The “Shadow Web” Cited Me? Awesome!

Given that I’ve written a few past posts about the so-called “Shadow Web,” I was flattered when I came across a more recent site by that name, and they had quoted something I had written a while back when, ironically, I was less familiar with the dark web.

“The reason it’s so difficult to access the shadow web is that first, you would need a browser (such as Tor) that provides easier access to hidden sites (like .onion URLs). Then, you would most likely be given the specific URL by someone in the know, or use a search engine geared toward searching the deep web.”

I find this funny for several reasons: the statements I made at the time were not entirely accurate. Tor doesn’t really “provide easier access to hidden sites,” although at one time it was the only way you could access .onion URLs. Since there are now Tor2web proxies (like onion.to and onion.link), through which you can access Tor hidden services from the clearnet, you don’t necessarily have to have the Tor browser to reach them.

However, using the proxies is not a safe way to do so, because there’s a far greater chance that someone could spy on your web traffic in the process. They even warn you about this on some of the sites:

onionto

Also, at the time that I wrote the original post, I didn’t distinguish between “deep web” and “dark web” (which are still confusing terms for most people). I meant to say dark web, honest!!

tor2web

Regardless of my errors, thanks for citing me as a source, Mr. Shadow Web! The “new” Shadow Web site is located at http://shadowznwuibgi7w.onion, and looks somewhat similar to the previous ones. I attempted to take a screenshot of it, but that function was disabled (of course). In essence, it’s a black background with this picture at the top:

access the shadow web

The landing page of the so-called “Shadow Web” site

The only difference between my picture and theirs is that theirs says “Access The Shadow Web” at the top. This time around, they feature an FAQ of sorts, to try to “debunk” some of the “myths” about the Shadow Web…

And I quote…

# 1 Shadow Web is a myth or true

ANSWER: IT IS TRUE

# 2 Is Shadow Web somewhere deep hidden under something unbelievable?

ANSWER: NO. THAT WAS A MISSUNDERSTANDING [sic]. ITS [sic] NOT DEEP UNDER, OR SOME MAGIC PROTECTED. IS JUST A SPECIAL INTERNET, SEPERATE [sic], UNACCESSIBLE AND FOR THIS INVISIBLE TO GUYS THAT DO NOT HAVE THE ACCESS-KEYS TO ENCRYPT THE URL AND INFORMATIONS. IN OUR PACKET WE GIVE YOU 1000+ DIFFERENT KEYS. ON SOME SHADOW WEB SITES YOU CAN GET MORE FORE FREE. THERE ARE SOME SPECIAL ONES YOU HAVE TO PAY. THIS DEPEND ON WHAT YOU WANT TO GET. MOST ARE FREE.

# 3 Do I need a Super Computer for Access

ANSWER: NO. THAT IS JUST A STORY FOR STOP [sic] KIDS AND IDIOTS TO TRY.

Aw, man! And I just bought a new super computer! I won’t list all of the “FAQ” section here, but you get the basic idea. Anyhow, according to them, in order to access the site, you need to pay $295 in bitcoin, which seems a bit extravagant.

How to Create Your Own Shadow Web!

OpenVPN-Setup-on-Linux

In response to this, I thought I’d explain how you could actually create a “shadow web.” Just as there are a number of different ways to accomplish anonymity online, so are there many different networks that use these methods.

It might be something like the network dn42, which is a large VPN using various internet technologies, such as BGP, whois database, and DNS. Participants in dn42 connect to one another via network tunnels like OpenVPN and Tinc – however, dn42 is not technically part of the internet, because it doesn’t use the internet protocol (IP). Confused yet?

In other words, you could create a VPN-based hidden network, using a network tunnel. ChaosVPN, which I mentioned in some earlier posts, is also a VPN-based network. For full details on how to join dn42, click the link above.

Or it could be something like The Darknet Project – as they describe it, “A Darknet is a portion of routed, allocated IP space in which no active services or servers reside. These are “dark” because there is, seemingly, nothing within these networks.”

A third method might be to create a wireless mesh network, as I’d mentioned a couple of posts ago, but one that only you and a small number of people had access to – something like goTenna Mesh (as one example). Or, perhaps it would be something like a Freifunk network. Of course, you would need the right hardware for this, and you would have to find others to join, but that would just take a bit of time and effort.

So, in theory, a “shadow web” might be a private network that uses protocols other than the internet protocol, a darknet of some kind, or a wireless mesh network with a select few participants.

This, however, does not mean there actually is a Shadow Web – I just thought it was fun to consider how you could create one.

Will you be the first to do it? I dare you!

shadow-people

Darkfox: Access the Dark Web with Ease!

darkfox

NOTE: Darkfox will not help you access .clos, .rdos, .lll, or .loky domains. Those don’t exist!! It will help you access .onion, .I2P, and 127.0.0.1:8888 URIs.

by Ciphas

This may sound like an infomercial, but I swear it’s not.

Those of you who use darknets, in particular Tor, I2P, and Freenet, might have noticed that it can sometimes be inconvenient to have to run each one in a separate browser, or at least have to launch the programs separately.

Well, I found a program that makes it simpler to connect to any of these three networks with a simple command: it’s called Darkfox Launcher.

Its advantage is that it lets you access Tor, I2P, or Freenet without having to change your configurations every time. Plus, it’s very simple to use.

The GitHub page goes into a little more detail, but one of the most important questions it answers is: “How does Darkfox Launcher work?”

Here’s the answer: “Darkfox Launcher works by first changing the default profile of the Firefox Portable software and with that, changing the default network configuration. Once this phase is done, Darkfox will proceed by launching the Darknet proxy software to make the connection to the Darknet chosen by the user. When completed, Firefox Portable will boot to the default startpage of that specific Darknet.”

Darkfox is also a convenient way of quickly accessing one of these networks if, say, you need to contact someone through the network and don’t want to go through the process of installing, for example, I2P.

Included in its software package are these things: Firefox Portable Edition, and the proxy software from the Tor Project, the Invisible Internet Project (I2P), and the Freenet Project. If you’re unfamiliar with each of these, it might help to check them out individually first!

So what’s my opinion? I’ve been using it for a little while now, and while it does have a few bugs, I love it. (Besides, what software doesn’t have bugs, especially in the early stages?)

And you may have noticed that, since it’s on GitHub, Darkfox Launcher is also open source. To that end, if you want to fork it and contribute to the code, feel free.

Now, its downside is that it isn’t as secure as the actual Tor browser. So, if you’re doing some kind of hardcore whistleblowing, or engaging in illicit activities, I don’t recommend Darkfox for you. It’s still a work-in-progress, though, so future versions will probably have improved security features.

On a side note, this may just be nostalgia, but its UI reminds me of both the DOS command prompt and the Bash Unix shell. *Nerding out*

While it may not be about bells and whistles, I think Darkfox Launcher accomplishes its purpose well. For more information about it, check out the Darkfox Read Me: https://github.com/blacklight447/Darkfox-Launcher/blob/master/README.md.

If that’s not enough, take a look at its source code here: https://github.com/blacklight447/Darkfox-Launcher/blob/master/darkfox%20code

darkfox_sourcecode

Who knows? Perhaps in the future, it will have the ability to launch Tor and do your taxes.

Dark Web Links of the Day Pt. 1

blackmarketammo.png

by Ciphas

I’ve been receiving comments on my profile asking if I could post some links, so I’m more than happy to oblige. One thing I should remind my readers about, though – Tor and its darknet brethren are rife with scams. So if anything sounds too good to be true (triple your bitcoin in 2 seconds!!), then it probably is.

TorBay (forum) https://2or24opd2hkebadv.onion

Digital Gangster https://2fwqhlzx5dxiyggr.onion

IDC – Italian Darknet Community https://2qrdpvonwwqnic7j.onion/

Walmart Stuff https://42bu3fd5gaxu3xbn.onion

TorRoulette https://4mxhmvyfba2ji7lb.onion

W38M411 https://23tjl3xpt5btiqms.onion

GRAVES DESIGN https://362jdnvs4w5itsql.onion

How to Use I2P on Android Devices

by Ciphas

i2p_android

I’m well aware that not all “dark web” users prefer the Tor network (which I’ve mentioned in a few previous posts).

As I wrote about in How to Access the Dark Web with I2P!, I2P is one of the three most popular anonymity networks at the moment, next to Tor and Freenet. Out of those three, however, it’s arguably the most complicated to use.

That aside, if you already use it, and are interested in the Android app, it’s simple to download. Go to I2P – Android Apps on Google Play, and install it.

If you’re already familiar with using Tor on Android, then you may know the browser Orfox; download that first, from Google Play – Orfox.

device-2015-06-30-133152

As with the standard version of I2P, you need to configure your proxy settings to be able to connect to it on your mobile device.

Depending on which device you have, these may be in a different area, but this tutorial explains it quite well. (With the exception that the Orweb browser is outdated.)

To sum up – you’ll need to configure your proxy settings to 127.0.0.1 (localhost), port 4444 (HTTP). After this is finished, open the I2P app again and hold down the button that says “Long press to start I2P.”

i2p_longpress

Once you’ve started I2P, the app has to find peers on the network. This should only take a few minutes at most (depending on your connection, of course).

Finally, go to the “addresses” tab. There should be some default I2P sites (eepsites) listed there. You can add others if you wish. Actually, on my device, there was only one eepsite listed by default.

If you tap on the name of one of the eepsites, it may ask you which app you want to use to open it. Obviously, the tried and true Firefox is good. You can also use Orfox, as I mentioned.

Also, if you tap the “tunnels” tab, you’ll see which client tunnels and/or server tunnels are running. By default, some of the ones that run are the I2P HTTP/HTTPS Proxy, Irc2p, and smtp.postman.i2p (simple mail transfer protocol):

i2p_tunnels

You can, of course, customize it by adding your own client tunnels or server tunnels using the red “plus” button in the lower righthand corner (maybe that could be a subject for a future blog post…yesssss….).

Interestingly, the tutorial I referenced above recommends Lightning Web Browser, because it’s open-source and built for privacy, speed, and efficiency. It can also send traffic through Tor or I2P, and can be set to use DuckDuckGo or StartPage as its standard search engines. So give that one a try. If you’re curious about the source code, it’s here: GitHub: Lightning Browser.

Now, as for some other eepsites you can try out, here are some suggestions (but I haven’t vetted all of these, so some may not work):

https://sochi.i2p

https://speedie.i2p

https://sponge.i2p

https://nightfort.i2p

https://planet.i2p

https://oniichan.i2p

I hope that’s enough to get you started. Anyhow, have fun. I2P may not seem as “creepy” as Tor, but I would like to get a few more people to try it out, and maybe build more of a community on the network.

Enjoy your visit, friends!

Red Room Response!

welcometothegame

by Ciphas

So, I received an interesting comment on one of my older posts today, specifically the one Red Rooms Finally Debunked Forever? The comment read as follows:

Are you crazy? Have you not even heard of the likes of people such as Peter Scully? People who have been put in jail for doing stuff EXACTLY like this?? What confuses you about these?? Just cuz it doesn’t fit under the perfect, stupid made-up “red room” criteria that a bunch of basement-dwelling, reddit and 4chan teen faggots created?? This stuff is very real.

Let me clarify something: in spite of the title of the post using the word “debunked,” I wasn’t necessarily saying that nothing like that exists. I was merely speculating about the possibility that it might or might not exist (which I’ve done a lot on this blog).

I am well aware of the case of Peter Scully and his torture/CP videos. I’m also aware of the case of Matthew David Graham (a.k.a. “Lux”), who ran the hurtcore sites “PedoEmpire,” “Hurt 2 The Core,” and “Love 2 the Core.” For more information about that case, read Deepdotweb: PedoEmpire’s “Lux”: Matthew David Graham Jailed for 15 Years.

nolimitsfun

Trust me – I know that there is sick shit on the dark web, and have even seen a few things that made me want to throw up or go hide underground. What I was trying to debunk was the idea of live murder in which the audience could participate.

As I’ve said in other posts, the Tor network, Freenet, and some other darknets tend to load pages so slowly that it would be near-impossible to live stream video over them.

If the definition of a red room is: “A web site on the dark web that shows the live torture and/or murder of a victim, and is one in which audience members can pay to participate,” then these networks would barely be able to support that because of latency.

On the other hand, one of the things which does exist on certain sites is that dedicated members have special access to hidden sections of the site. In the case of Mr. Graham, some of his sites allowed members with special privileges to direct and film their own CP videos, which they then would upload on the sites.

The notorious Peter Scully was one such member, and he eventually started his own production company called No Limits Fun, which would produce such videos. Apparently, he also offered pay-per-view streams of these videos. (In case you haven’t heard, people are now calling for the death penalty in his case; he hasn’t officially been sentenced yet.)

As horrific as this all may be, I don’t think the audience members could participate in the videos; they were previously recorded.

That being said, there might be something of this nature that still exists, but if there is, I haven’t found it.

I’m not denying that there are sick things or sick people on the internet, but I was merely trying to look at it from a rational point of view.

I have read stories from a few people who say that they’ve seen such things, but I don’t have enough evidence to confirm or deny these stories. One of the stories you can find here: My visits to the darkest sites on the deep web. (Make of that what you will; I don’t know if it’s true or not.)

I also talked to a writer on Quora who wrote about such an experience, but again, I can’t verify whether it’s true or not – it just seemed very genuine, so judge for yourself: What is the worst thing you’ve seen on the deep web? (And yes, I know they said “deep web” and not “dark web.” They meant “dark web.” Cut them a little slack.)

Finally – if you are someone who has personal experience viewing a red room, then I stand corrected. I was only speaking from my experience, and what I had read and learned about how most darknets work.

If you have seen this and have the guts to comment on it, feel free.

Freenet Frustrations: FMS, Sone, etc.

freenet_fms_setup

Good morning readers!  The reason I haven’t posted in almost a week is that I’ve been in the process of doing research on other aspects of Freenet, I2P and other networks that I haven’t explored much yet.

The other reason might be that I’ve had a little writer’s block, but that’s normal, right?

So, I’m working on setting up the Freenet Message System (FMS) (you need Freenet for this link), which I mentioned briefly in the post Alternatives to Tor: Freenet.  It’s been a little more challenging than I expected, because first I needed to install the proper software to be able to use the various FMS components.

Second, I needed to actually download the components of the program (O RLY?), which sounds simple, but this is where I had a tendency to get stuck.  The reason for this is that I would start the download process, and then my Freenet node would shut down in the middle of it; thus, I would need to start over again!  I felt exactly like this guy:

201412_0945_bbheh

Of course, I’ve had similar errors on the clearnet too, so that’s no reason to quit.  If you’re having any difficulty downloading and/or installing FMS, I did find an excellent tutorial that covers both Windows OS’s and Ubuntu: CryptNode.org – Freenet Setup FMS on Windows 7 and Ubuntu 10.10.

The video really does explain in plain English how to go about installing them – maybe I should give it another try too! If you are successful in downloading all of the components, then I would recommend The Unofficial Guide to FMS (You need Freenet for this link).  It does a great job of breaking down the various features of it.

Game of Sones

setup002

In addition to FMS, I’m also working at setting up Sone, which is the official Freenet social network.  Again, it doesn’t seem that hard, but my computer may begin giving me an attitude – I’m not sure.

Just to be nice, though, I thought I’d share this link with you: Freenet Social Networking Guide: Creating a microblogging account with Sone.   According to that, you must first create an identity with WebOfTrust (WOT) plugin, which is also designed to solve the problem of spam on the network.

weboftrust_instructions

Credit for this tutorial goes to my friend Arne Babenhauserheide; I’d like to share at least part of it here with you.

Step 1: Go to the Plugins menu under Configuration (on your node’s home page):

setup001

Step 2: Load the official WebOfTrust plugin:

setup002

Step 3: After plugin has finished downloading, you need to click on the ‘Own anonymous identities’ option on the Community menu.

setup003

Step 4: Freenet will generate a random name for your “new identity.”  Though you can refresh the page and get a new one, it’s recommended that you select the first one that shows up.  When you’ve found one that you like, click “Create.”

CAUTION: If you create multiple identities and only pick ones that you like, it creates a pattern that decreases anonymity.  (The same goes for any characteristic that might deanonymize you on Tor!)

There are more steps to the process, but the full guide, once again, is here: http://freesocial.draketo.de/wot_en.html.  Thanks Arne!!

I’m sure all this isn’t nearly as difficult as it appears to be, I’ve just been held up in the process by slow connections and all that.  Which is why I guarantee you there will be a sequel or two to this post!

Oinkageddon!

stop-im-one-of-you-pig

No, that was not a typo.  For newcomers to Freenet, I’ve said before that there is disturbing material on it, but if you find it, it’s basically because you’re looking for it!

The index called Linkageddon, as I’ve mentioned in previous posts, is simply a list of every Freenet site, whether it has offensive material or not.  I’ve come across some highly disturbing things there, but in my mind, it wasn’t cause for alarm.

Unfortunately, not everyone sees it the same way.  According to a 2015 post on Deepdotweb (Police Log IPs, Making Arrest By Planting Own Nodes in Freenet), law enforcement are monitoring Freenet in a similar manner to Tor, targeting certain people. It seems that they’re specifically looking for offenders who possess child porn downloaded through Freenet.

I’ve said this before, but – I’m definitely opposed to the production of child pornography. At the same time, I hate that its existence has become an excuse to shut down networks like Freenet, in which much of the material is perfectly legal.

So it’s kind of a Catch-22, isn’t it?  Well, hopefully Freenet stays up and running, in spite of some of the run-ins with law enforcement.

It’s called Freenet for a reason, after all!

P.S. Here are a couple of legal Freenet links, if you’re interested (as far as I know, there’s nothing disturbing on these):

USK@DXNTwIka7DbpxAa1-TGIkAYE3E3W0BBzfYEm5IIvIOo,TAe7a-w~nR6GzGUs64onIJshzMPzLZuW4-qbD5Vc674,AQACAAE/xkcd/410/

USK@lR9Sq56gUPH4uV6O9UCs-CifnRHCDWx0j~V2a6DwPgY,-ru5J7hDG1rXNGevraEkWVkxHMHohv9mZde5VT237Ec,AQACAAE/Death_for_Global_Warming_Deniers/0/

USK@NAKEVlN5CZ~nUlEnH4WUG8ANfvNZ-RuSUjRjfDHm2bA,R8kjg51bYWCJSwlwK5sOrHUjQ2gjHc7NhCVCWFJ4ncs,AQACAAE/HackZandCrackZ/3/

USK@GqiRYVB9AGvEnbhp3X~F3HDX-AYf60qzeqKgqc-8mvg,6KDbRU4K763XNW3f2XexjaxvRPv7LupK6pv~jEXrlJo,AQACAAE/alleykats_corner/14/