The Basics (very) of Tor and the Dark Web
Guide to getting Started with Tor and the Dark Web
The Dark Web is talked about much nowadays and the subject is vast, whilst most people will have some knowledge of the Dark web, most of it comes from alarmist news articles or factually incorrect nonsense on TV and Film.
For a security professional in 2016 a basic knowledge of cyber security is a must, filling a suit, standing outside a door, pushing away teenagers from a Z list celebrity isn’t rocket science, protecting your client against a threat of a sophisticated cyber attack really is!
So, the aim of this article today is simply thus – Give you the basic tools and instructions to enter and navigate the Dark Web using Tor. So, to begin, lets take a look in basic (very) terms about the differences between areas of the Web: The Surface Web – This is the part of the Internet that you know and love, Facebook, Google, Amazon etc. The part of the web you navigate and spend your life procrastinating on! The Deep Web – Basically the stuff a search engine (Google) cannot find, Company databases, Records etc. Compared with the Surface Web it’s huge, no one knows exactly how huge as It’s hard to index and record, the data is un-indexable to a Search engines indexing algorithms (Spiders or Crawlers) which “Roam” the Surface web looking for sites to index, the reason being is that the Deep Web data is hidden in many areas - behind Private web forms (a search box within a surface site), Private web sites and passwords. The Dark Web – This is the area within the Deep Web that has been hidden from view with intent, this area of the web cannot be accessed with a normal browser, the web site addresses in the Dark Web are strings of letters and numbers with the suffix .onion (as opposed to .com / .co.uk etc) To access this area of the Web you need a special browser, an Onion browser able to strip through the onion like layers of encryption at various web nodes and get your traffic to and from it’s destination while maintaining a high level of secrecy. The most famous, commonly used Onion Browser is called Tor. Tor Browser – The TOR Internet browser has quite a history, the subject of an article in itself, but in brief the Onion Routing project was funded by the US Naval Research department assisted by The Defense Advanced Research Projects Agency (DARPA) Tor then became open source software in 2003 and has grown and developed into the TOR we know today. Tor now has many a legitimate use. Because it encrypts data sent from the start point to finish point it's used by journalists in high threat locations / Law enforcement and those wishing to circumvent censorship e.g Search on a normal browser in China for information on the Tiananmen Square protests of 1989 and you’ll get nothing (trust me I tried) but use Tor and you’ll find all the news and data related to that event. As with any tool that can be used for good, it can also be used for bad, you can circumvent the regional restrictions on Netflix or Amazon so as to watch new TV shows abroad and at the far end of the bad / evil usage spectrum it allows pedophiles to share information with each other on a pedophile exchange. If you are a security operator working in a Hostile Enviroment using something like Tor is a must, in Kabul or Kandahar for example there are but a few Internet service providers, if you think these aren’t monitored by Afghan and Foreign intelligence services, which in themselves are compromised by hostile intelligence services then you are living in cloud cuckoo land! To not use Tor when working there and emailing plans / information to and from each other is a disservice to your client and to yourself, it’s a daft as throwing your clients itinerary out the window onto the street below. So, how do you setup Tor?…..Well, it’s pretty simple actually. Just follow the link below to download directly from their website by clicking here Tor is installed like any other piece of software, when installed it’s as simple as clicking on the Tor icon and allowing it to load, Once it has you’ll see a browser much like any other, type www.google.com into the search bar and you’ll go there, however your data is now encrypted and then re-routed / bounced around the web through an assortment of relays or nodes.
The client computer, entry, middle and receiving / exit relay encrypt and decrypt this data whilst moving it around in a way that means it can only be read at the start point and the end point, and thus your location is masked and your data is safe. If you want to test this then take a look at your Internet address by going to: http://whatismyipaddress.com/ if working correctly you’ll find you location to differ from your real one. So now you know in very, very basic terms how Tor and the Dark web works, and you have a web browser (Tor) which allows you to now use the web with your information encrypted. But I bet what you’re thinking is, where are all these Dark Web sites that people speak of? Well, there are a list of some here at the hidden Wiki - http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page of course only accessible using Tor itself.