What is the Dark Web?
You already know about websites like Wikipedia, Google, Amazon, YouTube, and Facebook. But they’re only a small part of the internet. Beyond those popular websites are sites hidden away and not readily available to the general public. That space is where the Dark Web and the Deep Web exist.
The Dark Web, or Darknet, is a general term for a collection of websites on an encrypted network with hidden IP addresses – all of which gives users strong anonymity protection. Because they are not indexed by traditional search engines, you can only access them with special anonymity browsers, such as I2P, Freenet, and the most common, The Onion Router (TOR) bundle.
You can read more about how Tor works here.
The Dark Web is Not the Same as the Deep Web
The Deep Web is all the sites on the web that can’t be reached with a search engine. Although this includes sites on the Dark Web, it also includes sites that serve more mundane functions, such as business intranets, webmail platforms, databases, online banking platforms, and services that usually require a password or other means of authentication.
These are found and accessed directly with a URL or IP address, and are hidden behind firewalls, paywalls and HTML forms. Because all these other pages are included in the Deep Web, the Deep Web is actually far more vast than the regular internet (also known as the Clear Web).
How to Access the Dark Web Safely
The main gateway to the Dark Web is the Tor browser. This is an encrypted network of volunteer relays around the world through which users’ internet connections are routed.
Although the relays are an integral part of what makes Tor anonymous, they can also lead to slow connections. This is because rather than connecting directly to the server of the website you want to get to, you first have to go through the relays, which are often purposely scattered around the globe. Also, since the system is decentralized, not all the relays have the same CPU, meaning that while some are fast and powerful, others might operate at a snail’s pace.
The easiest way to browse web pages is to download and install the Tor browser bundle. Tor URLs end in the suffix.onion. Unlike.com websites, the URLs are usually complex and difficult to remember, and websites will often change their URLs in order to evade detection and DDoS attacks.
When you’re on the Dark Web, ISPs – and by extension, the government – might not be able to view your activity, but they will know you are on the Tor Network. This alone is enough to raise eyebrows in some countries.
That’s why we recommend accessing Tor using a VPN. That way, your internet traffic is routed through the VPN before going through the Tor Network and finally reaching its destination. With this method, your ISP only sees the encrypted VPN traffic, and won’t know you’re on the Tor network.
The major concern with using Tor over a VPN is that it requires you to trust your VPN provider, as the provider may see that you are using Tor. To mitigate this issue, use a VPN that does not log your activities, and connect to your VPN before opening the Tor browser.
Use These Steps as a Guide
Step 1. Get yourself a good VPN service
That means one that doesn’t keep logs, has no DNS leaks, is fast, is compatible with Tor, and which (preferably) accepts Bitcoin as payment. Here are some of the most trustworthy. If you’re new to VPNs, this handy tutorial will teach you everything you need to know.
For this example, we’re using the VPN CyberGhost. Open the VPN and connect to a server in your chosen location. This will change your IP address, making it appear as if you’re connecting to the web from a different location than your real one.
Step 2: Download and install the Tor browser bundle
Before you do though, check that your VPN is running. Also be sure to download Tor from the official Tor project website.
Once it’s installed, look for the Tor Browser folder and click on the “Start Tor Browser” file inside it.
A new window will open asking you to either click on the “Connect” or “Configure” button. Click on the “Connect” option to open the browser window.
Step 3. Start browsing.onion websites
When you open Tor on your computer, you’ll automatically be directed to the search engine DuckDuckGo. While DuckDuckGo is designed to provide extra privacy and encryption while searching the web, you shouldn’t think of it as the dark web version of Google.
That’s because even in Tor, DuckDuckGo searches the clear web. That means if you do a keyword search, you’re results are going to be basically the same as what you would find on the regular internet.
Fortunately, there are Dark Web search engines that will bring you to.onion sites. These include:
- Welcome to Dark Web Links (http://bznjtqphs2lp4xdd.onion/)
- Candle (http://gjobqjj7wyczbqie.onion/)
- not Evil (http://hss3uro2hsxfogfq.onion/)
Just make sure to always turn on your VPN before opening Tor and starting a web surfing session.
The Dark Web Isn’t Just for Criminals
The anonymity provided by the Dark Web is certainly attractive to those looking to buy or sell illegal goods such as drugs, weapons, or stolen data.
But there are also legitimate reasons for using the Dark Web. In past years it has gained popularity as a safe haven for whistleblowers, activists, journalists, and others who need to share sensitive information, but can’t do so out in the open for fear of political persecution or retribution by their government or other powerful actors.
Police and intelligence agencies also use it to monitor terror groups and keep tabs on cybercriminals. Additionally, corporate IT departments frequently crawl the Dark Web in search of stolen data and compromised accounts, and individuals may use it to look for signs of identity theft.
In many circles, the Dark Web has become synonymous with internet freedom, especially as nation states continue to clamp down on it. It now plays host to a number of media organizations involved in investigative journalism, such as ProPublica and the Intercept. Most notably, WikiLeaks – the website that publishes classified official materials – also has a home on the Dark Web. Even Facebook maintains a presence there in order to make itself accessible in countries where it is censored by the government.
5 Positive Things to Do on the Dark Web
1. Exchange information in countries with internet censorship
Tons of countries, like China, Qatar, Cuba, Turkey, and Russia censor online content that promotes political dissidence or what they consider obscene (e.g. content relating to homosexuality). The Dark Web offers a forum where none of these restrictions exist.
2. Expose abuses of power
The Dark Web allows journalists and political activists to report on stories that could get them in trouble with dictatorial regimes or governments bent on infringing on an individual’s right to privacy.
As mentioned above, one popular way to share information WikiLeaks. If you have documents you’d like to upload, you can do so here: http://wlupld3ptjvsgwqw.onion/wlupload.en.html
3. Buy restricted goods
Although we at vpnMentor don’t condone buying illegal goods, we can’t help but acknowledge certain instances in which such purchases could be justifiable.
For instance, some painkillers and sleep aids that are common in Europe are illegal in many Middle Eastern and Asian countries. Plus, with an estimated 15.5% of Americans without health insurance (and many more with high deductible plans) many people have no access to the prescription medications they need.
That said, the lack of oversight on the Dark Web makes this extremely risky – though some in dire straits are likely to take that risk.
4. Buy legal goods anonymously
Life is a rich tapestry, and we don’t have to list the type of stuff people buy that they might want to keep private. Buying on Dark Web marketplaces can add a level of privacy to your shopping experience that you just won’t find on Amazon.
And for the particularly security conscious, the Dark Web can simply provide an extra layer of protection when buying anti-surveillance tools.
It should be noted, however, that while the products themselves may be legal, there are definitely instances in which sellers hawk merchandise that’s been illegally obtained or stolen.
5. Simply use the internet anonymously
You might be surprised to find out the Dark Web hosts a lot of websites similar to those you would find on the clear web. These include blogs, gaming sites, social media networks, and super-encrypted email platforms. Some popular email services are Proton Mail (https://protonirockerxow.onion/login) and MailtoTor (http://mail2tor2zyjdctd.onion/).
Surfing the Dark Web Isn’t Illegal, but It Can be Dangerous
You can’t be charged with a criminal offense for simply searching the Dark Web, but you can get in trouble for using it to carry out illegal activity; headlines about police operations that involved the Dark Web and child pornography, drugs, or hackers dumping stolen data are not infrequent.
Moreover, the anonymity of the Dark Web also makes it notoriously risky. Since there’s no oversight, it’s teeming with scammers. That said, one can maintain one’s safety by simply following the same basic security rules that apply to the normal web: Always be careful about the links you click because some can be misleading, and avoid sites or links that advertise illegal, disturbing, or dangerous content you don’t want to see.
Is the Tor Browser Completely Anonymous?
Similarly, in October 2017 the security firm We Are Segment identified a vulnerability in Tor that was affecting some Mac and Linux users. This vulnerability, which became known as TorMoil, caused IP addresses to be leaked when users accessed URLs that began with file://, rather than http:// or https://. We Are Segment notified the Tor developers, who promptly fixed the error by updating to a new version of the web browser.
In order to address these issues, the Tor Project has recently improved security and privacy by strengthening its encryption. It also gives web developers the tools to build fully anonymous Darknet sites (known as hidden services, or rendezvous points) that can only be discovered by those who know the site’s URL.
Extra Precautions You Should Take to Maintain Your Anonymity
Although Tor is encrypted, and by using it with a VPN the IP addresses of yourself and the websites you visit will be hidden, if you want to remain totally anonymous on the Dark Web, you should take the following extra security measures:
- Never use your real name or photos
- Never use an email address or even a password that you have used before
- Instead, use an anonymous encrypted email account and aliases that you have never used before and that cannot be traced to you
- Use an anonymous Bitcoin wallet to make purchases. If you’re new to Bitcoin, or just want to learn more about it, you can find everything you need to know here.
- Do not change the Tor browser window size to avoid browser fingerprinting
- Don’t torrent over Tor, because even though your non-Tor IP address will be anonymized to the tracker, it could still be visible to the other peers in the network
- Use HTTPS versions of websites. This is because once your web traffic goes through Tor’s encrypted network, it still has to go through an exit relay in order to reach the website you’re trying to get to. At this point your data could be exposed to a third party, which could even insert an exploit into your browser. URLs beginning with HTTPS prevent this.
- Disconnect from the internet before opening documents downloaded through Tor, as downloading them while online could be used to reveal your non-Tor IP address
- Consider using the TAILS operating system (which is booted as a live DVD or live USB), as this leaves no digital footprint on the host machine
Criminal Cases Involving the Dark Web
Although we believe the Dark Web should be used for promoting free speech and bypassing censorship, there’s no denying that the press tends to focus on the more shady activity that goes on there. Here are some of the most high profile stories that have come out in recent years:
- Silk Road: Perhaps more than any other website, the Dark Web brings to mind Silk Road. Silk Road began as the invention of a libertarian idealist who wanted to sell home-grown mushrooms for Bitcoin, and ended up hosting 1.2 billion dollars worth of deals involving drugs, firearms, hits, counterfeit cash, and hacker tools. Five of the hits were commissioned by the site’s creator, Ross Ulbricht, known on Silk Road as the Dread Pirate Roberts. Ulricht was ultimately caught because of an old post to a regular website in which he promoted Silk Road in its early days. His mistake: using his real email address.
- AlphaBay: Following the shuttering of Silk Road, AlphaBay became the most prominent Dark Web marketplace. When AlphaBay went down in 2017, it was because of security missteps even more basic than those of the Dread Pirate Roberts. Among other blunders, founder Alexandre Cazes used his legitimate email address for communications on the site (email@example.com), kept several unencrypted cryptocurrency wallets constantly open, and re-used the same pseudonym on and off the Dark Web. And when the cops busted into his home in Thailand to arrest him, he was logged onto the AlphaBay server with the username “admin.”The computer was unlocked and unencrypted, and contained text files of passwords used on the site, as well as a document listing the type and location of all his financial holdings that was titled in bold “TOTAL NET WORTH.” Several days after his arrest, Alex Cazes was found dead in his prison cell, apparently having committed suicide.
- The Playpen Case: Although it only existed for seven months, the child pornography site Playpen managed to amass 215,000 users before the FBI gained access to its host server via information provided by a foreign law enforcement agency (which has not been publicly identified). Instead of just shutting the site down, the FBI continued to host it on its own servers for two weeks, during which it used a Flash app to capture 1,300 IP addresses belonging to site visitors. This led to the arrest of nearly 900 users around the globe, including Playpen’s creator, Steven Chase (may he burn in hell).
- The Ashley Madison Case: In 2015, the hacker group, the Impact Team, breached a dating site for extramarital affairs called Ashley Madison. The hackers threatened to release users’ personal information unless the website and its sister site, Established Men, were shut down. A month later, when their deadline wasn’t met, the Impact Team started publishing data on the Dark Web.
Over the course of several dumps, information was revealed that included the email and IP addresses of 32 million members, the email correspondences of the CEO of Ashley Madison’s parent company, and the website’s source code. The hacker’s stated motivation was 1) an objection to the site’s primary purpose, and 2) the site’s practice of forcing users to pay to delete their accounts (which were even then not fully scrubbed from the servers).Because Ashley Madison didn’t require email verification to create a profile, it would have been easy to create accounts using someone else’s email address, and then use this to extort them. Although we still don’t know who was responsible for the attack, one can speculate that they were someone affected by these poor security practices.
On a final note, vpnMentor encourages everyone who uses the Dark Web to do so responsibly. Offensive material can sometimes be just a click away. Browse at your own risk, and never break the law.