How to Access the Darknet and Deep Web Safely & Anonymously
Guide: How to access the deep web and darknet
Google only indexes a tiny fraction of the internet. By some estimates, the web contains 500 times more content than what Google returns in search results. The links that Google and other search engines return when you type in a query is known as the “surface web,” while all the other, non-searchable content is referred to as the “deep web” or “invisible web”.
Most of that information is hidden simply because the vast majority of users won’t find it relevant. Much of it is tucked away in databases that Google is either not interested or barred from crawling. A lot of it is old and outdated. The contents of iPhone apps, the files in your Dropbox account, academic journals, court records, and private social media profiles are all examples of data that aren’t necessarily indexed by Google but still exist on the internet.
Deep web vs darknet
The deep web is often confused with darknet, also called dark web, black web, and black net. Put simply, the deep web is all of the information stored online that isn’t indexed by search engines. You don’t need any special tools to access the deep web; you just need to know where to look. Specialized search engines, directories, and wikis can help users locate the data they’re looking for.
Many of the best general deep web search engines have shut down or been acquired, like Alltheweb and CompletePlanet. Still, a few are hanging around to get you started:
- DeeperWeb – Google’s deep web search engine.
- The WWW Virtual Library – The original index of the web, but more of a directory than a search engine.
- Surfwax – Indexes RSS feeds. Not certain this is still working…
- IceRocket – Searches the blogosphere and Twitter
These are all okay, but specialized search engines tend to be better than general ones for finding info on the deep web. If you’re looking for a court case, for example, use your state or country’s public records search. If you need academic journals, try Google Scholar or J-Store. The more specific you can be, the better, or else you’ll just end up with the same search results that you would find on Google. If you need a specific file type, like an Excel file or a PDF, learn how to specify searches for that type of file (e.g. type “filetype:PDF” in your DeeperWeb query).
The darknet is a small part of the deep web that is kept hidden on purpose. Websites and data on the dark web do typically require a special tool to access. The type of site most commonly associated with the dark web are marketplaces where illicit goods such as narcotics, firearms, and stolen credit card numbers are bought and sold. The darkest corners are used to hire hitmen, engage in human trafficking, and exchange child pornography. More than that, though, the dark web contains content and data that can be accessed with anonymity. It could be a blog, forum, chat room, or private gaming server.
The beauty of the darknet is anonymity. No one knows who anyone else is in the real world, so long as they take the necessary precautions. Users are free from the prying eyes of governments and corporations.
The dark web and Tor are often used by journalists and whistleblowers to exchange sensitive information, including Edward Snowden himself. The Ashley Madison data dump, for instance, was posted to a site only accessible to Tor users.
The darknet is not a single, centralized place. Just like the surface web, it is scattered among servers around the world. But the most common way to access darknet networks is through Tor, short for The Onion Router. Darknet website URLs are often appended with “.onion” in lieu of “.com” or “.org”, indicating they are only accessible to Tor users.
Tor is a network of volunteer relays through which the user’s internet connection is routed. The connection is encrypted and all the traffic bounces between relays located around the world, making the user anonymous.
So how does one get on the Tor network? The easiest way is to download and install the Tor Browser. Based on Firefox, you can surf the web just like any other web browser, except all your traffic is automatically routed through the Tor Network. Make sure to download the Tor Browser only from the official website, lest you risk downloading malware, spyware, or some other virus to your device. Officially, the Tor Browser is only available on Windows, Mac, and Linux, so many experts advise against using third-party mobile browsers that utilize the Tor Network.
Once Tor Browser is installed, you can now access those .onion websites.
Navigating the dark web
Obviously, finding these .onion websites is the first challenge, as they won’t show up in Google search results. A handful of search engines that do index .onion sites include Onion.city, Onion.to, and NotEvil. To search multiple marketplaces for specific products, particularly drugs and narcotics, there’s Grams.
Reddit is also a valuable resource for finding the darknet or deep web site you’re looking for. Try the /r/deepweb, /r/onions, and /r/Tor subreddits. Wiki directories like this one can also be useful to help narrow your search.
Again, we can’t emphasize enough that security and anonymity are paramount to those on darknet websites. Your ISP and the government might not be able to view your activity when on the Tor Network, but they do know you are on the Tor Network, and that alone is enough to raise eyebrows. In fact, a recent judgment by the US Supreme Court denoted that simply using Tor was sufficient probable cause for the FBI to search and seize any computer around the world.
For that reason, we highly recommend employing another layer of security via a VPN.
VPN over Tor versus Tor over VPN
A VPN allows a user to encrypt all the internet traffic traveling to and from his or her device and route it through a server in a location of that user’s choosing. A VPN in combination with Tor further adds to the security and anonymity of the user.
While somewhat similar, Tor emphasizes anonymity, and a VPN emphasizes privacy.
Combining them reduces risk, but there’s an important distinction in how these two tools interact. Let’s first discuss Tor over VPN.
If you connect to your VPN and fire up Tor Browser, you’re using Tor over VPN, this is by far the most common method. All your device’s internet traffic first goes to the VPN server, then it bounces through the Tor Network before ending up at its final destination. Your ISP only see’s the encrypted VPN traffic, and won’t know you’re on Tor. You can access .onion websites normally.
Tor over VPN requires you trust your VPN provider, which can see that you are using Tor and keep metadata logs, though it can’t actually see the content of your encrypted Tor traffic. A logless VPN, which doesn’t store any traffic logs nor session logs is highly preferable. Traffic logs contain the content of your internet traffic, such as search queries and websites you visited, while session logs contain metadata like your IP address, when you logged into the VPN, and how much data was transferred. Traffic logs are a bigger concern than session logs, but neither are good.
For built-in Tor over VPN functionality, NordVPN operates servers that automatically route you through the Tor network (full details here). You don’t even need to use to Tor Browser, but keep in mind other browsers can still pass identifying information through the network. Alternatively there’s IPVanish who claim to be the world’s number one VPN for Tor and come highly recommended, you can save 20% on the annual plan here. Update, April 12, 2017: NordVPN are running a 2 year deal with a huge 72% discount here.
Tor over VPN also doesn’t protect users from malicious Tor exit nodes. Because Tor nodes are made up of volunteers, not all of them play by the rules. The final relay before your traffic goes to the destination website is known as the exit node. The exit node decrypts your traffic, and thus can steal your personal information or inject malicious code. Additionally, Tor exit nodes are often blocked by websites that don’t trust them, and Tor over VPN can’t do anything about that, either.
Then there’s the less popular VPN over Tor, which is advised against by the official Tor Project. Only two VPN providers that we know of, AirVPN and BolehVPN, offer this service. In this case, the order of the two tools is switched. Internet traffic first passes through the Tor Network, and then through the VPN. This means the VPN provider doesn’t see your real IP address and the VPN protects you from those bad exit nodes.
The big downside is that your ISP will know you are using Tor, which is cause for concern in some places and will put many people off using this method. In this instance, too, it is important to use a logless VPN and pay with Bitcoin if you can to stay anonymous. The VPN over Tor technique is also susceptible to an end-to-end timing attack, though it’s highly unlikely.
Tor over VPN requires you place some trust in your VPN provider but not not your ISP and is best if you want to access .onion websites. VPN over Tor requires you place trust in your ISP but not your VPN and is best if you want to avoid bad Tor exit nodes. Some consider VPN over Tor more secure because it maintains anonymity throughout the entire process (assuming you pay for your VPN anonymously). Although the official Tor Project advises against VPN over Tor, both methods are superior to not using a VPN at all.
The major caveat is speed. Due to all the nodes that your traffic passes through, Tor by itself significantly limits bandwidth. Adding a VPN to it, even a fast one like IPVanish, will make it even slower, so please be patient.
I2P is an alternative anonymous network to Tor. Unlike Tor, however, it cannot be used to access the public internet. It can only be used to access hidden services specific to the I2P network. I2P cannot be used to access .onion sites because it is a completely separate network from Tor. Instead, I2P uses its own brand of hidden sites called “eepsites”.
So why would you use I2P instead of Tor? After all, it’s much less popular, can’t be used to access normal websites, and isn’t as easy to use, among other disadvantages. Both rely on a peer-to-peer routing structure combined with layered encryption to make browsing private and anonymous.
I2P does have a few advantages, though. It’s much faster and reliable than Tor for a number of technical reasons. The peer-to-peer routing structure is more advanced and it does not rely on a trusted directory to get route information. I2P uses one-way tunnels, so an eavesdropper can only capture outbound or inbound traffic, not both.
Setting up I2P requires more configuration on the user’s part than Tor. I2P must be downloaded and installed, after which configuration is done through the router console. Then individual applications must each be separately configured to work with I2P. On a web browser, you’ll need to configure your browser’s proxy settings to use the correct port.
Like I2P, Freenet is a self-contained network within the network that can’t be used to access sites on the public web. It can only be used to access the content uploaded to the Freenet, which is a peer-to-peer distributed datastore. Unlike I2P and Tor, you don’t need a server to host content. Once you upload something, it stays there indefinitely even if you stop using Freenet, so long as it is popular.
Freenet allows users to connect in one of two modes: darknet and opennet. Darknet mode allows you to specify who your friends are on the network and only connect and share content with them. This allows groups of people to create closed anonymous networks made up solely of people they know and trust.
Alternatively, users can connect in opennet mode, which automatically assigns peers on the network. Unlike darknet mode, opennet uses a handful of centralized servers in addition to the decentralized peer-to-peer network.
Configuration is fairly straightforward. Just download, install, and run. When you open your default browser, Freenet will be ready and running through its web-based interface. Note you should use a separate browser than the one you normally use to help ensure anonymity.
Freenet is still an experiment designed to resist denial-of-service attacks and censorship.