Wikipedia:Reference desk/Archives/Computing/2023 December 30

= December 30 =

Taking down a darknet website
BlackCat (cyber gang)'s website was recently taken down by the FBI. Why did it take so long; why could this not be done in 2021, soon after their malware was first observed? My (probably naïve) thinking is that they have to use non-dark routes of the internet part of the way. Why can't those routes be blocked (or maybe better: quietly monitored to get a hold of their masterminds)? ◅ Sebastian Helm 🗨 16:48, 30 December 2023 (UTC)
 * To properly take down a web site, the servers would have to be confiscated. So they would have to be somewhere where FBI has jurisdiction, else they need cooperation from another authority. Routes can easily be bypassed with VPN's or TOR. Or the IP number or name of the servers can be changed to enable them top pop back up, even if ISPs block them. Graeme Bartlett (talk) 20:46, 30 December 2023 (UTC)


 * If you want to take down a normal website, you only need to disrupt the domain name resolution. The prime example is ThePirateBay.org. It is well-known that that particular website hosts tor links to illegal movie and music files. If the U.S. government were to demand that the domain name (thepiratebay.org) was redirected to a dummy website, it will be more difficult (not impossible) for the average user to access the website. U.S. Congress formed a comittee many years ago to discuss the possibility of demanding a domain name be redirected. However, when it came time to read a report on their observations before Congress, many people on the Internet (including Wikipedia) had a very strong negative reaction and had a world-wide "black out the Internet" campaign that kept the comittee from releasing anything discussed. So, instead of knowing what the government thought about it, we just had a day of a bunch of black websites keep us all in the dark.
 * The dark web doesn't use public DNS. So, it is not a simple matter of redirecting the domain name to another website. There are two options. You can take over the IP address or you can take over the servers (or both). The IP addresses were managed by organizations outside the control of the FBI. So, they had to take over the servers. It was time consuming, but not really hard. Security commonly fails because humans are insecure. That applies even to hacker organizations. The humans failed. The FBI gained access to the servers, spied on their organization for a time, and then took over the servers. They also released the decryption program for free so victims could get back their data. The FBI certainly could have done it all much fater than they did. But, it is the government. It moves very slow. There is a lot of paperwork and red tape. Also, the goal was not to quickly shut everything down. It was also an intelligence gathering mission. All in all, this is the new spy vs spy arena. Of course, I do not expect a Jerry Bruckheimer film about a handful of computer nerds in a DC cubicle farm trying to hack key pairs and reverse engineer encryption algorithms. 97.82.165.112 (talk) 15:32, 1 January 2024 (UTC)


 * Thanks to both of you for your educative replies. As for the film: I'm not a movie buff, but I seem to remember that there was a film with a similar topic. Maybe I'm confusing it with A Beautiful Mind, which also covers a nerd working on reverse engineer encryption algorithms. But I'm digressing. ◅ Sebastian Helm 🗨 08:06, 3 January 2024 (UTC)