WEBVTT

1
00:00:00.080 --> 00:00:03.399
<v Speaker 1>Welcome back to the deep dive. We are cutting through

2
00:00:03.399 --> 00:00:06.639
<v Speaker 1>the noise today to examine a place few understand fully

3
00:00:06.719 --> 00:00:09.119
<v Speaker 1>but will. Everyone's heard of the dark web.

4
00:00:09.279 --> 00:00:13.560
<v Speaker 2>Yeah, it's a territory defined by deep anonymity, and the

5
00:00:13.640 --> 00:00:16.719
<v Speaker 2>sources we've looked at really emphasize this duality. It's a

6
00:00:16.800 --> 00:00:22.800
<v Speaker 2>vital layer for journalists, whistleblowers maybe seeking uncensored communication, but

7
00:00:22.839 --> 00:00:26.440
<v Speaker 2>it's also, unfortunately the primary operating ground for organized cybercrime,

8
00:00:26.480 --> 00:00:30.600
<v Speaker 2>things ranging from narcotics all the way to human exploitation exactly.

9
00:00:31.039 --> 00:00:34.240
<v Speaker 1>So our mission today is pretty clear. We're diving deep

10
00:00:34.280 --> 00:00:38.039
<v Speaker 1>into the architecture of this hidden internet, how it works,

11
00:00:38.439 --> 00:00:42.600
<v Speaker 1>the really destructive and frankly profitable crimes that flourish there

12
00:00:42.799 --> 00:00:45.920
<v Speaker 1>right and maybe most importantly, the advanced countermeasures that law

13
00:00:46.000 --> 00:00:50.079
<v Speaker 1>enforcement and tech developers are deploying right now to fight back.

14
00:00:50.159 --> 00:00:52.960
<v Speaker 2>And we're pulling this from a really comprehensive analysis that

15
00:00:53.039 --> 00:00:56.119
<v Speaker 2>looks at the network structure of the criminal economics and

16
00:00:56.159 --> 00:00:59.759
<v Speaker 2>even future strategies like global information sharing. It gives us

17
00:00:59.799 --> 00:01:02.640
<v Speaker 2>a pretty complete blueprint of this digital conflict zone.

18
00:01:02.719 --> 00:01:06.159
<v Speaker 1>Okay, let's unpack this then. Before we get to the

19
00:01:06.200 --> 00:01:09.159
<v Speaker 1>really shadowy corners, we need to clarify what we mean

20
00:01:09.200 --> 00:01:12.560
<v Speaker 1>by dark internet, because I think most people mistakenly think,

21
00:01:13.079 --> 00:01:16.840
<v Speaker 1>you know, checking their secure email is accessing the deep web.

22
00:01:17.319 --> 00:01:20.280
<v Speaker 2>That's a perfect place to start. Yeah, we can visualize

23
00:01:20.280 --> 00:01:24.879
<v Speaker 2>the whole Internet using that classic iceberg analogy. It helps

24
00:01:24.920 --> 00:01:26.719
<v Speaker 2>define the three layers pretty clearly.

25
00:01:26.920 --> 00:01:29.000
<v Speaker 1>Right, the ice break, so the visible tip, the part

26
00:01:29.000 --> 00:01:30.840
<v Speaker 1>above the water. That's where we all live.

27
00:01:30.719 --> 00:01:34.480
<v Speaker 2>Online, right precisely. That's the surface web, sometimes called the

28
00:01:34.560 --> 00:01:38.040
<v Speaker 2>visible web. This is everything standard search engines like Google

29
00:01:38.159 --> 00:01:41.120
<v Speaker 2>or Bing can index. It's what you browse every day. Okay,

30
00:01:41.239 --> 00:01:45.239
<v Speaker 2>but it accounts for a surprisingly tiny fraction, like only

31
00:01:45.280 --> 00:01:47.799
<v Speaker 2>about five percent of all the content out there.

32
00:01:47.840 --> 00:01:51.319
<v Speaker 1>Five percent. Wow, that really puts the sheer scale of

33
00:01:51.359 --> 00:01:52.799
<v Speaker 1>the rest of the web into perspective.

34
00:01:52.959 --> 00:01:57.079
<v Speaker 2>It absolutely does. So below the surface, that huge, submerged

35
00:01:57.120 --> 00:02:00.079
<v Speaker 2>part of the iceberg, that's the vast deep web. If

36
00:02:00.079 --> 00:02:03.439
<v Speaker 2>this accounts for approximately ninety percent of all data, this

37
00:02:03.519 --> 00:02:06.400
<v Speaker 2>is where most of the Internet actually lives, and it

38
00:02:06.480 --> 00:02:10.080
<v Speaker 2>includes anything that requires some kind of authentication. I think

39
00:02:10.560 --> 00:02:16.400
<v Speaker 2>private databases, academic journals, your password protected cloud storage, your

40
00:02:16.439 --> 00:02:17.719
<v Speaker 2>online banking log.

41
00:02:17.439 --> 00:02:20.080
<v Speaker 1>In, got it. So mostly routine stuff, just.

42
00:02:20.039 --> 00:02:23.439
<v Speaker 2>Private, exactly, mostly legal, just not publicly indexed.

43
00:02:23.599 --> 00:02:26.159
<v Speaker 1>So if the deep web is ninety percent, where does

44
00:02:26.199 --> 00:02:29.319
<v Speaker 1>the really hidden part the dark web fit into this picture?

45
00:02:29.360 --> 00:02:31.360
<v Speaker 2>Okay, so the dark web is the final layer. It's

46
00:02:31.360 --> 00:02:34.479
<v Speaker 2>actually a small subsection of the deep web. Estimates put

47
00:02:34.479 --> 00:02:36.840
<v Speaker 2>it at only about point zero one percent of the

48
00:02:36.919 --> 00:02:40.599
<v Speaker 2>deep Web itself, KIMI, very small. The key differentiator here

49
00:02:40.680 --> 00:02:44.120
<v Speaker 2>is the technology needed to access it. It requires specialized

50
00:02:44.120 --> 00:02:47.599
<v Speaker 2>software like the Too browser because its content is intentionally

51
00:02:47.599 --> 00:02:50.960
<v Speaker 2>concealed and designed to avoid conventional detection.

52
00:02:51.159 --> 00:02:53.240
<v Speaker 1>Right. And here's where it gets really interesting because this

53
00:02:53.360 --> 00:02:56.919
<v Speaker 1>level of anonymity wasn't originally intended for criminals, was it.

54
00:02:57.280 --> 00:03:00.840
<v Speaker 1>How did this anonymous architecture even come about? And what

55
00:03:01.000 --> 00:03:02.039
<v Speaker 1>tools underpin it?

56
00:03:02.280 --> 00:03:05.879
<v Speaker 2>Well? The concept of a secure isolated network, what they

57
00:03:05.879 --> 00:03:08.240
<v Speaker 2>sometimes call a darknet, it actually dates back to the

58
00:03:08.319 --> 00:03:09.840
<v Speaker 2>nineteen sixties with arpin it.

59
00:03:10.039 --> 00:03:11.159
<v Speaker 1>Wow that fair back.

60
00:03:11.319 --> 00:03:16.199
<v Speaker 2>Yeah, And the technology behind TRR specifically was initially developed

61
00:03:16.199 --> 00:03:18.800
<v Speaker 2>by the US Navy to protect its own communications.

62
00:03:19.120 --> 00:03:23.759
<v Speaker 1>Okay, and today the undisputed champion for anonymity is TIOR,

63
00:03:23.879 --> 00:03:24.680
<v Speaker 1>the Onion router.

64
00:03:24.840 --> 00:03:28.240
<v Speaker 2>It is yeah, tr is open source software, a browser

65
00:03:28.360 --> 00:03:31.639
<v Speaker 2>that uses something called onion routing. Imagine your data is

66
00:03:31.680 --> 00:03:35.319
<v Speaker 2>wrapped like an onion in multiple layers. Each layer is encrypted,

67
00:03:35.759 --> 00:03:38.479
<v Speaker 2>and as the data moves across several volunteer servers they

68
00:03:38.479 --> 00:03:41.479
<v Speaker 2>call them relayser nodes, a layer of encryption is stripped

69
00:03:41.520 --> 00:03:43.960
<v Speaker 2>off just to reveal the next stop. Ah okay, This

70
00:03:44.039 --> 00:03:48.240
<v Speaker 2>whole process completely masks the user's original IP address. As

71
00:03:48.280 --> 00:03:51.280
<v Speaker 2>of late twenty twenty two, it was supporting about two

72
00:03:51.439 --> 00:03:52.599
<v Speaker 2>million users daily.

73
00:03:52.919 --> 00:03:55.800
<v Speaker 1>So the anonymity is the key feature. But all that

74
00:03:55.879 --> 00:03:58.439
<v Speaker 1>relaying and encrypting must slow things down quite a bit.

75
00:03:58.680 --> 00:04:00.000
<v Speaker 1>What's the practical trade off there?

76
00:04:00.280 --> 00:04:03.759
<v Speaker 2>Anonymity definitely comes at the cost of speed. Yeah, that's

77
00:04:03.759 --> 00:04:08.439
<v Speaker 2>a major drawback. Plus there's a significant stigma because you know,

78
00:04:08.680 --> 00:04:13.080
<v Speaker 2>governments and Internet service providers ISPs, they often monitor who

79
00:04:13.199 --> 00:04:15.360
<v Speaker 2>uses to your like services.

80
00:04:15.080 --> 00:04:16.399
<v Speaker 1>Right, even if they can't see what.

81
00:04:16.360 --> 00:04:20.439
<v Speaker 2>You're doing exactly. The monitoring itself, just knowing someone is

82
00:04:20.560 --> 00:04:24.040
<v Speaker 2>using to your can kind of undermine the privacy goal.

83
00:04:24.079 --> 00:04:27.560
<v Speaker 2>For some users, It flags you as someone seeking anonymity.

84
00:04:27.800 --> 00:04:30.519
<v Speaker 1>But to your isn't the only player in this space, right? Yeah?

85
00:04:30.639 --> 00:04:34.399
<v Speaker 1>Are there alternatives people use if they're looking for absolute privacy?

86
00:04:34.680 --> 00:04:38.199
<v Speaker 2>There are a few others. The Invisible Internet Project or ITTOP,

87
00:04:38.519 --> 00:04:41.120
<v Speaker 2>is quite notable. It uses something called garlic routing.

88
00:04:41.199 --> 00:04:44.680
<v Speaker 1>Garlic routing, Okay, first onions, now garlic, what's the difference.

89
00:04:44.800 --> 00:04:47.519
<v Speaker 2>Uh huh Yeah. So instead of sending just one message

90
00:04:47.519 --> 00:04:51.920
<v Speaker 2>through multiple relays like tors onion routing, itp bundles multiple

91
00:04:51.920 --> 00:04:54.839
<v Speaker 2>messages together and encrypts them as a bundle like clothes

92
00:04:54.839 --> 00:04:55.560
<v Speaker 2>in ahead of garlic.

93
00:04:55.639 --> 00:04:57.680
<v Speaker 1>Why bundle them is that faster it can be.

94
00:04:57.800 --> 00:05:00.439
<v Speaker 2>Bundling can reduce some of the latency issues that sometimes

95
00:05:00.480 --> 00:05:03.639
<v Speaker 2>slow tour down. And because it encrypts and sends multiple

96
00:05:03.639 --> 00:05:07.399
<v Speaker 2>messages together, it actually makes traffic analysis even harder than

97
00:05:07.480 --> 00:05:11.160
<v Speaker 2>TR's method. It offers potentially a better scalability and maybe

98
00:05:11.160 --> 00:05:14.439
<v Speaker 2>a more robust connection for things that need sustained usage.

99
00:05:14.600 --> 00:05:19.000
<v Speaker 1>It's still amazing how this tech, starting as a military concept,

100
00:05:19.399 --> 00:05:21.959
<v Speaker 1>now has this vocabulary based on kitchen staples.

101
00:05:22.160 --> 00:05:25.519
<v Speaker 2>It certainly does. The third main tool worth mentioning is

102
00:05:25.560 --> 00:05:28.680
<v Speaker 2>free net that's more of a decentralized peer to peer network.

103
00:05:28.680 --> 00:05:32.120
<v Speaker 2>It's used primarily for file sharing, forums and hosting these

104
00:05:32.120 --> 00:05:34.920
<v Speaker 2>things called free sites, really aiming to ensure freedom of

105
00:05:34.920 --> 00:05:36.360
<v Speaker 2>speech and resist censorship.

106
00:05:36.839 --> 00:05:40.519
<v Speaker 1>Okay, now that we understand the tech, the secure, untraceable

107
00:05:40.560 --> 00:05:43.279
<v Speaker 1>movement of data. We need to talk about why that

108
00:05:43.360 --> 00:05:46.800
<v Speaker 1>movement is so valuable, especially for illicit purposes. How do

109
00:05:46.839 --> 00:05:49.720
<v Speaker 1>you actually pay for things when you can't use traditional banks.

110
00:05:50.160 --> 00:05:53.399
<v Speaker 2>Yeah, that anonymity is inherently profitable for crime. And this

111
00:05:53.480 --> 00:05:56.560
<v Speaker 2>is where cryptocurrencies really come into play. Since crypto bitcoin,

112
00:05:56.680 --> 00:05:59.920
<v Speaker 2>especially in the early days, is largely unregulated, borderless, and

113
00:06:00.040 --> 00:06:01.519
<v Speaker 2>crucially pseudoanonymous.

114
00:06:01.680 --> 00:06:04.680
<v Speaker 1>Pseudoanonymous right, not totally anonymous.

115
00:06:04.199 --> 00:06:08.199
<v Speaker 2>Correct, but anonymous enough for these purposes. It instantly became

116
00:06:08.279 --> 00:06:11.399
<v Speaker 2>the currency of choice for these illegal digital marketplaces.

117
00:06:11.560 --> 00:06:14.839
<v Speaker 1>And the most famous or maybe infamous historical example that

118
00:06:15.519 --> 00:06:18.519
<v Speaker 1>really tied crypto to the dark web was silk Road,

119
00:06:18.639 --> 00:06:19.639
<v Speaker 1>Wasn't it absolutely?

120
00:06:19.720 --> 00:06:24.759
<v Speaker 2>Silk Road was essentially the first major dark web drug market.

121
00:06:25.000 --> 00:06:28.279
<v Speaker 2>It kind of made buying illegal substances almost as easy

122
00:06:28.319 --> 00:06:31.800
<v Speaker 2>as buying something on Amazon or eBay, and the sources

123
00:06:31.839 --> 00:06:34.399
<v Speaker 2>we looked at really highlight that its use of bitcoin,

124
00:06:34.560 --> 00:06:39.120
<v Speaker 2>combined with Tor's hidden services, set the template for pretty

125
00:06:39.199 --> 00:06:41.040
<v Speaker 2>much all the dark markets that followed.

126
00:06:41.160 --> 00:06:42.759
<v Speaker 1>And when the founder was caught right.

127
00:06:42.639 --> 00:06:46.040
<v Speaker 2>When ross Olbritt was arrested in twenty thirteen, the seizure

128
00:06:46.160 --> 00:06:48.839
<v Speaker 2>of over a billion dollars worth of bitcoin at the time.

129
00:06:49.079 --> 00:06:52.480
<v Speaker 2>That truly showed the massive scale of these operations.

130
00:06:51.839 --> 00:06:55.480
<v Speaker 1>A billion dollars. Okay, let's delve into the actual crimes then,

131
00:06:55.519 --> 00:06:59.079
<v Speaker 1>the ones that flourish in this anonymous environment. Starting with

132
00:06:59.160 --> 00:07:01.040
<v Speaker 1>those drug markets you said they are less like back

133
00:07:01.120 --> 00:07:04.759
<v Speaker 1>alleys and more like what high tech e commerce platforms.

134
00:07:04.959 --> 00:07:09.079
<v Speaker 2>They really are highly professionalized. These dark markets operate with

135
00:07:09.160 --> 00:07:12.319
<v Speaker 2>sophisticated business models. You have vendors who are ranked and

136
00:07:12.360 --> 00:07:16.959
<v Speaker 2>reviewed by buyers. Successful transaction numbers are often displayed likecelerating

137
00:07:17.079 --> 00:07:21.160
<v Speaker 2>exactly like celeratings, and they often use escrow services, holding

138
00:07:21.160 --> 00:07:23.920
<v Speaker 2>the crypto payment until the buyer confirms they received the

139
00:07:23.959 --> 00:07:27.000
<v Speaker 2>illegal goods, which are usually delivered through just you know,

140
00:07:27.079 --> 00:07:28.360
<v Speaker 2>the regular postal service.

141
00:07:28.439 --> 00:07:30.279
<v Speaker 1>And the numbers involved are just staggering.

142
00:07:30.480 --> 00:07:33.199
<v Speaker 2>They really are. Recent figures put annual sales at around

143
00:07:33.199 --> 00:07:36.959
<v Speaker 2>three hundred and fifteen million dollars. That's up hugely from

144
00:07:37.000 --> 00:07:40.240
<v Speaker 2>about eighty million dollars back in twenty seventeen. So this

145
00:07:40.439 --> 00:07:45.399
<v Speaker 2>model anonymity plus hidden services plus crypto, it's proven incredibly resilient,

146
00:07:45.680 --> 00:07:48.639
<v Speaker 2>even with law enforcement constantly trying to take these sites down.

147
00:07:49.160 --> 00:07:52.759
<v Speaker 1>We've seen how these platforms facilitate drug sales but the

148
00:07:52.800 --> 00:07:56.720
<v Speaker 1>source material also forces us and you the listener, to

149
00:07:56.839 --> 00:08:00.199
<v Speaker 1>confront the truly darkest corners of the dark web, where

150
00:08:00.199 --> 00:08:04.079
<v Speaker 1>the financial gain is compounded by just devastating human depravity.

151
00:08:04.959 --> 00:08:07.680
<v Speaker 1>Let's talk about child exploitation, and we need to be

152
00:08:07.759 --> 00:08:11.680
<v Speaker 1>really clear about the terminology here. As the sources emphasize.

153
00:08:11.199 --> 00:08:15.360
<v Speaker 2>Yes, it's absolutely vital. Our sources stress the necessary shift

154
00:08:15.399 --> 00:08:18.879
<v Speaker 2>away from terms like child pornography. The correct terms are

155
00:08:19.079 --> 00:08:24.839
<v Speaker 2>child sexual exploitation material CSM or child sexual abuse material CSM.

156
00:08:24.959 --> 00:08:29.079
<v Speaker 2>Why is that distinction so important because this terminology reinforces

157
00:08:29.120 --> 00:08:33.240
<v Speaker 2>the victim's complete innocence and correctly labels the actions depicted

158
00:08:33.279 --> 00:08:37.000
<v Speaker 2>as abuse and exploitation, not something consumable like pornography.

159
00:08:37.039 --> 00:08:40.559
<v Speaker 1>Okay. And the organization of these networks, yeah, it's horrifying.

160
00:08:40.840 --> 00:08:44.720
<v Speaker 2>It's a kind of systemic depravity. The sources describe forums

161
00:08:44.720 --> 00:08:48.559
<v Speaker 2>dedicated to CSM that are highly structured. They require vetting

162
00:08:48.639 --> 00:08:49.159
<v Speaker 2>for new.

163
00:08:49.039 --> 00:08:50.960
<v Speaker 1>Members, vetting how well.

164
00:08:51.000 --> 00:08:54.440
<v Speaker 2>The sources note that gaining access or sometimes renewing membership

165
00:08:54.519 --> 00:08:58.159
<v Speaker 2>often requires members to submit fresh CSM, new material they've

166
00:08:58.159 --> 00:08:59.200
<v Speaker 2>created or required.

167
00:08:59.240 --> 00:08:59.759
<v Speaker 1>Oh my god.

168
00:08:59.840 --> 00:09:03.159
<v Speaker 2>And worse still, the material documents the existence of something

169
00:09:03.200 --> 00:09:06.799
<v Speaker 2>called molestation on demand or mod. This is where abusers

170
00:09:06.799 --> 00:09:10.200
<v Speaker 2>actually live stream their crimes, sometimes taking requests from anonymous viewers,

171
00:09:10.200 --> 00:09:10.919
<v Speaker 2>paying in crypto.

172
00:09:11.320 --> 00:09:16.159
<v Speaker 1>That level of organized cruelty enabled entirely by anonymity. It's

173
00:09:16.159 --> 00:09:21.120
<v Speaker 1>hard to process. Okay, Shifting gears slightly, but staying with

174
00:09:21.200 --> 00:09:25.200
<v Speaker 1>severe crime. Human trafficking often called modern flavery.

175
00:09:25.440 --> 00:09:29.559
<v Speaker 2>Yes, and it's incredibly lucrative because it provides a sustained

176
00:09:29.600 --> 00:09:33.639
<v Speaker 2>revenue stream, Unlike say, a single drug sale, one victim

177
00:09:33.840 --> 00:09:37.080
<v Speaker 2>tragically can generate thousands of US dollars per day due

178
00:09:37.120 --> 00:09:38.759
<v Speaker 2>to repeated sale and abuse.

179
00:09:38.840 --> 00:09:42.039
<v Speaker 1>And the dark web provides the ideal platform for these traffickers.

180
00:09:42.120 --> 00:09:45.679
<v Speaker 2>It minimizes their risks significantly. Yes, traffickers use the web

181
00:09:45.720 --> 00:09:49.960
<v Speaker 2>for everything from grooming vulnerable individuals to promoting their illegal

182
00:09:50.000 --> 00:09:53.960
<v Speaker 2>services on hidden classified sites, to coordinating communication with other

183
00:09:54.000 --> 00:09:57.799
<v Speaker 2>criminals across borders, all while hiding behind layers of encryption

184
00:09:57.879 --> 00:10:02.159
<v Speaker 2>and anonymity. It allows these high ill compartmentalize criminal organizations

185
00:10:02.200 --> 00:10:03.240
<v Speaker 2>to operate globally.

186
00:10:03.399 --> 00:10:05.840
<v Speaker 1>Okay. So give the sophistication and the sheer scale of

187
00:10:05.879 --> 00:10:09.320
<v Speaker 1>these global criminal operations, it's clear that simple fixes aren't

188
00:10:09.320 --> 00:10:12.639
<v Speaker 1>going to cut it. What countermeasures are law enforcement deploying

189
00:10:13.080 --> 00:10:15.320
<v Speaker 1>that are actually making a DND in the dark web.

190
00:10:15.600 --> 00:10:18.120
<v Speaker 2>Well, they're combining, you know, traditional police work with some

191
00:10:18.159 --> 00:10:22.360
<v Speaker 2>pretty cutting edge technology. One method is online sping operations.

192
00:10:22.879 --> 00:10:27.320
<v Speaker 2>Police create fake online personas, or they might exploit opportunities

193
00:10:27.360 --> 00:10:30.639
<v Speaker 2>to lure offenders into committing a crime online where it

194
00:10:30.679 --> 00:10:33.879
<v Speaker 2>can be documented and setting up fake sites exactly. Those

195
00:10:33.919 --> 00:10:37.000
<v Speaker 2>are called the honeypot traps, deceptive sites set up by

196
00:10:37.080 --> 00:10:40.519
<v Speaker 2>law enforcements specifically to attract and identify offenders.

197
00:10:40.840 --> 00:10:43.039
<v Speaker 1>And the most famous example of a honeypot trap is

198
00:10:43.080 --> 00:10:46.120
<v Speaker 1>probably Operation Playpen. But the use of malware in that

199
00:10:46.159 --> 00:10:48.559
<v Speaker 1>case raised some major ethical questions, didn't it?

200
00:10:48.559 --> 00:10:51.840
<v Speaker 2>It absolutely did. Back in twenty fifteen, the FBI took

201
00:10:51.919 --> 00:10:55.480
<v Speaker 2>control of this major CSM site called Playpen. They didn't

202
00:10:55.480 --> 00:10:57.600
<v Speaker 2>shut it down immediately, They kept it active for about

203
00:10:57.600 --> 00:11:02.039
<v Speaker 2>two weeks. Why to deploy malware a Network Investigative Technique

204
00:11:02.080 --> 00:11:05.519
<v Speaker 2>or NIT, onto the computers of users accessing the site.

205
00:11:05.559 --> 00:11:09.000
<v Speaker 2>This malware helped them uncover over fifteen hundred user IP

206
00:11:09.120 --> 00:11:10.120
<v Speaker 2>addresses globally.

207
00:11:10.240 --> 00:11:12.639
<v Speaker 1>Wow. Effective but controversial.

208
00:11:12.919 --> 00:11:16.039
<v Speaker 2>Hugely effective. Yes, it was one of the most successful

209
00:11:16.039 --> 00:11:20.559
<v Speaker 2>operations against CM distribution networks, but it sparked intense debate

210
00:11:20.679 --> 00:11:24.960
<v Speaker 2>about the legal limits of government surveillance, especially using malware

211
00:11:25.039 --> 00:11:29.279
<v Speaker 2>to effectively hack into suspects devices without individual warrants for

212
00:11:29.320 --> 00:11:29.919
<v Speaker 2>each user.

213
00:11:30.279 --> 00:11:33.639
<v Speaker 1>Right, So, beyond these operational tactics, what high tech tools

214
00:11:33.679 --> 00:11:36.480
<v Speaker 1>are being used to actually try and pierce that veil

215
00:11:36.519 --> 00:11:38.960
<v Speaker 1>of anonymity to follow the digital breadcrumb?

216
00:11:39.000 --> 00:11:42.559
<v Speaker 2>Okay, we should highlight three major tools here. First, there's OCENT,

217
00:11:42.759 --> 00:11:44.759
<v Speaker 2>which stands for open Source intelligence.

218
00:11:44.960 --> 00:11:46.639
<v Speaker 1>Open source so public.

219
00:11:46.279 --> 00:11:49.919
<v Speaker 2>Information essentially, Yes, it's the legal collection and analysis of

220
00:11:50.039 --> 00:11:53.840
<v Speaker 2>vast amounts of publicly accessible data, even data posted anonymously

221
00:11:53.879 --> 00:11:57.759
<v Speaker 2>can sometimes be linked together. Investigators use sophisticated tools to

222
00:11:57.799 --> 00:12:01.320
<v Speaker 2>sift through this data, visualized connection and map out criminal

223
00:12:01.360 --> 00:12:04.559
<v Speaker 2>networks based on clues left in the open even if fragmented.

224
00:12:04.679 --> 00:12:08.000
<v Speaker 1>Okay, And second is that revolutionary system developed by DARPA,

225
00:12:08.080 --> 00:12:09.519
<v Speaker 1>the Defense Research Agency.

226
00:12:09.759 --> 00:12:11.080
<v Speaker 2>That's the Memex project.

227
00:12:11.360 --> 00:12:14.679
<v Speaker 1>Right. Memes is a highly specialized search tool. It was

228
00:12:14.720 --> 00:12:18.559
<v Speaker 1>designed specifically to index the roughly ninety five percent of

229
00:12:18.600 --> 00:12:21.639
<v Speaker 1>the Internet that commercial search engines like Google just ignore,

230
00:12:21.679 --> 00:12:22.799
<v Speaker 1>the deep and dark web.

231
00:12:23.000 --> 00:12:24.799
<v Speaker 2>And its goal is to shine a light on the

232
00:12:24.879 --> 00:12:27.759
<v Speaker 2>dark Web. How does it do that differently than say Google?

233
00:12:28.320 --> 00:12:32.120
<v Speaker 1>Its key innovation is identifying behavioral patterns rather than just

234
00:12:32.200 --> 00:12:33.559
<v Speaker 1>indexing static web.

235
00:12:33.399 --> 00:12:36.440
<v Speaker 2>Pages behavioral patterns. What does that mean? In practice?

236
00:12:37.000 --> 00:12:41.320
<v Speaker 1>It means memics can potentially identify, say, a human trafficking

237
00:12:41.360 --> 00:12:44.840
<v Speaker 1>network based on recurring patterns in their language, how often

238
00:12:44.840 --> 00:12:49.080
<v Speaker 1>they post ads, specific metadata attached images, even if they

239
00:12:49.120 --> 00:12:52.240
<v Speaker 1>constantly change their user names or the specific Onion addresses

240
00:12:52.279 --> 00:12:52.679
<v Speaker 1>they use.

241
00:12:53.039 --> 00:12:56.159
<v Speaker 2>Ah, so it tracks the activity, not just the location exactly.

242
00:12:56.480 --> 00:12:59.519
<v Speaker 1>Standard search engines just can't track that kind of adaptive

243
00:12:59.519 --> 00:13:03.519
<v Speaker 1>criminal behavior effectively. Memex was built for that dynamic environment,

244
00:13:03.679 --> 00:13:07.000
<v Speaker 1>particularly focused on disrupting human trafficking rings.

245
00:13:07.039 --> 00:13:09.879
<v Speaker 2>Initially okay, and finally, the attempt to break to you

246
00:13:10.000 --> 00:13:13.799
<v Speaker 2>or's core function itself, the traffic confirmation attack. Can you

247
00:13:13.840 --> 00:13:17.240
<v Speaker 2>simplify that one a bit? Sounds incredibly technical? It is technical,

248
00:13:17.320 --> 00:13:20.559
<v Speaker 2>but we can break it down. A traffic confirmation attack,

249
00:13:21.039 --> 00:13:24.919
<v Speaker 2>sometimes called traffic correlation, tries to de anonymize tour users

250
00:13:25.240 --> 00:13:29.879
<v Speaker 2>by exploiting metadata information about the connection, not the content.

251
00:13:29.559 --> 00:13:31.559
<v Speaker 1>Itself, like what kind of metadata?

252
00:13:31.600 --> 00:13:34.240
<v Speaker 2>Well, even though the content of tour traffic is encrypted,

253
00:13:34.600 --> 00:13:37.559
<v Speaker 2>the timing and the volume of data packets like how

254
00:13:37.639 --> 00:13:40.960
<v Speaker 2>much data assent and when are still visible to someone

255
00:13:41.000 --> 00:13:44.240
<v Speaker 2>controlling parts of the network. So if law enforcement can

256
00:13:44.279 --> 00:13:46.919
<v Speaker 2>control both the entry relay node or the user connects

257
00:13:47.000 --> 00:13:49.799
<v Speaker 2>to tour and the exit relay node where the traffic

258
00:13:49.879 --> 00:13:52.200
<v Speaker 2>leads Tour to go to the destination site.

259
00:13:51.960 --> 00:13:54.519
<v Speaker 1>They control both ends of the tunnel precisely.

260
00:13:54.759 --> 00:13:58.120
<v Speaker 2>By comparing the timing and volume patterns of traffic entering

261
00:13:58.120 --> 00:14:01.320
<v Speaker 2>the tour network with the patterns exit, they can sometimes

262
00:14:01.360 --> 00:14:05.399
<v Speaker 2>make a statistical correlation. It's like recognizing someone entering and

263
00:14:05.480 --> 00:14:08.480
<v Speaker 2>leaving a dark maze by the specific rhythm of their footsteps,

264
00:14:08.639 --> 00:14:10.120
<v Speaker 2>even if you can't see them inside.

265
00:14:10.279 --> 00:14:12.639
<v Speaker 1>Got it. So they're timing the encrypted packets to link

266
00:14:12.679 --> 00:14:13.720
<v Speaker 1>the start and end points.

267
00:14:14.200 --> 00:14:17.799
<v Speaker 2>Essentially. Yes, it's a probabilistic method, not fool proof, but

268
00:14:17.879 --> 00:14:20.519
<v Speaker 2>it's one way they try to link a user's real

269
00:14:20.600 --> 00:14:24.240
<v Speaker 2>IP address to the dark website they're visiting by passing

270
00:14:24.320 --> 00:14:25.080
<v Speaker 2>the onion routing.

271
00:14:25.200 --> 00:14:28.799
<v Speaker 1>Okay, it sounds like there are many brilliant but perhaps

272
00:14:28.919 --> 00:14:33.519
<v Speaker 1>isolated efforts underway, But the sources we looked at identify

273
00:14:33.559 --> 00:14:37.799
<v Speaker 1>a pretty massive problem, a lack of cohesive, coordinated strategy

274
00:14:38.000 --> 00:14:41.159
<v Speaker 1>across different agencies and especially across borders.

275
00:14:41.399 --> 00:14:45.919
<v Speaker 2>Exactly that the core problem identified is this decentralized, often

276
00:14:45.960 --> 00:14:49.720
<v Speaker 2>fractured approach to problem solving. Law enforcement in one country

277
00:14:49.840 --> 00:14:52.399
<v Speaker 2>might have one piece of the puzzle. The private sector

278
00:14:52.519 --> 00:14:56.000
<v Speaker 2>like banks seeing suspicious transactions might have another piece. But

279
00:14:56.080 --> 00:14:59.480
<v Speaker 2>there's no single consolidated global platform to put all those

280
00:14:59.480 --> 00:15:02.879
<v Speaker 2>pieces together other effectively. And this lack of coordination it

281
00:15:02.919 --> 00:15:07.399
<v Speaker 2>allows criminals to expertly exploit the seams between different international jurisdictions.

282
00:15:07.559 --> 00:15:10.639
<v Speaker 1>So the proposed solution is quite systemic, something called the

283
00:15:10.639 --> 00:15:12.440
<v Speaker 1>International Data Hub or IDH.

284
00:15:13.000 --> 00:15:16.039
<v Speaker 2>Yes, the IDH is the proposed system aiming to overcome

285
00:15:16.080 --> 00:15:20.679
<v Speaker 2>this fragmentation. The concept calls for a centralized, highly secure

286
00:15:20.759 --> 00:15:25.639
<v Speaker 2>platform designed for what the sources term radical information sharing.

287
00:15:25.799 --> 00:15:27.960
<v Speaker 1>Radical information sharing. What does that entail?

288
00:15:28.120 --> 00:15:32.039
<v Speaker 2>It means blending raw, maybe even unredacted data streams from

289
00:15:32.120 --> 00:15:36.799
<v Speaker 2>multiple sources, crossing traditional private and public sector firewalls to

290
00:15:36.919 --> 00:15:41.639
<v Speaker 2>create a unified, near real time global picture of crime trends, methods,

291
00:15:41.639 --> 00:15:42.440
<v Speaker 2>and hotspots.

292
00:15:42.720 --> 00:15:46.279
<v Speaker 1>In creating this requires a level of collaboration far beyond

293
00:15:46.480 --> 00:15:48.440
<v Speaker 1>just police forces, right. It has to cross into the

294
00:15:48.440 --> 00:15:49.559
<v Speaker 1>banking world, the tech world.

295
00:15:49.600 --> 00:15:53.279
<v Speaker 2>Absolutely. The IDH concept relies on three essential pillars working

296
00:15:53.320 --> 00:15:57.480
<v Speaker 2>together law enforcement agencies globally like the FBI, Interpol, Europole,

297
00:15:57.960 --> 00:16:01.440
<v Speaker 2>the private sector think bank spotting, money laundering, fintech companies,

298
00:16:01.440 --> 00:16:04.480
<v Speaker 2>tech companies whose platforms might be abused, and the community,

299
00:16:04.519 --> 00:16:08.279
<v Speaker 2>which includes local police forces and goos, maybe even the public.

300
00:16:07.960 --> 00:16:10.200
<v Speaker 1>Playing a role that sounds incredibly ambitious.

301
00:16:10.320 --> 00:16:12.720
<v Speaker 2>It is, but this kind of robust partnership is seen

302
00:16:12.759 --> 00:16:15.559
<v Speaker 2>as maybe the only way to build systems resilient enough

303
00:16:15.759 --> 00:16:19.200
<v Speaker 2>to fight these highly adaptive global criminal networks effectively.

304
00:16:19.519 --> 00:16:22.759
<v Speaker 1>But hang on creating a centralized hub that shares highly

305
00:16:22.799 --> 00:16:28.399
<v Speaker 1>sensitive data potentially about victims, ongoing cases, financial details across

306
00:16:28.480 --> 00:16:32.879
<v Speaker 1>international borders that must face monumental hurdles.

307
00:16:32.559 --> 00:16:36.039
<v Speaker 2>Surely, oh, massive legal and ethical hurdles. Absolutely. The two

308
00:16:36.039 --> 00:16:41.039
<v Speaker 2>biggest challenges highlighted are first overcoming data privacy regulations and concerns,

309
00:16:41.080 --> 00:16:45.399
<v Speaker 2>particularly stringent ones like GDPR and Europe, and second, ensuring

310
00:16:45.639 --> 00:16:49.440
<v Speaker 2>truly informed consent from victims, especially in trafficking cases where

311
00:16:49.480 --> 00:16:54.279
<v Speaker 2>sharing their data, even to catch perpetrators is incredibly sensitive. Plus,

312
00:16:54.320 --> 00:16:57.639
<v Speaker 2>you need fluid jurisdictional laws because dark web activity simply

313
00:16:57.679 --> 00:17:02.360
<v Speaker 2>doesn't respect national borders. IDH proposal has to somehow balance

314
00:17:02.440 --> 00:17:05.680
<v Speaker 2>this urgent need for global security with the fundamental right

315
00:17:05.720 --> 00:17:07.960
<v Speaker 2>to individual privacy. It's a huge challenge.

316
00:17:08.160 --> 00:17:10.960
<v Speaker 1>Wow, this deep dive really makes it clear that fighting

317
00:17:11.039 --> 00:17:13.440
<v Speaker 1>crime in the digital age isn't just about tech. It

318
00:17:13.480 --> 00:17:17.559
<v Speaker 1>requires this constant multidisciplinary evolution that's happening right now.

319
00:17:17.839 --> 00:17:22.119
<v Speaker 2>It really does. Combating dark web crime demands this coordinated,

320
00:17:22.200 --> 00:17:26.039
<v Speaker 2>comprehensive approach. It has to balance using cutting edge tech

321
00:17:26.200 --> 00:17:32.119
<v Speaker 2>like memics like traffic analysis with fundamental systemic organizational change,

322
00:17:32.119 --> 00:17:35.200
<v Speaker 2>which is what the IDH proposal represents. We need to

323
00:17:35.279 --> 00:17:39.680
<v Speaker 2>foster these resilient cross sector partnerships, just keep pace with

324
00:17:39.720 --> 00:17:42.039
<v Speaker 2>these incredibly adaptive criminal networks.

325
00:17:42.200 --> 00:17:44.480
<v Speaker 1>Okay, before we close out for the learner listening in,

326
00:17:44.640 --> 00:17:48.759
<v Speaker 1>maybe someone considering using anonymity services like toltor for perfectly

327
00:17:48.839 --> 00:17:53.319
<v Speaker 1>legitimate reasons like journalism or activism in restrictive countries, what

328
00:17:53.440 --> 00:17:56.960
<v Speaker 1>are the most immediate practical tips for staying safe online?

329
00:17:57.039 --> 00:17:58.519
<v Speaker 1>That the source is emphasized.

330
00:17:58.880 --> 00:18:02.240
<v Speaker 2>That's a great point. Do offer specific guidance. First, if

331
00:18:02.240 --> 00:18:05.000
<v Speaker 2>you do use services like tour, you must rigorously detach

332
00:18:05.000 --> 00:18:07.720
<v Speaker 2>your online persona from your real life. Never use your

333
00:18:07.720 --> 00:18:11.359
<v Speaker 2>real email, logins you use elsewhere, or any personal identifiers.

334
00:18:11.680 --> 00:18:16.960
<v Speaker 2>Create a completely separate digital identity. Total separation, total separation. Second,

335
00:18:17.000 --> 00:18:22.000
<v Speaker 2>and this is critical, explicitly avoid downloading any files from

336
00:18:22.000 --> 00:18:24.799
<v Speaker 2>the dark web. Just don't do it. That space is

337
00:18:24.839 --> 00:18:29.640
<v Speaker 2>absolutely rife with malware, ransomware, infection risks, and hidden tracking

338
00:18:29.680 --> 00:18:33.400
<v Speaker 2>code used by both criminals and potentially law enforcement honeypots.

339
00:18:33.440 --> 00:18:35.960
<v Speaker 1>Stick to browsing, not downloading pretty much.

340
00:18:36.160 --> 00:18:40.079
<v Speaker 2>And finally, active identity monitoring is essential anyway these days,

341
00:18:40.079 --> 00:18:42.599
<v Speaker 2>but especially if you engage in activities that might put

342
00:18:42.599 --> 00:18:45.079
<v Speaker 2>you at higher risk, or if any data related to

343
00:18:45.119 --> 00:18:47.240
<v Speaker 2>you has ever been found in a past GATA breach.

344
00:18:47.599 --> 00:18:49.359
<v Speaker 2>Keep an eye on your digital footprint.

345
00:18:49.759 --> 00:18:53.200
<v Speaker 1>That's excellent practical advice, focus precisely on the risks within

346
00:18:53.240 --> 00:18:56.880
<v Speaker 1>that specific environment. Okay. Finally, the complexity of the dark web,

347
00:18:56.880 --> 00:18:59.160
<v Speaker 1>as we've discussed, it really forces us to confront a

348
00:18:59.160 --> 00:19:01.400
<v Speaker 1>pretty foundational societal question, doesn't it.

349
00:19:01.400 --> 00:19:05.480
<v Speaker 2>It absolutely does. It makes us confront a fundamental trade off. Really,

350
00:19:06.079 --> 00:19:09.440
<v Speaker 2>how much individual privacy are we as a society willing

351
00:19:09.480 --> 00:19:13.200
<v Speaker 2>to yield in the name of universal security, Especially when

352
00:19:13.200 --> 00:19:16.880
<v Speaker 2>the very same cryptographic tools that empower journalists and whistleblowers

353
00:19:16.960 --> 00:19:21.079
<v Speaker 2>enabling freedom of expression are simultaneously the tools used by

354
00:19:21.079 --> 00:19:24.240
<v Speaker 2>the most heinous criminals to perpetrate abuse and exploitation at

355
00:19:24.279 --> 00:19:27.599
<v Speaker 2>tension exactly that inherent tension between privacy and security. It's

356
00:19:27.759 --> 00:19:30.440
<v Speaker 2>not going away. It will likely continue to define debates

357
00:19:30.440 --> 00:19:34.079
<v Speaker 2>around governance, technology, and civil liberties for the foreseeable future.