A NOOb's Guide to the Dark Web
by Kim Crawley
Before I get a chance to read it, I already know that this issue of 2600 is full of esoteric hacks and little known vulnerabilities. That's great; that's the sort of material that 2600 readers can always depend on. It's why 2600 is as important now as it was back in 1984, the year both myself and this fine publication were born.
But for every handful of 2600 readers who know how to print "Hello world" to the LCD displays of IoT refrigerators from their phone without having to look up how to do it, there's got to be a reader who hears "Dark Web this," "Dark Web that," and doesn't know how to access it. Everyone's a nOOb at some point in their lives. For you dear nOObs, this article is for you.
What is the Dark Web?
The Dark Web is the corner of the World Wide Web that's only accessible with anonymizing technologies such as special combinations of proxy servers and encryption. The Dark Web consists of web pages that you usually can't load in your web browser without a Tor, Freenet, or I2P client of some kind. It's often confused with the Deep Web. Don't be fooled - the Deep Web is the part of the World Wide Web that can't be easily searched with Google or Duck Duck Go because the web pages are so old and/or they don't have many links that webcrawler bots can use to find them. Illegal drug marketplaces are part of the Dark Web.
The Spice Girls fan website I made on Angelfire in 1996 that I hope no one finds is part of the Deep Web. It's an important distinction. Sometimes the Dark Web is considered to be a part of the Deep Web because any web page that can't be web searched in a more conventional way is Deep. But keep in mind that most of the Deep Web isn't part of the Dark Web. Whew!
Understanding the culture of the Dark Web requires the sort of nuance that the mainstream media typically lacks. Yes, people often use the Dark Web because they're engaging in illegal activity and they don't want to be traced by law enforcement. The Silk Road and several other illegal drug marketplaces have come and gone from the Dark Web over the years. Script kiddies often buy malware scripts on the Dark Web so they can engage in various cyber attacks without having to code. Someone who sells child pornography will use the Dark Web for distribution and cryptocurrency as payment. Think about that for a second.
Both the Dark Web and cryptocurrency enable the evil exploitation of children. But why do laypeople hear "Bitcoin" and associate it with getting rich quick, but they hear "Dark Web" and think about bad people doing bad things? Both the Dark Web and cryptocurrency are means for bad people to do bad things. But so are BIC lighters. Fire is a deadly weapon or a lifesaver from hypothermia depending on how someone uses it.
Sometimes people use the Tor network and the Dark Web because they're journalists who need to share information about the dangerous politicians who would have them arrested. Edward Snowden's NSA leaks and Vault 7 on WikiLeaks should have taught everyone that the American government and other powerful entities will exploit the Internet in order to violate the privacy of innocent people. No national governments or large corporations are without some degree of corruption and evil.
Now law enforcement may be able to track the movement of your IoT car and look at the contents of your IoT fridge. They might use Google Home or Amazon Echo or your child's nifty new toy to watch her while you read her a bedtime story.
Whether or not something is legal doesn't determine whether or not something is moral. But cracking down on child pornographers is a very good thing to do. I just hope law enforcement uses the Dark Web to investigate pedophiles without violating the rights of people who have no reason to be suspects. That won't happen, of course.
What's Tor?
Tor is The Onion Router network. Tor is one of the technological backbones of the Dark Web. You will need to install a Tor client in order to access it. Freenet and I2P are technologically similar but different routing technologies that are used in the Dark Web. But Tor is the most widely implemented and using Tor gives you access to more of the Dark Web than any other system. Interestingly enough though, only about three percent of Tor network traffic is used for the Dark Web! For the sake of simplicity, this guide focuses on Tor, but you should be aware that there are alternatives.
Development of Tor started in 1995. Visit www.onion-router.net/History.html for further details. The Tor design document (svn.torproject.org/svn/projects/design-paper/tor-design.pdf) was published in 2004. Only in the past decade or so have easy-to-use stable Tor clients been available that make using Tor really simple for people who aren't computer networking geeks.
Here's how Tor works in a nutshell. Tor protects against traffic analysis Internet surveillance. Tor usually makes it very difficult for third-parties to figure out which Onion-routed Internet servers have been sending data to your client machine, whether it's a PC, smartphone, touchscreen ARM system embedded in a women's clothing store mannequin, or whatever. It's called The Onion Router because your Internet traffic within that network is routed between metaphorical layers of proxy servers, like an onion.
This is how The Tor Project describes its name:
"Because Tor is the onion routing network. When we were starting the new next-generation design and implementation of onion routing in 2001-2002, we would tell people we were working on onion routing, and they would say 'Neat. Which one?' Even if onion routing has become a standard household term, Tor was born out of the actual onion routing project run by the Naval Research Lab. (It's also got a fine translation from German and Turkish.)
Note: even though it originally came from an acronym, Tor is not spelled 'TOR.' Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong."
Web URLs on the Tor network use the .onion top-level domain.
This is what happens when a client machine successfully uses the Tor network. The user's Tor client acquires a list of available Tor nodes from a directory server. When the user tries to access a web page from a Tor URL, a random path will be taken through available Tor nodes and proxy servers. The traffic's entrance to the Tor network goes through an entry node, the traffic is routed through a few random proxy servers, then the traffic is routed to the desired Tor network Internet resource, such as a web server, through an exit node. Traffic to the entry node and traffic that leaves the exit node is in plaintext, whereas all of the traffic inside the Tor network is encrypted. Traffic from the Tor-delivered website back to the client machine, such as HTML web pages and web page embedded media, gets sent back through the same path in the opposite direction. Keep in mind that Tor isn't just used for the web, but also for many other Internet services such as IRC chat or email. But Tor web browsers are the most frequently used Tor clients.
People volunteer to operate Tor entry and exit nodes and proxy servers. The Tor network is physically manifested worldwide just as all of the other parts of the Internet are which aren't a part of the Tor network.
Here's the best way to use Tor to access Dark Web sites:
The Tor Project recommends that you use the open-source Tor browser in order to access Tor-protected websites. There are Tor browsers for Windows, MacOS, Linux, and Android which can be downloaded from www.torproject.org/download/. Alternatively, you can compile Tor browser from source code that can be found through the same web page.
You can use the Tor browser to access ordinary websites, not only .onion websites. Feel free to test www.2600.com in your Tor browser. It should work just fine.
Keep in mind that any web page you access through the Tor browser will probably take longer to download than when you visit web pages outside of the Tor network. Routing web traffic through proxy servers slows it down. That's why I don't use the Tor browser to access ordinary websites, but your mileage may vary.
When you launch the Tor browser, you need to activate a connection to the Tor network through the browser's GUI. The Tor browser's GUI will also indicate whether or not you're securely connected to the Tor network at any given time. You can only access ".onion" websites while you have an active connection to the Tor network.
The Tor network recommends that you don't install web browser plugins in your Tor browser. If you like to use specific web browser plugins for any particular reason, you should be doing so while using a mainstream web browser such as Chrome, Firefox, or Safari. Some plugins such as Adobe Flash can reveal your IP address to third-parties and The Tor Project doesn't want to take that risk.
BitTorrent clients will usually ignore proxy server settings. Also, torrenting generates a lot more traffic than most other Internet services typically do. It's probably technologically possible to develop a BitTorrent web application if it hasn't been done already. If they exist, you shouldn't use them with your Tor browser. For security and practicality reasons, BitTorrent doesn't play nicely with Tor. Please don't do it!
The Tor Project recommends that you always use HTTPS (via port 443) instead of HTTP (via port 80). HTTPS Everywhere is built into the Tor browser for that purpose. Using HTTPS means that your web traffic outside of the Tor network will also be encrypted.
Google and Duck Duck Go won't work very well when you want to search for a Tor webpage. Also, ".onion" URLs tend to change a lot more frequently than typical web URLs do. If you want to do a web search of Tor-protected websites, I recommend trying Ahmia at ahmia.fi or Torch Tor Search at www.torchtorsearch.com.
There are lots and lots of Dark Web and Deep Web sites that don't exist to sell cocaine or malware or kiddie porn or firearms. Using Tor is perfectly legal in most countries. It's only the contents and activities on some Dark Web sites that are generally illegal.
Happy hunting!