A Quick Guide to the Dark Web

You may have heard the “dark web” or the “deep web” before. The dark web is a place where you can find all manner of things that you would not be able to find on the regular web (or “clearnet”).

First, a terminology distinction. “Dark web” and “deep web” are often used interchangeably, but they refer to separate things. The “deep web” refers to any portion of the Internet that is not indexed by a search engine. This includes things like your email and online banking pages. The “dark web”, however, refers to websites that are only accessible through anonymizing networks like Tor and I2P. The deep web encompasses the dark web, but not vice versa.

On the dark web, you probably already know that you can find things like marketplaces that sell drugs, vendors that sell software exploits, and certain less legal types of pornography. However, you may not know that you can also find regular websites that happen to have a hidden service set up, such as DuckDuckGo (a search engine).

There is no Tor equivalent of ICANN that sets the rules for registered domains, and there are no domain registrars where you have to buy a domain. Instead, anyone who runs the Tor software can run a hidden service (or “onion”).

Although Tor can technically be accessed using any browser as long as you proxy through the Tor software, it is strongly recommended that you only use Tor through the Tor Browser. This will maintain your anonymity much better and help prevent fingerprinting.

Downloading and installing Tor Browser is very simple. All you need to do is go to the Tor Browser download page, download the relevant file for your operating system (probably Windows), and then run the installer. You should now have an icon to launch the Tor Browser on your desktop.

Using the Tor Browser is as easy as using any other web browser. In fact, you may even notice that the Tor Browser interface looks familiar. This is because Tor Browser is based on Firefox.

Why you should use Tor

You may think that the only people who need to use Tor are criminals, but you would be wrong. There are many legitimate reasons to use Tor.

Perhaps you live in a country that wants to censor various websites on the Internet. Tor can help you get around these blocks.

Or maybe you live in a country where you don’t have free speech, but you still want to post things the government may not approve of anonymously.

Maybe you just worry about privacy and don’t want your ISP, your employer, and a dozen other companies to be able to see which websites you are browsing.

In any case, it’s not a crime to want to be anonymous. Tor is simply a tool, and how you use it and the websites you browse are completely up to you.

Even if you don’t have much reason to use Tor yourself, consider using it for the sake of other people. One person cannot be anonymous, so if there were only one person using Tor, it would not work. The more people use Tor, the more traffic there is to provide cover for the people who really need anonymity. (See more on this in the next section.) Also, using Tor for everyday browsing helps legitimize it in a world where most people think it is only used to buy illegal drugs.

How Tor works

The concept of Tor is very simple. You have a problem: when you visit a website, that website (and the intermediary networks you connect through, like your ISP) knows what your IP address is, and this can sometimes uniquely identify you. It also gives away your geographical location.

You could use a regular VPN or proxy to hide your IP address, but the problem with these is that the VPN or proxy provider can see what websites you are connecting to as well.

Tor solves this problem by using onion routing. When you connect to a website, the packets are sent through three different nodes and encrypted separately three times. When a packet arrives at the first node, it decrypts the outer layer of encryption. All it knows is the IP address of the second node, and the encrypted data to send to it. The same thing happens at the second node, and finally the packet arrives at the third node where the final layer of encryption is peeled off and your packet is sent to the website you are connecting to.

As you can see, it is called onion routing because layers are peeled off at every point. No single Tor node knows both where the packet is coming from and where it is going. Tor removes the need to trust a single point of failure. This protects your anonymity.

Things to remember for staying anonymous

Using the Tor Browser is not the only thing you need to do in order to stay anonymous. You will need to change your browsing habits as well.

  1. Never login to any account (like Facebook) that you have used on the clearnet. This may tie your browsing session to your identity.
  2. Use a higher security level. Tor Browser comes with 3 security levels: Standard, Safer, and Safest. By default, it is set to Standard. However, you may want to consider using Safest or at least Safer to make you less likely to be deanonymized. See Why You Should Disable JavaScript on Tor for why this helps. This will disable JavaScript, so some websites might break.
  3. Consider using a VPN in addition to Tor. If there is a vulnerability in Tor that reveals your IP address, it is better if you only reveal the IP address of your VPN and not your home network.
  4. Don’t change the size of the browser window. If you attempt to resize the window, Tor Browser should warn you that this is not safe to do. This is because websites can calculate the size of your window (even without JavaScript) and use it to fingerprint you if that size is unique. The default size that Tor Browser opens with is the optimal anonymous size for your screen. This also means you should not fullscreen your window either.
  5. Do not reuse information that you have used on the clearnet. This includes your name, your email address, your password, your photos, and even things like quotes that you might attach to your account. Doing this could tie a link between your real world identity and your Tor identities.
  6. Disconnect devices like microphones and webcams that you may have connected to your computer. In theory, Tor Browser should ask if you a website wants to use these anyway, but if there is a vulnerability in the browser then this prompt might be bypassed.
  7. Consider using Tor Browser on a computer that you only use for browsing dark web sites and nothing else. If there is a vulnerability in the browser and the attacker gains access to your filesystem, they may be able to pull identifying information out of it, like any documents you might have lying around.

Leave a Reply

Your email address will not be published. Required fields are marked *