Who Is Selling My Data?


by Ciphas

While I know this blog is primarily about the “dark web,” I think it’s easy to forget that the purpose of the dark web is privacy and anonymity (not sick stuff).

As I’d mentioned in my earlier post Is Your Password on the Dark Web? Maybe., it’s easy to unknowingly have your data stolen and, in some cases, passed around the dark web.

By the same token, there’s a good chance that advertisers have also mined and sold your personal data – be that your name, address, phone number, or something else. This article from Lifehacker, though it came out in 2013, has a list of some of the major companies that may have sold your data: The Top 50 Companies That Mine And Sell Your Data (and How to Opt Out).

If you want to skip that, the actual list is here: Master List of Data Broker Opt-Out Links. Click on any one of the links on this list to opt out of having your data sold.


Of course, this is only one site, but it does seem to be very comprehensive, and covers a lot of the data broker sites. If you have time, I suggest going through each one and having your name removed, if necessary.

These are also good sites to take a look at, for the same reason:




Abine.com: How to Protect Your Data

Granted, if this sort of thing doesn’t matter to you, then don’t worry about it. The reason I mention it at all is that if you don’t want unscrupulous people to get hold of your personal information, it’s best to remove it, if at all possible.

I say this knowing that today is the social media age, where people constantly post selfies and videos of themselves doing who-knows-what, including pictures of themselves having sex. Which I would never do…really!

Anyhow, if this is something that concerns you, check these sites out. It may be creepy what you find.






NewPipe: A Decentralized YouTube and More

In truth, the purpose of the dark web is really anonymity (hence the word “dark”). Of course, with all of the sensational reporting about it, you wouldn’t think this is the case.

This is what has kept me interested in it, two years later. In the same vein, I’ve become fascinated with other decentralized apps as well.

Like many of you, I enjoy music and film, and of course I love watching YouTube. One of its downsides, of course, is that it has copious ads, and the number of ads seems to have increased as of late. This may be because YouTube is pushing for people to subscribe to their YouTube Red streaming service (and more recently, YouTube TV) – both of which are paid services.



If you can afford them, that’s great, but at the moment, that’s not an option for me, which is why I decided to check out NewPipe, a YouTube frontend that is intended to be used without the proprietary YouTube API or Google Play’s proprietary media services.

Essentially, it looks like a stripped-down version of YouTube, and can play the same videos, but without all the ads and tracking. Its interface looks like this:


In case you’re wondering – no, that’s not my screenshot, although I don’t mind some Die Antwoord once in awhile. Like YouTube, NewPipe has a search function at the top, as well as autosuggest.

Also, like YouTube, it allows you to subscribe to channels and make playlists. Plus, on NewPipe you can easily download videos, for which YouTube does not have a function. Previously, when I wanted to do that, I would install some external application (some of which turned out to be rather sketchy in retrospect).

I haven’t played around with it enough yet to see if it has any “secret” functions, but it doesn’t appear to.

On top of all that, NewPipe is open source, which YouTube isn’t. In terms of the whole privacy/safety debate, that gives NewPipe an edge over YouTube. Now, it’s still a fairly new app and I’m sure it has bugs, but as I always say, if you’re a developer, feel free to contribute your knowledge and expertise. Their GitHub repository is here: TemNewPipe/NewPipe.

This is not to say that I’ve quit YouTube altogether, but I have become aware that some of my apps are stalking me, and I wouldn’t having the option to look elsewhere.

Don’t believe me? See what happens next time you Google “sex toys” and then watch YouTube videos.

I guarantee you’ll see an ad for butt plugs – or something along those lines.




The Great Ad Block Battle!

So, recently a reader of mine asked, on my earlier post Privacy Tools: Ghostery vs. Adblock Plus, which was the best of these two. Plus, she wanted to know what the differences between each one were.

I thought this would be a good opportunity to do a comparison of not only those two extensions, but several others as well. While, in theory, all ad-blockers would do the same thing, this is definitely not true.

For example, Adblock Plus works by using “filter lists,” which are essentially a set of rules that tell it what to filter and what not to filter. Here’s one filter list that comes to mind: FilterLists.


If you visit the site, you’ll see specific examples of domains and types of ads that are blocked, such as banner ads, adult site ads, tracking by ad agencies, and malware domains. The downside to this is that it may end up slowing down your browser (which can happen with any ad blocker that you use).

Several of the other popular blockers also use filter lists to determine what domains to block as well.



Just to clarify, Ghostery is a company that has designed several different types of privacy software. The one in question, in this case, is the Ghostery Browser Extension. Ghostery, as opposed to AdBlock Plus, monitors the various webservers (in this case, trackers) that are being called by a given webpage, and gives you the option to block or allow any one of them.

It also gives you the option to “trust” or “restrict” any site that you use (or are directed to) on the web. The idea behind this, as you may have guessed, is to try to filter out malicious sites, and only allow ones that you accept.


In addition, if you wish, you have the option of mapping the trackers through Evidon, which I assume is an affiliate of theirs. This, however, is a paid service.

Other Privacy Extensions


AdBlock Plus and Ghostery are far from the only ad-blocking browser extensions available. Several other popular alternatives are uBlock Origin, Privacy Badger, and AdBlock Fast.

A few of these are a bit more complex than AdBlock Plus and Ghostery, but it all depends on what functions you need.

In the screenshot above, uBlock Origin is active, and its “element picker” function is being used, meaning that you can highlight specific parts of a webpage (for example, an ad) and analyze the actual code to see if there’s anything malicious to be concerned about.


When you select a certain element, if you believe it to be malevolent, you can permanently “remove” that element so that it won’t attack you in any way. This gives you far more control over which elements to block and which to leave alone, which probably appeals more to the tech-savvy crowd than an extension that does all of this automatically.

Privacy Badger, on the other hand, also blocks trackers, but does so in a more automated way. The extension tries to detect all the different trackers (or domains that are being linked to) on a page, and then determines whether or not they are tracking you in some way, as below:


If the sliders next to the domain names are colored green, this means that they appear not to be tracking you. However, if you think that they are, you can move the slider to yellow (which blocks cookies from that domain), or red (which blocks the domain altogether).

In addition, Privacy Badger gives you the option to “whitelist”different domain names that you trust, so that it knows not to block elements on that particular site:


One aspect of Privacy Badger that some may see as a disadvantage is its automated features, which may seem too “hands-off” for users who like to know what’s going on within the extension. It’s possible that P.B. may not catch all of the trackers on a page, or may miss other malicious elements.

On the other hand, it is a user-friendly way to block trackers on any webpage, and isn’t overly complicated.

Finally, there’s Adblock Fast, who describe themselves as “the world’s fastest ad blocker.”


One of the reasons for this is that AF uses far fewer filtering rules than most other ad blockers, and thus it is quicker to launch. Also, compared to the other ad blockers we’ve discussed, it’s extremely simple.

You merely have to click the extension to turn ad blocking on or off on a particular page. There’s no element selecting, domain whitelisting, or tracker lists. For those of you who like your technology simple and to the point, I would recommend Adblock Fast as your ad blocker.

On the downside, it gives you very little control over what and how it blocks, so as I said before, if you’re more hands-on, something like uBlock Origin might be your cup of tea.

Any of these can be helpful; it’s really just a matter of preference and comfort…sort of like coffee flavors.

Speaking of which…I could really use a cup right now.


‘Anonymous’ Proxy List?


I forget exactly where I found this link – I think it was either Electronic Frontier Foundation or Privacy Tools  – but it’s a list of supposedly anonymous proxy servers, generated by a set of particular search engine terms:

+”:8080″ +”:3128″ +”:80″ filetype:txt

This returns results for lists of proxy servers that use ports 8080, 3128, and 80, which are apparently more anonymous than average proxies.

You’ll get different results if you use different search engines, too:

qwant.com: proxy list

Blackle.com: proxy list

For the curious, here are some of the actual results that you might get as well:

rebro.weebly.com: proxy list

Proxy Spider: short proxy list

kan339: proxy list

lategoodies.tripod.com: proxy list

h3furnitureoutlet: proxy list (yeah, a furniture outlet has a proxy list)

proxy IP list: anonymous

jobabroad.sweb.cz: proxy list

playinator.com: proxy list

Even so, as I mentioned in a few earlier posts, this all depends on whether you trust proxies at all. Which is why I haven’t used any of these, personally.

It’s similar to using a VPN in combination with Tor. Are you really anonymous when doing this? That depends on whether or not you trust your VPN provider! By the same token, it’s very risky to use certain proxies, unless you know what data the proxy server is collecting about you. Never mind the fact that .txt documents can contain malware (just as some PDFs on Tor do). Read Should You Trust Any Proxy? to find out a little more.

Regardless, it’s an interesting experiment to try Googling this, even if you don’t decide to use the proxy services themselves. Most of the sites look like this:


While the idea of “anonymous proxy server” sounds great, in theory, they could be just like malicious Tor exit nodes – intending to steal data or worse.

So yes, these proxies exist. Should you use them? That’s up to you.

Call me paranoid, but personally, I wouldn’t.


Darkfox: Access the Dark Web with Ease!


NOTE: Darkfox will not help you access .clos, .rdos, .lll, or .loky domains. Those don’t exist!! It will help you access .onion, .I2P, and URIs.

by Ciphas

This may sound like an infomercial, but I swear it’s not.

Those of you who use darknets, in particular Tor, I2P, and Freenet, might have noticed that it can sometimes be inconvenient to have to run each one in a separate browser, or at least have to launch the programs separately.

Well, I found a program that makes it simpler to connect to any of these three networks with a simple command: it’s called Darkfox Launcher.

Its advantage is that it lets you access Tor, I2P, or Freenet without having to change your configurations every time. Plus, it’s very simple to use.

The GitHub page goes into a little more detail, but one of the most important questions it answers is: “How does Darkfox Launcher work?”

Here’s the answer: “Darkfox Launcher works by first changing the default profile of the Firefox Portable software and with that, changing the default network configuration. Once this phase is done, Darkfox will proceed by launching the Darknet proxy software to make the connection to the Darknet chosen by the user. When completed, Firefox Portable will boot to the default startpage of that specific Darknet.”

Darkfox is also a convenient way of quickly accessing one of these networks if, say, you need to contact someone through the network and don’t want to go through the process of installing, for example, I2P.

Included in its software package are these things: Firefox Portable Edition, and the proxy software from the Tor Project, the Invisible Internet Project (I2P), and the Freenet Project. If you’re unfamiliar with each of these, it might help to check them out individually first!

So what’s my opinion? I’ve been using it for a little while now, and while it does have a few bugs, I love it. (Besides, what software doesn’t have bugs, especially in the early stages?)

And you may have noticed that, since it’s on GitHub, Darkfox Launcher is also open source. To that end, if you want to fork it and contribute to the code, feel free.

Now, its downside is that it isn’t as secure as the actual Tor browser. So, if you’re doing some kind of hardcore whistleblowing, or engaging in illicit activities, I don’t recommend Darkfox for you. It’s still a work-in-progress, though, so future versions will probably have improved security features.

On a side note, this may just be nostalgia, but its UI reminds me of both the DOS command prompt and the Bash Unix shell. *Nerding out*

While it may not be about bells and whistles, I think Darkfox Launcher accomplishes its purpose well. For more information about it, check out the Darkfox Read Me: https://github.com/blacklight447/Darkfox-Launcher/blob/master/README.md.

If that’s not enough, take a look at its source code here: https://github.com/blacklight447/Darkfox-Launcher/blob/master/darkfox%20code


Who knows? Perhaps in the future, it will have the ability to launch Tor and do your taxes.

How to Access the Dark Web with I2P!


What?  You mean there’s another way to access the dark web?  YES!

I’ve said this before, but it bears repeating – Tor is not the only way to access the so-called “dark web,” but it seems to be the most popular at the moment.  In fact, there are many ways to do so.  Oddly enough, many of the trending articles that discuss the dark web act as if Tor is the only way to reach it.

“Dark web” is essentially a metaphor for all the sites built on top of encrypted networks that require special software, configurations or permissions to access.  I must clarify this, however – Tor, I2P, and Freenet are completely separate networks.

On previous posts I’ve mentioned Freenet, but there are other options too, and I2P is one of them.  The reason that it probably doesn’t have the same reputation as Tor, or even Freenet for that matter, is that it’s a bit more complex to learn and use.  (At least that’s my guess).

So, downloading I2P is the easy part; just go to Download – I2P and install it!  The site offers packages for the following OS’s:

  • Windows
  • Mac OS X
  • GNU/Linux/BSD/Solaris
  • Debian/Ubuntu
  • Android

The tricky part, as you may have guessed, is the post-install work!  Courtesy of their homepage, I’ll offer the steps:


After running the installer on Windows, simply click on the “Start I2P” button which will bring up the router console, which has further instructions.

On Unix-like systems, I2P can be started as a service using the “i2prouter” script, located in the directory you selected for I2P. Changing to that directory in a console and issuing “sh i2prouter status” should tell you the router’s status. The arguments “start”, “stop” and “restart” control the service. The router console can be accessed at its usual location. For users on OpenSolaris and other systems for which the wrapper (i2psvc) is not supported, start the router with “sh runplain.sh” instead.

When installing for the first time, please remember to adjust your NAT/firewall if you can, bearing in mind the Internet-facing ports I2P uses, described here among other ports. If you have successfully opened your port to inbound TCP, also enable inbound TCP on the configuration page.

Also, please review and adjust the bandwidth settings on the configuration page, as the default settings of 96 KBps down / 40 KBps up are fairly slow.

If you want to reach eepsites via your browser, have a look on the browser proxy setup page for an easy howto.

Did that read like a foreign language to you?  Congratulations!  It did to me too, at first.  It may make more sense once you actually get into the process of setting it up…or not.

At first, I’ll admit I was somewhat intimidated by I2P, given that you couldn’t just install it and run it without a lot of configuration and forehand knowledge, but now that I’m more educated in that area, it’s kind of fun (believe it or not).  Or maybe it’s because I’m a nerd, I don’t know…


If you find the homepage’s instructions a bit too technical, there are a number of other sites that “translate” the setup tutorial into a simple guide. Deepdotweb featured one of these guides in this post: Full guide: How to access I2P Sites & Use TheMarketplace.i2p

The Tin Hat also offers a great tutorial here: How To Use I2P | I2P Tutorial & Setup Guide.  Plus, they explain how the network works in layman’s terms!


Screenshot credit: thetinhat.com

Once you have the network up and running and you open it in a browser (e.g. Firefox), you should see a page like this:


Credit: 2009 Wikimedia Commons

As it says, that’s the I2P Router Console, and from that page you can configure just about everything about your connection, how much bandwidth you’re using, and what IP address your “identity” appears to be (not unlike Tor, actually)!

Let the Right One In


I had to include at least one creepy image.

Now, I have to confess that the part where I got held up was when I tried to access actual I2P sites (known as “eepsites”).  I knew I was connected to the network, so that wasn’t the problem.

According to the official I2P FAQ, under the question explaining what eepsites are:

An eepsite is a website that is hosted anonymously – you can access it by setting your web browser’s HTTP proxy to use the web proxy (typically it listens on localhost port 4444), and browsing to the site.

I did this, but I was still unable to access a number of the eepsites (or at least the featured ones on the router console).  Therefore, my thought was that the sites themselves were down.

Either that, or my firewall settings were preventing me from accessing the sites – I plan on modifying those and giving this another try.  Of note: eepsites also tend to go down often (not unlike .onion sites), so that could also be the problem.

But Wait…There’s More!


Like its darknet cousin Freenet, I2P offers several main features:

Email/Messaging: I2P has a few different messaging services.  The main ones are a built-in email application and I2P-Bote, a secure messaging platform somewhat akin to Freenet’s FMS (Freenet Messaging System) application.

I2P-Bote is a P2P email service; there is no central server that stores your personal data. Email messages are stored in encrypted form on the computers of other I2P-Bote users, which is how it differs in its structure from standard email services.  No one with the ability to read your emails actually stores them on their servers.

If you check out the link above, it breaks down many of the security features of I2P-Bote, including its encryption method(s), and anonymity components.

I2P-Bote, as opposed to standard email services like Gmail or Outlook, uses cryptographic keys as destinations (i.e. randomly generated numbers and letters.)


This end-to-end encryption is the default with I2P-Bote.  Beyond that, I2P-Bote also sanitizes email headers, taking out any unimportant information, and encrypts what’s left (e.g. the subject line).

I don’t know about you folks, but I find that very reassuring!

IRC (Internet Relay Chat): Some of you are probably already familiar with IRC – it’s been around since the internet’s early days (1988, believe it or not)!  The difference with I2P is that it has an IRC service that allows users to chat anonymously.  Similar services exist on Tor, by the way.  I have yet to use the chat service, but I plan on doing so in the future (and perhaps writing a separate post about it).  According to The Tin Hat’s how-to guide:

“Often controversial topics are talked about in these channels, but nobody is afraid of offering what may be a very valid, but unpopular opinion, pushing you to explore new ideas from new perspectives.”

And I can’t help but be reminded of an episode of Numbers while reading that line where they said this:


Uhh…no it isn’t.  But I digress.  If you do end up using I2P’s IRC, The Tin Hat recommends the chat rooms #salt and #i2p-chat, which you can connect to by setting your IRC client (such as X-Chat) to on port 6668.  If you already have experience with this, feel free to give me some feedback on how it went!

Torrents: Oh my God, you can torrent over I2P?  Yes – in fact, some would say that gives it an advantage over Tor, which strongly advises against torrenting over their network.

I2P offers The Postman Tracker and I2PSnark.  The former is a lot like The Pirate Bay, and the latter is very similar to µTorrent.  Again, I have yet to try out this feature, but according to my research, the torrenting feature only provides more cover-traffic, which actually improves your anonymity (as opposed to Tor)!

I2P also gives the user an advantage in that they can use it as a proxy for clearnet torrents, like BitTorrent or µTorrent.  That way you’re less likely to get some ominous letter from the RIAA, or have others users spying on your torrents.  It’s not 100% foolproof, but I’d say it’s smarter.  

Beyond that, there is an I2P plugin for the Vuze torrent client called I2P Helper; if you intend to use I2P primarily for torrenting, then it works very well in this context.  I2P Helper allows you to download torrents from both the clearnet and the dark web simultaneously.  To boot, you can configure Vuze to use I2P by itself, or an already running external I2P router.

One of the positive things about using I2P for torrenting is that there is very little child pornography or other questionable material on the torrent trackers (despite claims to the contrary).  Rather, there are quite a few sci-fi books, programming books, leaked government documents, movies, and music.

Its downside, however, is speed, which on average is about 30KBps (compared to roughly 1-2 MB/s on most other torrenting sites).  The trade-off, of course, is the anonymity factor.  You’re much less likely to get discovered and sued by angry record labels and movie studios if you’re using I2P, as opposed to their “cousins” on the clearnet.  So the choice is yours.

Give Me Links!  Give Me Links!


All right, you asked for it!  I haven’t vetted any of these links, so enter at your own risk. These links are courtesy of DCJTech.info: DarkWeb Link List.  I have to admit, they’re much easier to remember than most .onion addresses, aren’t they?

Directory (I2P)

File-Sharing and Torrents



Miscellaneous I2P Sites


Search Engines (I2P)

Shopping (I2P)


Is that enough links to get you started?  Well, I hope you have fun checking them out.

As for me,  I do hope to explore I2P more in the near future; it seems perfectly suited to nerds like me!

With that…it’s off to the darknet again…







Can You Access Tor on iOS Devices?

As M. Bison would say:


Thus far on my articles, I’ve mainly talked about Android devices, so maybe I’m showing a little bias.

The answer, of course, is yes! What I don’t know for certain is how good the various iOS apps are, but I can at least share some of the available offerings.

The three most popular apps available from the iTunes Store (at the moment) are called Onion Browser (by Mike Tigas), Red Onion (by Omar Mody), and VPN Browser, (by Art Fusion).

That’s Just, Like…Your Opinion, Man


So, all three of these Tor-powered apps have high ratings on the iTunes Store itself, but those can be misleading – after all, the developers could’ve written them, right?

Since I don’t have a lot of personal experience using these apps, I turned to the community to see what they thought.  The site iPhone.informer features reviews of all kinds of different apps.

Even on there, Red Onion seems to have overwhelmingly positive reviews.  Onion Browser, on the other hand, received mixed reviews.  (Many users complained that it crashes frequently, which is also a problem with the desktop version).

As for the VPN Browser, it also has mainly positive reviews, with the exception of one, who said, “Every time I try to watch a video the app crashes.”  I almost never watch videos on Tor anyway, so that doesn’t concern me!

Internet Is Leaking!

What I’ve heard through the grapevine, on articles like The problem behind mobile Tor browsers’ IP disclosure, is that all three of these apps do work well in terms of being user-friendly, but on the downside, I’ve also heard that they have a serious problem with IP leakage (which would defeat the purpose of using them!).

On the plus side, the developers have apparently fixed these errors in more recent versions of Onion Browser and Red Onion.

mobile browsers' IP disclosure

Screenshot: courtesy of xordern.net

Actually, an update to the above post says that the HTML5 multimedia leak and download-related leaks were fixed in later versions – hopefully that’s no longer a problem.

One of the ways in which IP addresses are leaked on mobile devices is via external HTML5 canvas image data, which is essentially what I was referring to in the May I Have Your Browser Fingerprint? post.

The current version of Tor (or the desktop version, at least) now warns you if a URL attempts to do this (Tor users are probably familiar with this message):

Screen Shot 2014-10-24 at 14.27.28.png

Even if the leak problem is “fixed,” I would still be cautious about using some of these mobile apps to access the Tor network.  There are other methods that can be used to deanonymize users, and the very act of using Tor raises suspicion…

Aww, but I was just looking at pictures of cute cats!! Anyhow, it seems that at the moment, no version of Tor is 100% anonymous, but if you’re careful enough, it may not matter.

Just don’t ask about buying any nuclear missiles, OK?  (I’m serious about that.)