Checklist 22: Tor and the Dark Web

• The dark web defined.
• What is Tor?
• Setting up Tor.
• Using Tor to access sites on the dark web.
• How to use Tor effectively for privacy.

The Internet: it’s a pretty big place, right? On today’s show, we’re going to be talking about just how big it really is — because there’s a whole lot to the Internet that the average user simply can’t see. We’re talking, of course, about the so-called “dark web.” Whether you’ve heard about it in a fictional setting like a TV show or from real-world news stories, this seemingly mysterious and shadowy alternate Internet has drawn a lot of attention to itself in recent years. You may have heard numerous times, for example, about hacked passwords or the trade of credit card details on the dark web.

While it is true that the dark web has a seedier side and there are definitely some criminal elements which utilize it, the same can be said for the broader Internet as well. As a matter of fact, many individuals using the dark web do so simply because they are highly private individuals. To understand what you hear in the news about the dark web, you need to understand how it actually works. We’ll touch on that today.

You may also wonder: how is the dark web accessed? You can access it through a private browsing protocol known as Tor, which using something called “onion routing” to hide users and websites from public view. What do onions have to do with the Internet? We’ll cover that as well, plus the question that’s probably in the back of your mind: how do I try it out? Setting up Tor and using it takes a little patience and practice, but it’s worth knowing how to access the ultimate in private browsing.

So, let’s get down to business. How does the dark web operate? Let’s start by thinking about what it is and what it is not.

The dark web defined. To develop our understanding of the dark web, we should also take a moment to consider the broader nature of the Internet itself. Think of it as the earth: there is an outer crust, then succeeding layers inward hidden underneath the previous one. We can talk about the Internet in a similar way. The most visible, accessible, and mainstream Internet is what we might call the “surface web,” comprising of everything you can find in a search engine, and it’s typically full of links to other sites. The surface is what most of us are familiar with in our daily lives.

Beneath the surface, though, are many, many websites that search engines don’t index. This is what’s often referred to as the “deep web.” These sites aren’t necessarily hidden — if you know their address, for example, you can often still visit them, though they may require a username and password tied to private registration. Most of the deep web, though, is made up of databases and other such information repositories which engines can’t or don’t index. It also includes public websites which deliberately exclude themselves from search. To reach our topic, though, we’ll have to go one layer deeper.

Now we’ve reached the dark web: not just a part of the deep web; it’s its own separate enclave altogether. You can’t just plug a URL into your browser to access a dark website. It’s not just not indexed by search engines — these sites have been intentionally hidden within their own private network. Think of Russian nesting dolls; the dark web exists under several layers of privacy and security. How does that work?

It’s all made possible by something called Tor. Originally named “the onion router” due to the layers of anonymization and security implemented to create the Tor network, it’s the only way you can get to the dark web. What do onions have to do with secret websites?

What is Tor? The Tor project has its origins in military research funded in the early 90s as the government looked for new and different ways to encrypt highly sensitive defense traffic. The project quickly moved into a more civilian context, however, and by the early 2000s, Tor was one of many programs that rode the wave of open-sourcing. Tor made available the technology to anonymize one’s traffic and create hidden networks to the masses, and the development of the dark web commenced almost immediately. To answer the question “What is Tor?” requires a bit of explanation. To begin with a basic foundation, though, it’s all about layering privacy and obfuscation over your web traffic until it’s deep beneath the outer layer — like an onion!

OK, why don’t we talk about the way that actually works instead of just speaking generally? Start by thinking of the game Telephone. One person tells another a secret, who then passes that secret on to another person but with a slight change. By the time it reaches the end of the line, the message is almost totally different from the beginning. This is the basic idea behind the relays which form the backbone of the Tor network. In other words, your web request passes through several different servers located all around the world before it finally reaches its destination.

These relays take several important forms: the entry relay, also known as the guard; the middle relays, which obfuscate the beginning and end points of your request; and the exit node, which you might like to think of as “the light at the end of the tunnel.” It’s here your request emerges to travel to its desired destination. Entry relays are highly stable doors into the network, and it’s here where your information is encrypted for the first time.

Your special Tor browser or plugin (more on these in just a minute) locks your browsing information down with a key that only the exit node can read and recognize. However, a whole lot more goes on under the hood before your request passes from server to server. That includes stripping some metadata and choosing a different relay path every request.

After the exit node encryption, the Tor client adds the next “onion layer” by using encryption only the middle relays can understand. Finally, on top of all this, another layer of encryption goes down, this time keyed to the guard node. Therefore, no node except for the exit node ever sees any of your original data; even then, it’s very hard for the exit node to know exactly what the point of origin was. One thing that’s important to remember: no matter how much encryption you use, if you request an insecure connection (such as plain HTTP), the data could still be vulnerable to detection.

That sums up why it’s called onion routing; there are some additional security measures in place, like bridges, which are “secret” entry nodes to keep the whole network accessible. For the average user, though, all of this will happen behind the scenes in your client. It’s also important to note that the sites hosted on the dark web don’t have public URLS; most often, they are “onion” links, which looks more like a string of garbled text rather than a typical URL.

So how do you use Tor now that you know how it works?

Setting up Tor. The good news is that these days it’s relatively simple to configure Tor for personal use, though it does have some limitations we’ll discuss in a moment. In the years immediately following Tor’s open sourcing in 2003, many of the solutions available were inelegant and frankly just a pain to use! While there are still more complex ways to use Tor, and plenty of ways to customize your experience, we’ll just quickly cover the basics of connecting.

What you want is a piece of software aptly named the Tor Browser. Available on the Tor Project website for all major platforms, including Mac and Linux, the Tor Browser is a repackaged version of Firefox. That means for many people it will be relatively simply to use. In addition to Firefox, it also contains all the inner workings of Tor, plus plugins for privacy and some which make it easy to both connect or disconnect from Tor. For example, one such plugin is HTTPS Everywhere, which automatically connects to the secure version of sites that otherwise default to insecure HTTP. Make a note — that’s a good one to have whether you’re connecting to Tor or not.

Simply download the Tor Browser bundle configured for your system and install it to your hard drive. From there, it’s easy to connect — there’s a connection wizard to start the browser directly. Once inside, you can just mash the onion icon for Tor options and connect! So, let’s say you’ve done all that, and you’re now on the threshold of the dark web — how do you step inside if all the websites are secret and private?

Using Tor to access sites on the dark web. Before we go any further, it’s important to mention again that the dark web is certainly home to some activities which simply aren’t legit. While many of these sites don’t disclose their addresses to anyone outside of a trusted circle, some operate more publicly. One famous example, of course, was the Silk Road online marketplace best known for selling illegal drugs. That marketplace went down in 2013 after a lengthy FBI investigation culminating in the arrest and conviction of the site’s creator. Since then, numerous other similar dark web marketplaces have popped up and vanished on a regular basis.

Much of what you can find on the dark web can fall into trafficking in drugs, fake IDs, and stolen password databases. There are some public directories and wikis which list onion addresses viewable in your Tor browser. While we won’t mention them here, we will say they are often unreliable at best — so users beware. Click anonymous Tor links at your own risk; just because the connection is private doesn’t mean you can avoid stumbling into malware somewhere along the way.

So, if you’re not someone interested in the underbelly of the Internet, what is Tor actually good for doing? For those who have concerns about their privacy or who want to protect some of their online activity from prying eyes, Tor comes with a whole host of benefits. Let’s think about how you can take advantage of them now.

How to use Tor effectively for privacy. For most users, it may be best to think of Tor as just one more asset available in your privacy toolkit. Anonymizing your Internet browsing might be necessary when you’re traveling to certain countries, or perhaps when you have a sensitive conversation you want to keep in the dark.

We think it’s important to keep in mind Tor’s limitations, too. It can be very slow to load pages that normally load very quickly. Tor servers are all run by volunteers, and though the network continues to grow, the strain can still slow the pace of things. There are many things which aren’t advisable to do in Tor because they compromise your privacy on the network, like visiting unsecured sites. You likely won’t be able to view streaming video, either — though we doubt that should be much of a concern.

However, for sporadic use and for “as needed” security — like perhaps when browsing on an unknown public network — it does the job well enough. Whether you’re trying to take control of your privacy and protect yourself from web surveillance or you’re just interested in what happens on “the dark web,” Tor is the tool of choice. Consider giving the browser a try — new ways to browse privately are always worth investigating.

Well, that wraps up today’s episode! If you’d like more information on the topic we covered today, or if there’s a specific topic you’d like to see featured on a future episode, send us an e-mail at checklist@securemac.com!