Don’t Use the Hidden Wiki – Use These!

thehiddenwikicrop

I’ve noticed that quite a few people recommend The Hidden Wiki as a “starting point” for using Tor.

While it does have some good general information about Tor (and darknets in general), most of the links that it features are scams – at least the financial ones, or anything that you would have to pay money to use. Though I don’t suggest using it, I’ll link to it anyway, just so you can see what I mean: http://zqktlwi4fecvo6ri.onion

This probably goes without saying for people who have been using Tor for a reasonable amount of time, but for those new to the dark web, it seems like a lure to ensnare people unfamiliar with it.

Granted, some of the links are innocuous – you’ll see things like the search engines, and some of the “library sites” like the Imperial Library of Trantor. On the other hand, there are quite a few sites that promise things like “bitcoin doubling,” “free drugs,” etc. – these are all scams.

So…if you don’t use the Hidden Wiki, what should you use?

Well, as I’d mentioned in several earlier posts, there are a few Tor search engines that are good:

notevil-chat

Besides these search engines, there are other link lists you can find, one of which I also mentioned in my earlier post, Fresh Onions: Best Tor Link List?:

welcometodarkweblinks

Of course, these sites, too, may have scam links on them, but they’re at least mixed in with other things. And for whatever reason, I also find them to be more interesting than the Hidden Wiki – whether that’s because they have better links, or just look creepier,  I can’t say. Nevertheless, I have found a lot of the interesting sites I discuss on these alternate link sites and search engines.

Besides these, if you’re just looking for a group of people on the clearnet who hunt down onion links like you do, I’d suggest the subreddit /r/onions: Things That Make You Cry. They’re a pretty cool group of folks.

As for me, I’ll make an effort to include more onion sites in some of my future posts. Have fun checking out some of the ones I’ve shared here, in the meantime!

 

 

Advertisements

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes

Should You Use a VPN with Tor? (Well, No.)

vpn-graphic-100022486-orig

This seems to be a very frequently asked question, and on many sites, people will tell you that you should use a VPN with Tor, for “extra protection.”

Based on my research, however, I disagree – and this seems to be an unpopular opinion. One reference I’d like to cite is a blog post by Matt Traudt, a.k.a. system33-, who is someone I respect with regard to Tor. The post in question is VPN + Tor: Not Necessarily a Net Gain.

One of the points he brings up here is the following:

Tor is trustless, a VPN is trusted. Users don’t have to trust every Tor relay that they use in order to stay safe with Tor. As long as the right ones aren’t compromised, working together, or otherwise malicious, the user stays protected.

This is the main problem with insisting on combining Tor and a VPN. VPNs can keep logs of your activity online (though some claim not to), whereas Tor does not.

However, using a VPN can hide your Tor usage from your ISP, especially if said ISP is suspicious of Tor.

The Tin Hat, on their post Tor And VPN – Using Both for Added Security, also makes the point that “Where this setup fails is at hiding your traffic from a malicious Tor exit node. Because the traffic goes through the VPN, and then to the Tor network, exit nodes can still watch your traffic unencrypted.”

My preference, personally, is to use a Linux distribution with Tor, like Tails or Qubes, or for the more advanced, Arch Linux or Manjaro Linux. These, of course, take time to learn and won’t do everything for you, but they are designed for security. While this doesn’t mean they are vulnerability-free, they can improve your protection, particularly if you understand their ins and outs.

Don’t get me wrong – Unix-like OS’s are not invincible – see Sophos: Don’t believe these four myths about Linux security, but depending on the situation, it’s preferable to using an OS like Windows.

Oddly enough, I haven’t “contracted” any malware via the dark web – at least not to my knowledge. This has happened more often on the clearnet, ironically. Maybe it’s because I don’t download mysterious files or install programs that I find randomly on networks like Tor.

I’m paranoid that way.

What about you, readers? What OS’s do you prefer to use (specifically in combination with Tor, I2P, Freenet, etc.)?

In the meantime, enjoy your dark web adventures, my friends – and please research any VPN or other “privacy” software before trusting it blindly.

16199cffb76fff8c74ad6dd8eac6afab

 

What are Some AlphaBay Alternatives?

For those of you who were regular customers on AlphaBay Market, if everything is as it appears, AlphaBay is indeed gone for good.

So, if you’re curious as to where to turn next, there are some great articles (and other sites) you can look to for alternatives.

DeepDotWeb, which is one of my favorite news outlets for the dark web, featured an article today entitled Alphabay Death: Wondering which market is headed to the top? Here is some insider info!

The author gathered data from the site’s “Dark Net Markets Comparison Chart”, which, in real time, lists the up/down statuses of all the major markets:

darknet_market_chart

Besides just listing their online statuses, the chart also has the URLs of each market, whether or not they allow open registration, whether or not they allow multisig, and other factors, such as whether or not they have 2FA (two-factor authentication).

DeepDotWeb also predicted, via some analytics, which market may be the next big one – and the answer may surprise you. Based on their table, it appears to be RAMP (Russian Anonymous Marketplace)!

Ramp-Homepage-after-login.jpg

While RAMP is not an English-language marketplace (and doesn’t have that option), they do have an excellent reputation, and some anti-scam methods in place. Good work, RAMP!!

If you want an alternative site to use as a comparison, I’ve mentioned DNStats in an earlier post. Like DeepDotWeb’s chart, they list the online statuses of the major markets, as well as some vendor shops (independent shops set up by successful vendors) and forums.

DNStats_alphabay

Just bear in mind – any business you do on the dark web carries a risk factor, so protect your identity, and keep yourself informed! Happy tripping.

tumblr_orr2vafC5m1voa7nlo1_500.gif

Are Terrorists Really Using the Dark Web?

dd93a1bac59cd3d95c8cd5529d82eccc--high-contrast-doll-face

I see this question popping up in the media a lot lately, particularly after there have been several awful terrorist attacks. The answer to it, however, probably depends on whom you ask.

Let me state, for the record, that I do not support terrorism in any way – in fact, I’m a Nichiren Buddhist (with SGI), and one of our main messages is tolerance and peace.

That aside, the article Terrorists and dark web, what is their relationship?, by Security Affairs, says that if they are, it’s not to a large degree (contrary to popular belief). If you read knowledgeable sources with regard to what kind of content is on the dark web, though there may be some terrible things (like child pornography), terrorist groups are one of the things you’d be hard-pressed to find.

What brought this to mind, however, was an article on DeepDotWeb, entitled UK Targets Dark Web Users in Anti-Terrorism Pamphlet. Supposedly, some law enforcement agencies have found a connection between the dark web and terrorist organizations, and if you ask USA Today, that’s what the truth is…

Be that as it may, I think the general problem is the public’s misunderstanding, as a whole, of what the “dark web” is. I’ve addressed this concept many times on this blog, but because a good majority of people don’t understand what the dark web is, or how it works, they tend to assume that it’s just a haven for “bad stuff.” In this case, the “bad stuff” would include terrorism.

I’m not saying that the dark web is free of anything terrible – I’m repulsed by the fact that so much child abuse material is on there, or that there are people who watch “crush videos” of animals being killed. Nonetheless, just because those things exist, it doesn’t mean that every single bad thing you can think of is there – which is another urban legend about it.

What I suggest is – do your research and find out the truth about this statement. You’ll probably hear conflicting ideas, but my belief is that the dark web is not really a haven for terrorists.

Ironically, you’re more likely to find websites of that nature on the clearnet – as hard as that may be to believe.

 

What’s the State of AlphaBay Market?

alphabay (1)

Update: AlphaBay has definitely exit scammed and is gone for good. Please don’t get your hopes up about it coming back.

If you’re interested in darknet markets and have seen the news lately, you probably know that AlphaBay, which up until now has been one of the most successful markets, is down (and has been since July 4th).

(NOTE: If you’re curious to see some sites you can use in place of it, check DNStats, or its Tor hidden service, http://dnstatstzgfcalax.onion.)

DNStats_alphabay

Numerous media outlets have already covered this story, including the New York Times, The Verge, and Gizmodo. If you haven’t heard about this, here are a few links to catch you up:

AlphaBay, Biggest Online Drug Bazaar, Goes Dark – The New York Times

A Dark Web marketplace is down and users suspect foul play – The Verge

World’s largest online illegal drug marketplace goes dark – Axios

While many of these stories are written by mainstream media outlets and are geared toward the layperson, it’s interesting to think about it from the point-of-view of someone who spends a lot of time on the dark web (or someone who’s bought and/or sold goods on the market, for that matter).

The subreddit /r/DarkNetMarkets, which is your guide to all things darknet market-related, has a bit more inside info, although even those involved with the market aren’t necessarily sure what happened.

rdarknetmarkets_censored

Though he did not give proof, one of the vendors on this subreddit speculated that the market’s downtime might be due to a hardware seizure in Quebec of dark web site owners: Vente dans le «Dark Web»: la police procède à deux perquisitions (As you can see, the article is in French, but you can loosely translate.)

In English, the article says that “…the RCMP’s integrated technology crime group conducted two searches in connection with a global network of illicit drug sales in the Dark Web [sic].” At least that’s the Google translation – no, I don’t speak French.

This points to a couple of possibilities: either the FBI seized one of AlphaBay’s servers (and all the data that would be included, such as hashed passwords, vendor information, private messages, etc.); or that the admins of the site closed it down in anticipation of a raid. Even if it’s the former, I doubt they were able to confiscate everything.

Again, however, just like those in the conversation over on Reddit, I’m just hypothesizing, so don’t take what I’m saying here as gospel. I’m not a member of LE (I swear!), nor do I want to be. Even if the feds did seize evidence from AlphaBay, I hope that it will be up and running again.

If that’s not the case, then I suppose you’ll have to take your business elsewhere.

In the meantime, I’ll be keeping an eye on the developments.

Stay trippy, my friends!

tumblr_opp8kzYMgL1vhy2fao1_540

 

A Few Pseudo-Random Onion Links

randomnumbers

I’ve been told repeatedly that there is no such thing as “true” randomness, because everything has some kind of pattern to it.

That aside, I’ve been trying to constantly come up with onion links to share, and thought that perhaps I could do this by using the onion list at All Onion Services. What I’m going to do is hit the “Random” button a few times, and then list some of the links that come up.

Unfortunately, I can’t guarantee that there will be anything on these links, but it’s worth a shot. If there isn’t anything on the page, either it’s down, it’s unreachable, or no one has built a site at that particular address yet.

WARNING: Visit these at your own risk. I haven’t checked them all out personally.

http://n77rmxpuyhpr2g22.onion/

http://awhrkdwx3qsmgnot.onion/

http://22qbqzw6qcs2eku3.onion/

http://25sewxptlwhap3c2.onion/

http://wmrumtlwo3l37w22.onion/

http://nb2awtjoa4vpmwha.onion/

http://rscnq5uvtwj5x6od.onion/

http://cszmfevi6owywum6.onion/

http://xioqywsfdtsjr33d.onion/

http://li5w5cnmaeuqceou.onion/

http://5tepdchtxovcecp3.onion/

http://3y5d7pcjxpbukzxf.onion/

http://e6o5qjghi2umqech.onion/

http://pa3ldnwz2tyv7hcw.onion/

Tell me in the comments if you found anything interesting. If not, maybe I’ll try this again!