or user-generated specific data. Meaning, one dude writing on a blog post is not deep web. But rather, the behavior of all WordPress users and analytics derived from extrapolated user-generated content.

Think of the “deep web” as the part of the library way down in the basement where cheerleaders meet the football jock for a make-out session but don’t even look at the book titles. It’s where Jack Murphy ran into some feminists who made a video about being naked with a rubber chicken. It’s the part of the library really useful for a specific type of user, but everyone else does not give a chickens..uh..yeah.

Finally! The “juicy” stuff. According to this article, Cisco invented the term “dark web” to dumb down computer concepts to its customers generate buzz about a product they claimed would help combat this evil presence on the web…waaay back in 2009. Lulz. The dark web is a series of sub-nets (not DNS sub-nets, for all the dorks out there) that are riding on an existing or ad-hoc infrastructure. Meaning they use facets of your ISP-provided infrastructure, or use improvised cellular or wireless signals, to connect. It’s where all the evil on the Internet went after the FBI arrested Kevin Mitnick and held him for seven years on, uh…questionable charges. Arrested for the crime of “social engineering” in 1995? I think not. These guys hadn’t even read the Cuckoo’s Egg yet. Hell, they STILL like to work with manila folders and number two pencils. So one of the most popular interfaces to the “dark web” is Tor, which was an acronym for “The Onion Router.”

Without getting too complicated, TOR routing takes the basic components of your data and feeds it through various volunteer systems, and then re-assembles it at an “exit pipe.” Tracing it is similar to peeling back layers on an onion. You can run Tor the way I do, through a command line interface, or through a GUI (Generic User Interface) provided by The TOR Network. Tor includes a proxy, called Privoxy, which also needs to be activated to run correctly.

I’m not getting into specifics on HOW to do this because the point of this is for you to understand distinction, not design. The TOR Network is designed in its current incarnation to increase your anonymity online, but was designed back in the day by the Office of Naval Research as a way to bypass censorship and provide spies a means to communicate. So you do get anonymity from most people; whether you get it from the government is questionable. That said, you can find the following on the TOR network: gun runners, drug-dealers, pedophiles, Russian mobsters (or people claiming to be Russian mobsters), assassins, and of course, hackers. So not much different from your internet right?

You want to rent a hacker for nefarious purposes? You can find them here. Weapons? Find them here. Drugs? No shortages of that here either. Finally, you can find your very own assassin here as well. That ends tonight’s chapter kiddies. The second part of this will discuss cjdns and sub-nets such as Hyperboria and a few other goodies.  See you next week…same Bat-time…same Bat-channel.

Finally, I would not recommend visiting these sites on Tor unless you are confident that you know what you are doing. Anything from packet leaks to lack of a proxy will get your shizzle fucked up.


The Marketplace
Silk Road


Services Rendered

“Case had always taken it for granted that the real bosses, the kingpins in a given industry, would be both more and less than people… He’d seen it in the men who’d crippled him in Memphis, he’d seen Wage affect the semblance of it in Night City, and it had allowed him to accept Armitrage’s flatness and lack of feeling. He’d always imagined it as a gradual and willing accommodation of the machine, the system, the parent organism. It was the root of street cool, too, the knowing posture that implied connection, invisible lines up to hidden levels of influence.”   ― William GibsonNeuromancer

(Continue reading Government Hackers and the Dark Web Part 2)

About the Author

background is as an all source fusion intelligence analyst. He currently works as a hybrid intelligence analyst and security engineer. He has worked in the intel industry for over ten years and specializes in DoD joint intelligence analysis, counter terrorism, joint targeting, and cyber information operations, among others. Coriolanus has worked at the tactical, operational, and strategic levels of war working for special mission units and policy makers; and working in areas such as Central and South America, Iraq and Afghanistan theaters of war, and throughout Southeast Asia.

To comment on this article please join/login. Here's a sample of the comments on this post.

  • alexanderscrawford

    KungFuCharlie deleted_10984539_Virginstateofmind Charlie, Coriolanus, For the record, the spoofed broadcast ICMP exploit was NOT my doing.  I'd dropped that particular alias years earlier (although I still have a lot of the mail domain address accounts reserved).  I consider it a case of some old 'friends' making fun of me in their own weird way (i.e. in a manner they knew would annoy me, as I'd used the same alias in the 1980's, as well as the 00's).   Most of the contributions under that tag on the official Macintosh boards are mine.  That's the appropriate forum to go gripe over prematurely released software/hardware… Apple's cynical management style regarding premature releases of beta's, and attempt to get 'free' debugging done by Mac-heads to save money is widely hated.  Sadly, it's a practice that pretty much guarantees platform instability following every major upgrade, and seems to have been widely adopted across the industry. I have nothing to comment on regarding flashing p-ram or the use of 'root kit' exploits.  People should always instal firmware passwords, and upgrade their machines firmware security level… I don't have a good link on this book-marked on this machine, but if another contributor does, I'm sure other readers would appreciate the info. Best, A. Scott Crawford

  • alexanderscrawford

    KungFuCharlie Coriolanus There is a "national plan"… the Cyber czar at the WH gave a speech on the current Admins definitions within the last month.  None of us would probably agree with the course the WH has chosen, or even accept his concept of 'offensive' as remotely serious.  It's a train wreck waiting to happen, that has no place for top 1%, A++ skilled hackers aside from prison, or deportation under the guise of extradition (where instead of Prison, one will be given the option of working AGAINST the U.S. for new masters, with a new identity).   Look, all of us on this thread probably already know what L3 Communications servers in Chicago do, and for whom.  Trace your own replies for yourselves, and draw your own conclusions.

  • alexanderscrawford

    MR151 ArcticWarrior Coriolanus (Huge sigh!).  The SOFREP readers aren't really going to appreciate this, but:  there's a massive difference between a top 1%, A++ "hacker" and the next level down, skill-wise.  There's currently a shared consensus among cyberwar VIPs that our inability to attract or recruit this tier of cyber- talent is one of our top problems.   To a great extent, A++ types can't be 'taught' or trained or created, especially in terms of 'offensive' categories of cyberwar.   A lot of these types of guys have spent the majority of their lives being punished in an arbitrary way by people in positions of authority for nothing more than telling the truth.  It's a problem with a complex cause:  IT corporate culture, DoD procurement culture, U.S. Law enforcement attitudes, a widespread misunderstanding regarding 'risk', a lax approach to embedding hardware protections as mandatory, on the assumption non-technical people will follow 'best practice', and etc. I've been reading dozens of articles about 'Chinese hackers' over the last couple of months, but haven't seen Joel Brenner's name mentioned once (he was the first Director of the NCIX, and a former IG at the NSA).  In other words, the old Men, or decision makers in the DoD and U.S. government, opted to go with policies years ago, that stemmed from one faction of the 'cyber' debate, and largely ignored other factions, despite the fact that doing so carried a much greater downside if 'their' faction wasn't correct.  Their faction wasn't correct… in truth, it was horribly flawed and based on demonstrably false first principle's from the beginning.  Yet it's STILL the faction that has the most authority in civilian cyber efforts. Moreover, because so MANY government databases have already been compromised, and the current policy is to downplay the existing  liability, the 'risk', related to the eventual exploitation of these databases, the political 'blowback' alone practically guarantees that our U.S. ship of state in terms of Cyber-warfare, which is currently running aground, will maintain it's current course.  It short, without a drastic overhaul, we've (the U.S.) basically already lost.   On the bright side, It's my opinion that the protections adopted relating to the grid, are good enough to limit the 'risk' of a cascading failure to a regional level.  (There a program at *#$# that constantly attacks utilities portals looking for vulnerabilities, and a protocol for reporting problems…). Anyway…. A. Scott Crawford (formerly GrouchySmurf…. and etc.)

  • Kendoist4162

    Catching up on articles and just finished this. FANTASTIC!!! Welcome back Cori!

  • Solitario

    Simply one of the best articles I've seen on the subject. Makes my GI Bill + CpE degree plan seem more and more like a solid idea.