The Great Ad Block Battle!

So, recently a reader of mine asked, on my earlier post Privacy Tools: Ghostery vs. Adblock Plus, which was the best of these two. Plus, she wanted to know what the differences between each one were.

I thought this would be a good opportunity to do a comparison of not only those two extensions, but several others as well. While, in theory, all ad-blockers would do the same thing, this is definitely not true.

For example, Adblock Plus works by using “filter lists,” which are essentially a set of rules that tell it what to filter and what not to filter. Here’s one filter list that comes to mind: FilterLists.

filterlists

If you visit the site, you’ll see specific examples of domains and types of ads that are blocked, such as banner ads, adult site ads, tracking by ad agencies, and malware domains. The downside to this is that it may end up slowing down your browser (which can happen with any ad blocker that you use).

Several of the other popular blockers also use filter lists to determine what domains to block as well.

Ghostery

ghostery_logo

Just to clarify, Ghostery is a company that has designed several different types of privacy software. The one in question, in this case, is the Ghostery Browser Extension. Ghostery, as opposed to AdBlock Plus, monitors the various webservers (in this case, trackers) that are being called by a given webpage, and gives you the option to block or allow any one of them.

It also gives you the option to “trust” or “restrict” any site that you use (or are directed to) on the web. The idea behind this, as you may have guessed, is to try to filter out malicious sites, and only allow ones that you accept.

ghostery_trackers

In addition, if you wish, you have the option of mapping the trackers through Evidon, which I assume is an affiliate of theirs. This, however, is a paid service.

Other Privacy Extensions

ublock_origin_element_picker

AdBlock Plus and Ghostery are far from the only ad-blocking browser extensions available. Several other popular alternatives are uBlock Origin, Privacy Badger, and AdBlock Fast.

A few of these are a bit more complex than AdBlock Plus and Ghostery, but it all depends on what functions you need.

In the screenshot above, uBlock Origin is active, and its “element picker” function is being used, meaning that you can highlight specific parts of a webpage (for example, an ad) and analyze the actual code to see if there’s anything malicious to be concerned about.

ublock_origin_element_code

When you select a certain element, if you believe it to be malevolent, you can permanently “remove” that element so that it won’t attack you in any way. This gives you far more control over which elements to block and which to leave alone, which probably appeals more to the tech-savvy crowd than an extension that does all of this automatically.

Privacy Badger, on the other hand, also blocks trackers, but does so in a more automated way. The extension tries to detect all the different trackers (or domains that are being linked to) on a page, and then determines whether or not they are tracking you in some way, as below:

privacy_badger_trackers

If the sliders next to the domain names are colored green, this means that they appear not to be tracking you. However, if you think that they are, you can move the slider to yellow (which blocks cookies from that domain), or red (which blocks the domain altogether).

In addition, Privacy Badger gives you the option to “whitelist”different domain names that you trust, so that it knows not to block elements on that particular site:

privacy_badger_whitelist

One aspect of Privacy Badger that some may see as a disadvantage is its automated features, which may seem too “hands-off” for users who like to know what’s going on within the extension. It’s possible that P.B. may not catch all of the trackers on a page, or may miss other malicious elements.

On the other hand, it is a user-friendly way to block trackers on any webpage, and isn’t overly complicated.

Finally, there’s Adblock Fast, who describe themselves as “the world’s fastest ad blocker.”

adblockfast-600

One of the reasons for this is that AF uses far fewer filtering rules than most other ad blockers, and thus it is quicker to launch. Also, compared to the other ad blockers we’ve discussed, it’s extremely simple.

You merely have to click the extension to turn ad blocking on or off on a particular page. There’s no element selecting, domain whitelisting, or tracker lists. For those of you who like your technology simple and to the point, I would recommend Adblock Fast as your ad blocker.

On the downside, it gives you very little control over what and how it blocks, so as I said before, if you’re more hands-on, something like uBlock Origin might be your cup of tea.

Any of these can be helpful; it’s really just a matter of preference and comfort…sort of like coffee flavors.

Speaking of which…I could really use a cup right now.

d95ec823d26cf8a6d4c1dc6bd0f027d5--funny-computer-computer-diy

Advertisements

Dear FCC – I Care About Net Neutrality

what-is-net-neutrality-video-blocked

It occurred to me that as a writer, particularly one who talks about controversial subjects, that “net neutrality” should matter to me. And it should matter to you too.

Without it, ISPs (the big guys like Comcast, AT&T, and Time Warner Cable) would have full ability to create so-called “Internet fast lanes” that give preference to certain websites over others. Is that what you want?

On July 12, 2017, net neutrality allies sent 1.6 million comments to the FCC, many in creative ways, demonstrated what would happen if net neutrality were abandoned, and the reins given over to such big-name ISPs. For a few examples, stop by Massive protest to save #NetNeutrality sweeps the internet

twitter_netneutrality

While the big day of protest is over, on the site Dear FCC, It’s Our Internet and We’ll Fight to Protect It, they give you a chance to write a letter to the FCC and explain why net neutrality is important to you.

I did so today, and you can too – I urge all of you who care about freedom on the internet, and the liberty to use and access what you want, to do the same!

It feels as though we’re going backwards in time, with a whole lot of pro-censorship laws being enacted right now, such as the anti-encryption bills in the US, Australia, and the UK.

We, the people, need to speak out. Join me in this fight.

And of course, if you have suggestions, feel free to add them here!

Don’t Use the Hidden Wiki – Use These!

thehiddenwikicrop

I’ve noticed that quite a few people recommend The Hidden Wiki as a “starting point” for using Tor.

While it does have some good general information about Tor (and darknets in general), most of the links that it features are scams – at least the financial ones, or anything that you would have to pay money to use. Though I don’t suggest using it, I’ll link to it anyway, just so you can see what I mean: http://zqktlwi4fecvo6ri.onion

This probably goes without saying for people who have been using Tor for a reasonable amount of time, but for those new to the dark web, it seems like a lure to ensnare people unfamiliar with it.

Granted, some of the links are innocuous – you’ll see things like the search engines, and some of the “library sites” like the Imperial Library of Trantor. On the other hand, there are quite a few sites that promise things like “bitcoin doubling,” “free drugs,” etc. – these are all scams.

So…if you don’t use the Hidden Wiki, what should you use?

Well, as I’d mentioned in several earlier posts, there are a few Tor search engines that are good:

notevil-chat

Besides these search engines, there are other link lists you can find, one of which I also mentioned in my earlier post, Fresh Onions: Best Tor Link List?:

welcometodarkweblinks

Of course, these sites, too, may have scam links on them, but they’re at least mixed in with other things. And for whatever reason, I also find them to be more interesting than the Hidden Wiki – whether that’s because they have better links, or just look creepier,  I can’t say. Nevertheless, I have found a lot of the interesting sites I discuss on these alternate link sites and search engines.

Besides these, if you’re just looking for a group of people on the clearnet who hunt down onion links like you do, I’d suggest the subreddit /r/onions: Things That Make You Cry. They’re a pretty cool group of folks.

As for me, I’ll make an effort to include more onion sites in some of my future posts. Have fun checking out some of the ones I’ve shared here, in the meantime!

 

 

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes

Should You Use a VPN with Tor? (Well, No.)

vpn-graphic-100022486-orig

This seems to be a very frequently asked question, and on many sites, people will tell you that you should use a VPN with Tor, for “extra protection.”

Based on my research, however, I disagree – and this seems to be an unpopular opinion. One reference I’d like to cite is a blog post by Matt Traudt, a.k.a. system33-, who is someone I respect with regard to Tor. The post in question is VPN + Tor: Not Necessarily a Net Gain.

One of the points he brings up here is the following:

Tor is trustless, a VPN is trusted. Users don’t have to trust every Tor relay that they use in order to stay safe with Tor. As long as the right ones aren’t compromised, working together, or otherwise malicious, the user stays protected.

This is the main problem with insisting on combining Tor and a VPN. VPNs can keep logs of your activity online (though some claim not to), whereas Tor does not.

However, using a VPN can hide your Tor usage from your ISP, especially if said ISP is suspicious of Tor.

The Tin Hat, on their post Tor And VPN – Using Both for Added Security, also makes the point that “Where this setup fails is at hiding your traffic from a malicious Tor exit node. Because the traffic goes through the VPN, and then to the Tor network, exit nodes can still watch your traffic unencrypted.”

My preference, personally, is to use a Linux distribution with Tor, like Tails or Qubes, or for the more advanced, Arch Linux or Manjaro Linux. These, of course, take time to learn and won’t do everything for you, but they are designed for security. While this doesn’t mean they are vulnerability-free, they can improve your protection, particularly if you understand their ins and outs.

Don’t get me wrong – Unix-like OS’s are not invincible – see Sophos: Don’t believe these four myths about Linux security, but depending on the situation, it’s preferable to using an OS like Windows.

Oddly enough, I haven’t “contracted” any malware via the dark web – at least not to my knowledge. This has happened more often on the clearnet, ironically. Maybe it’s because I don’t download mysterious files or install programs that I find randomly on networks like Tor.

I’m paranoid that way.

What about you, readers? What OS’s do you prefer to use (specifically in combination with Tor, I2P, Freenet, etc.)?

In the meantime, enjoy your dark web adventures, my friends – and please research any VPN or other “privacy” software before trusting it blindly.

16199cffb76fff8c74ad6dd8eac6afab

 

What are Some AlphaBay Alternatives?

For those of you who were regular customers on AlphaBay Market, if everything is as it appears, AlphaBay is indeed gone for good.

So, if you’re curious as to where to turn next, there are some great articles (and other sites) you can look to for alternatives.

DeepDotWeb, which is one of my favorite news outlets for the dark web, featured an article today entitled Alphabay Death: Wondering which market is headed to the top? Here is some insider info!

The author gathered data from the site’s “Dark Net Markets Comparison Chart”, which, in real time, lists the up/down statuses of all the major markets:

darknet_market_chart

Besides just listing their online statuses, the chart also has the URLs of each market, whether or not they allow open registration, whether or not they allow multisig, and other factors, such as whether or not they have 2FA (two-factor authentication).

DeepDotWeb also predicted, via some analytics, which market may be the next big one – and the answer may surprise you. Based on their table, it appears to be RAMP (Russian Anonymous Marketplace)!

Ramp-Homepage-after-login.jpg

While RAMP is not an English-language marketplace (and doesn’t have that option), they do have an excellent reputation, and some anti-scam methods in place. Good work, RAMP!!

If you want an alternative site to use as a comparison, I’ve mentioned DNStats in an earlier post. Like DeepDotWeb’s chart, they list the online statuses of the major markets, as well as some vendor shops (independent shops set up by successful vendors) and forums.

DNStats_alphabay

Just bear in mind – any business you do on the dark web carries a risk factor, so protect your identity, and keep yourself informed! Happy tripping.

tumblr_orr2vafC5m1voa7nlo1_500.gif

MadIRC – Nice People on the Dark Web!?

madirc

by Ciphas

It’s no secret that the dark web (Tor in particular) has a terrible reputation among the general public. This seems especially true of those who have never set foot in it.

Even though it’s known for its illegal activity, there are some good, and even (surprise!) legal things on Tor. One of these includes IRC chats – yes, ones without crazy people!!

One IRC channel which I discovered recently goes by the name of MadIRC, and can be found on both the clearnet and Tor. Their Tor hidden service address is http://qj3m7wxqk4pfqwob.onion/. In addition, it’s available on the dn42 VPN at irc://irc.madirc.dn42.

(Note – dn42’s official site, dn42.net, is down at the present time for unknown reasons. If you’re interested in joining, check out their wiki at the link above.)

Anyhow, let’s take a journey into the world of MadIRC…

The “Inner Sanctum”

Well, going back to IRC makes me feel like I’m in the olden days of the internet, for sure! In fact, it makes me think of http://bash.org:

t0rbad> so there i was in this hallway right
BlackAdder> i believe i speak for all of us when i say…
BlackAdder> WRONG BTICH
BlackAdder> IM SICK OF YOU
BlackAdder> AND YOUR LAME STORIES
BlackAdder> NOBODY  HERE THINKS YOURE FUNNY
BlackAdder> NOBODY HERE WANTS TO HEAR YOUR STORIES
BlackAdder> IN FACT
BlackAdder> IF YOU DIED RIGHT NOW
BlackAdder> I  DON”T THINK NOBODY WOULD CARE
BlackAdder> SO WHAT DO YOU SAY TO THAT FAG
*** t0rbad sets mode: +b BlackAdder*!*@*.*
*** BlackAdder has been kicked my t0rbad ( )
t0rbad> so there i was in this hallway right
CRCError> right
heartless> Right.
r3v> right

Oh, I just couldn’t resist. Anyhow, the channel, known as “#Elite,” is frequented by its fair share of programmers (or “coders,” as I like to say), and tech-savvy people – my crowd, more or less.

madIRC

I have to admit, though, that they know a lot more than I do, considering that some of them use Arch Linux and such (which I’m a total n00b with). Hey, I’m learning, I’m learning!

Anyhow, they’re basically just a cool group of folks – and not only are they into coding, but they also happen to like black metal and death metal (two of my other loves, which I haven’t mentioned, to my knowledge).

We do have the occasional random Tor users wander in, and say “Give me links, bitch!” or “Where can I find red rooms?” But we know how to deal with those.

Here’s a red room for you!

1abc54c3a6cbd7ea8d67644eafb79c42