A mirror copy of the BBC’s international news website is now available to users on the so-called dark web.
The site is the result of a collaboration between the BBC and Alec Muffett who in 2017 launched something called the Enterprise Onion Toolkit (EOTK) to make it easier to create dark web mirror sites. Muffett tweeted:
I should probably admit: this has been a 2 year project, though it could only have been brought to fruition with the partner/involvement of both @OpenTechFund & the BBC.
As well as English, versions for the BBC’s Arabic, Persian and Russian services will also be available.
The Corporation isn’t the first news organisation to do this with EOTK – Facebook and The New York Times mirrored their sites in 2014 and 2017 – but it’s still a big advert for what remains a largely mysterious part of the internet.
But what is the ‘dark web’ and why might the BBC and others want to mirror themselves on it when you can already access the standard site using Tor?
Not so dark
The dark web gets its name the fact users must access it unconventionally using a browser designed to connect via dedicated privacy-preserving routing networks, principally Tor. Because of its private nature, it has a reputation for hiding shady websites (child abuse imagery, drugs, weapons, etc).
While it’s true that the dark web is used for criminality, it could just as easily be used to preserve privacy and anonymity for positive reasons too.
That includes people in countries that censor news content and that may spy on those who try to access it, which is why the BBC and others are interested.
As already noted, users can already gain access visiting the standard BBC site using the Tor browser, but there’s a potential problem with this – malicious Tor exit nodes.
We won’t delve into the inner workings of Tor (see previous coverage), but suffice to say that exit nodes – the last router before traffic is directed to the real site – have been under attack by nation-states looking to compromise and spy on Tor users for some years.
EOTK’s answer to that is to create an .onion proxy that mirrors the standard site, in other words allowing traffic to enter Tor but not leave it, bypassing the exit part.
For the BBC’s new site that’s https://www.bbcnewsv2vjtpsuy.onion/, while for the NYT it’s https://www.nytimes3xbfgragh.onion/ (notice the use of HTTPS to secure the first hop between the user and Tor itself).
Importantly, .onion addresses are self-authenticating and can’t be spoofed by surveillance attempting to lure users to a fake version of a site as a way of unmasking them.
You also can’t accidentally plug on into a standard browser and visit it by mistake because it won’t work.
The BBC has a history of embracing services such as these – in 2015 it announced local language channels on the encrypted Telegram app designed to beat Russian and Iranian censorship.
All of this might seem a bit removed from everyday internet concerns, but there is a growing band of advocates who believe that digital privacy has become a major battleground that will define the future of society itself.
Tor is only a part of that, but the model it proposes of an internet overlay where privacy is preserved is not universally popular with governments and commercial organisations who would like to watch what people do and why they are doing it.
from Naked Security https://ift.tt/2BMI0T6
0 comments:
Post a Comment