Red Room Follow-Up!

Red-Room-Deep-Web-2

by Ciphas

So, continuing on the subject of red rooms, I received a comment recently on my post Red Rooms Finally Debunked Forever? that said this:

“THANK YOU Bob Saget. Just because red rooms don’t fit under your perfect “criteria”, that doesn’t mean they don’t exist. I personally know somebody who has been a part of a red room, but he wasn’t the murderer. He was the victim.”

She was replying to an earlier comment by someone who went by the name of Bob Saget (yes, that was his name), who gave me a hard time for trying to disprove the existence of red rooms, and cited Peter Scully’s videos as an example – in other words, this guy:

peter_scully_2

So here are my thoughts: what I’ve said so far about red rooms has been based partially on my personal experience, and also what I’ve researched about them. While I have not seen such a thing (or at least not one that I believe to be genuine), here is how I would define a red room:

A website (presumably on the dark web or a private network) where you can pay to witness torture and murder.

While I realize that some very sick things exist on Tor and other darknets (most notoriously child pornography),  streaming video over Tor would be incredibly difficult, at least the way it works at present. If you don’t understand how onion routing works, this link explains it quite well: What Is Onion Routing, Exactly?

onion-routing-2

It is possible to watch video on Tor (and I have, in fact). As I mentioned on my recent post PsychoTube: The YouTube of Tor?, there are a few sites on which you can watch uploaded videos, but they certainly aren’t live. It’s very similar to LiveLeak, in that it features videos of murders, executions, and war. By the way, another dark web blog that I like, All Things Vice, has addressed this subject as well: You wanted darker web?

allthingsvice_darkerweb

That being said, how does this square with the above comment? Well, my heart goes out to anyone who’s a victim of torture or murder; nonetheless, as far as that having something to do with red rooms, the burden of proof is on the claimant. One site on the clearnet, Red Room Deep Web Complete Guide, goes into detail about what allegedly happens in a red room, and how to see one (in theory).

redroom_allabout

Without reviewing all the things this site says about it, I think a number of them are wrong – and it looks like they’re using a scam site as their example. But you could, of course, create your own red room.

Ψ(`◇´)Ψ

How would you create a red room, then? Stay tuned for Part 2.

Advertisements

Tor Social Network Update: Galaxy3

For those of you who were sad that Galaxy2 had disappeared, there is a new social network by the name of Galaxy3 at http://22dvf4xgaqa672b4.onion. There is also what appears to be a scam clone site at http://uwv7wslui5f4ukff.onion/, so I would avoid using that one if I were you.

galaxy3_groups

I’m sure many of the members of the previous social network are happy about this, although I was a little hesitant to join at first, given that there are so many clone sites (like the one above) out there.

So, I just joined about a week ago, and by all accounts, this site seems to be legit. No, really, it is!

bitcoin_doubler_scam

I recognize quite a few of the same folks who were on Galaxy2, which is a good indicator that it is the real thing.

Anyhow, Galaxy3 is quite similar: like its predecessors, it has a feature called “The Wire,” which is basically a news feed (like on Facebook or Twitter). And yes, anything you post to The Wire is public, so for newcomers – don’t post it if you don’t want others to see it!

What surprises me about it is that many of the Wire posts are the same types of things that people would say on Facebook, Tumblr, or other clearnet social media sites. I think I’ve addressed this on my earlier “dark web social network” posts.

It could be something as simple as, “Hey, what’s going on everybody?” Or I have noticed some people who appear to be trying to promote businesses and such. But as I said, the dark web has increased my level of paranoia tenfold; I tend to view anyone who is selling something with a degree of skepticism.

One other thing that I notice frequently is that people don’t shy away from posting about controversial topics here (and that goes for the dark web as a whole, not just Tor). Many of the social networks I’ve been a part of on Tor (and elsewhere) have included such things as gore, self-harm, drug use, and…um…unusual fetishes. Not that you can’t find that on the clearnet:

kink_forum_censored

If only they knew that my fetish was to collect Precious Moments dolls and dress them in leather outfits…

In all seriousness, vaguely remember someone asking who was into scat play, for example – which I’m sure you could find on the clearnet as well, if that’s what you’re into, but again, the keyword is “anonymity.”

Like your popular social media sites on the clearnet (Twitter, Tumblr, etc.), Galaxy3 also has a blog feature, which works quite similarly. All you do is click on the “Blogs” tab, and you’ll see a feed with the latest blog posts. From there, you can also add your own (well, yah, I could’ve told you that).

galaxy3_blog_censored

But again, what’s the difference between these blogs and the ones that you would find on the clearnet? Well, I noticed a lot of paranoid conspiracy theory stuff on there, plus there was some guy asking about the aforementioned kinky sex acts. See? The dark web’s not all “bad” – it has kinky sex!!

dark_web_dominatrix

Come to the dark web – we are kinky.

All in all, if you’re already interested in the dark web and have not checked out any of these social networks yet, Galaxy3 is one that I recommend. The people are pretty cool, and there aren’t any convoluted instructions for becoming a member.

Questions? Feel free to ask.

 

 

 

 

 

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes

‘Anonymous’ Proxy List?

SPIDERMANLUCK.png

I forget exactly where I found this link – I think it was either Electronic Frontier Foundation or Privacy Tools  – but it’s a list of supposedly anonymous proxy servers, generated by a set of particular search engine terms:

+”:8080″ +”:3128″ +”:80″ filetype:txt

This returns results for lists of proxy servers that use ports 8080, 3128, and 80, which are apparently more anonymous than average proxies.

You’ll get different results if you use different search engines, too:

qwant.com: proxy list

Blackle.com: proxy list

For the curious, here are some of the actual results that you might get as well:

rebro.weebly.com: proxy list

Proxy Spider: short proxy list

kan339: proxy list

lategoodies.tripod.com: proxy list

h3furnitureoutlet: proxy list (yeah, a furniture outlet has a proxy list)

proxy IP list: anonymous

jobabroad.sweb.cz: proxy list

playinator.com: proxy list

Even so, as I mentioned in a few earlier posts, this all depends on whether you trust proxies at all. Which is why I haven’t used any of these, personally.

It’s similar to using a VPN in combination with Tor. Are you really anonymous when doing this? That depends on whether or not you trust your VPN provider! By the same token, it’s very risky to use certain proxies, unless you know what data the proxy server is collecting about you. Never mind the fact that .txt documents can contain malware (just as some PDFs on Tor do). Read Should You Trust Any Proxy? to find out a little more.

Regardless, it’s an interesting experiment to try Googling this, even if you don’t decide to use the proxy services themselves. Most of the sites look like this:

anonymous_proxy

While the idea of “anonymous proxy server” sounds great, in theory, they could be just like malicious Tor exit nodes – intending to steal data or worse.

So yes, these proxies exist. Should you use them? That’s up to you.

Call me paranoid, but personally, I wouldn’t.

 

Discontinued Darknets??

Given that privacy and anonymity are such a hot topic these days, there are many projects that various people and organizations are developing for just that reason. Several of these I’ve already mentioned multiple times, including Tor, I2P, Freenet, and ZeroNet.

Nonetheless, I find the defunct ones to be just as interesting, partly because some of them used different methods for disguising one’s identity. A few that I’ve had a chance to check out are:

  1. Osiris Serverless Portal System
  2. anoNet: Cooperative Chaos
  3. Umbra (by the Shadow Project)
  4. StealthNet

Some of these, in spite of no longer being developed, are still available for download, so you can check them if you’re just curious.

I thought I would give a brief explanation of each of these, and then let you explore on your own, if you wanted to find out more.

Osiris SPS

osiris

Osiris is a program used to create web portals that are distributed via P2P networking, and are not reliant on central servers (hence the name “serverless portal system”). Data on Osiris portals are shared between all participants. According to the Wikipedia article on Osiris, these are some of its key features:

  • The system is anonymous. It is not possible to make an association between a user and their IP address, hence one cannot trace the person who created a content.
  • Even with physical access to an Osiris installation it is impossible to trace the actual user without knowing his password.
  • 2048-bit digital keys guarantee the authenticity of content (digitally signed in order to prevent counterfeiting) and the confidentiality of private messages (encrypted between the sender and recipient).
  • To prevent the ISP from intercepting traffic, connections and data transfer to a portal (called alignment), Osiris uses random ports which are cloaked during handshake and encrypted point-to-point via 256-bit AES.
  • The P2P distribution allows content to be present in multiple copies as a guarantee of survival in case of hardware failure or nodes off-line.
  • As the portals are saved locally, one can read the contents even if one works off-line.

In some ways, Osiris is also like Freenet, in that it uses P2P distribution of content, has a reputations system, and uses cryptographic keys as identifiers.

Now, for those of you looking for creepy and disturbing stuff, I’ve never found any of that on Osiris. That wasn’t really my intention when I started using it. I was exploring other anonymity networks and software that I had yet to use.

The problem with Osiris is that it seems as though it’s no longer being developed, as I mentioned. Still, for the curious who just want to check it out, click the link above.

anoNet

anonet_6

anoNet was a Wide Area Network (WAN) created in 2005. Its creators were a few people who were tired of the surveillance and constant data collection that still takes place on the clearnet today.

As on Freenet or ZeroNet, they wanted it to have functions like social networking, messaging, email, and website publishing, but the ability to do all of these anonymously. The network used OpenVPN, tinc, Quagga, BIRD, and QuickTun. OpenVPN and QuickTun were used to quickly connect nodes to one another, while BIRD and Quagga were used to exchange routing information with others on the network, allowing all peers to connect to each other easily.

What I’m not entirely sure of is if you can still connect to the network at all, since various sources have listed it as defunct. It may be similar to Osiris, in that it isn’t actively being developed, but the software is still available.

Umbra

overview_wallet

Umbra, like Osiris, isn’t really defunct, but it isn’t being actively developed. It was a division of The Shadow Project, the creators of the ShadowCash cryptocurrency.

It could be used for anonymous chat, messaging, email, and hosting websites (much like Freenet or ZeroNet). I haven’t had the chance to use it yet myself, but I would enjoy just playing around with it, if for no other reason than learning…and fun!

StealthNet

stealthnet

StealthNet was an anonymous P2P filesharing network, based on an earlier model, called RShare. Like many other P2P networks, traffic was routed through other nodes in the network, helping to keep users anonymous.

For better or worse, this project, too, has been discontinued. If you’re just curious about it, however, it looks as though you can download the software. It’s unlikely that there will be many (if any) peers to connect to, which kind of defeats the purpose of a P2P network!

Anyhow…

Despite the fact that these networks have been discontinued, I expect that others like them are being developed right now, or will be in the future.

As I always say, if you’re a budding developer, why don’t you create one? It could eventually be something big!

 

ZeroNet: Continuing Your Dark Webducation!

687474703a2f2f7a65726f6e65742e72656164746865646f63732e6f72672f656e2f6c61746573742f696d672f7a65726f68656c6c6f2e706e67

I’ve mentioned ZeroNet in a few previous posts, but haven’t gone into much detail about it. I think it has the potential to be a great network, if more people start using it.

It’s a bit different from Tor, in that you don’t have to have a separate browser to access it (although you do need the software). ZeroNet is a decentralized network that uses bitcoin cryptography and the BitTorrent network to create a “separate internet,” if you will.

ZeroNet also uses the Tor network to help users achieve anonymity, though the two are in fact different networks. (Wait…huh?) Yes, in addition to using the BitTorrent network, ZeroNet also has the ability to route traffic through Tor – although you can turn this feature on and off.

If you read its documentation, you can learn a bit more about it.

zeronet_homepage

Author: Kahpecuce Copyright: 2016 Wikimedia Commons

According to the documentation, at present, ZeroNet offers these features:

  • Real-time updated sites
  • Namecoin .bit domain support
  • Multi-user sites
  • Passwordless – Bitcoin’s BIP32-based authorization
  • Built-in SQL server

As with PGP, on ZeroNet you have a public and a private key, which is a feature of asymmetric cryptography. Essentially, it’s the same type of cryptography that’s used to protect your bitcoin wallet.

I know how many people are curious about pseudo-top level domain names. As it says above, ZeroNet sites use the .bit domain, and there are quite a few out there. (But sorry, no .clos, .loky, .lll, or .rdos sites.) Aw, crap!

If you’d like to see a ZeroNet site, here’s one:

zeronet_links

And here’s another:

dydx_zeronet

Like the sites on Tor, I2P, and other networks, they don’t look all that fascinating. Many contain a lot of technical and coding information. It doesn’t surprise me, actually; I wasn’t expecting to find anything dark and secret on ZeroNet that I couldn’t find elsewhere.

Anyhow, this is going to be a short post, as I still have to explore ZeroNet quite a bit more. I just wanted to give you a little taste! I encourage other people to join it, because some of the forums and things seem a bit empty!

Thanks for reading – join me again, anonymity lovers!

P.S. For further reading, here’s a ZeroNet FAQ.

How to Use I2P on Android Devices

by Ciphas

i2p_android

I’m well aware that not all “dark web” users prefer the Tor network (which I’ve mentioned in a few previous posts).

As I wrote about in How to Access the Dark Web with I2P!, I2P is one of the three most popular anonymity networks at the moment, next to Tor and Freenet. Out of those three, however, it’s arguably the most complicated to use.

That aside, if you already use it, and are interested in the Android app, it’s simple to download. Go to I2P – Android Apps on Google Play, and install it.

If you’re already familiar with using Tor on Android, then you may know the browser Orfox; download that first, from Google Play – Orfox.

device-2015-06-30-133152

As with the standard version of I2P, you need to configure your proxy settings to be able to connect to it on your mobile device.

Depending on which device you have, these may be in a different area, but this tutorial explains it quite well. (With the exception that the Orweb browser is outdated.)

To sum up – you’ll need to configure your proxy settings to 127.0.0.1 (localhost), port 4444 (HTTP). After this is finished, open the I2P app again and hold down the button that says “Long press to start I2P.”

i2p_longpress

Once you’ve started I2P, the app has to find peers on the network. This should only take a few minutes at most (depending on your connection, of course).

Finally, go to the “addresses” tab. There should be some default I2P sites (eepsites) listed there. You can add others if you wish. Actually, on my device, there was only one eepsite listed by default.

If you tap on the name of one of the eepsites, it may ask you which app you want to use to open it. Obviously, the tried and true Firefox is good. You can also use Orfox, as I mentioned.

Also, if you tap the “tunnels” tab, you’ll see which client tunnels and/or server tunnels are running. By default, some of the ones that run are the I2P HTTP/HTTPS Proxy, Irc2p, and smtp.postman.i2p (simple mail transfer protocol):

i2p_tunnels

You can, of course, customize it by adding your own client tunnels or server tunnels using the red “plus” button in the lower righthand corner (maybe that could be a subject for a future blog post…yesssss….).

Interestingly, the tutorial I referenced above recommends Lightning Web Browser, because it’s open-source and built for privacy, speed, and efficiency. It can also send traffic through Tor or I2P, and can be set to use DuckDuckGo or StartPage as its standard search engines. So give that one a try. If you’re curious about the source code, it’s here: GitHub: Lightning Browser.

Now, as for some other eepsites you can try out, here are some suggestions (but I haven’t vetted all of these, so some may not work):

https://sochi.i2p

https://speedie.i2p

https://sponge.i2p

https://nightfort.i2p

https://planet.i2p

https://oniichan.i2p

I hope that’s enough to get you started. Anyhow, have fun. I2P may not seem as “creepy” as Tor, but I would like to get a few more people to try it out, and maybe build more of a community on the network.

Enjoy your visit, friends!