Investigating Translate Gate

This is obviously not dark web-related, but from time to time, I like to switch it up. Those of you who frequent 4chan or watch Nightmare Expo may have heard of a phenomenon called #translategate, in which Google Translate gives some very strange responses if you enter things in a certain way.

translategate1

The video in question aired on Dec. 20, 2017 (and part of its source material was a video by Elder’s Vault called The Somalian Google Translate Mystery #TranslateGate). So it’s been awhile, but I hadn’t yet investigated this phenomenon myself.

nightmareexpo_google.png

Essentially, if you set Google Translate to “Somali,” and then enter two-character bits of text, including English words broken up into two character fragments, you’ll not only get some odd (and creepy) translations, but the A.I. seems to be unintentionally revealing bits of personal information that belong to people using services connected to their Google accounts (like Disqus).

disqus

I experimented with this yesterday, and the glitch hasn’t been fixed – it’s in full form.

For instance, I typed in things like “li li li li li li li li li,” and “le le le le le le le,” and all kinds of strange “translations” came up as results. In fact, some of them definitely weren’t translations at all. They appeared to be (as I said above) pieces of information from other Google services…

I like creepy stuff as much as the next guy (in case you couldn’t tell), but this could also be a potential breach of privacy, particularly if the “glitch” is revealing someone’s information. Let’s experiment, shall we?

Just now, I typed in “li li li li li li li” and “le le le le le” many times, and some of the results included the following:

“beposest in the world of such as such as in the world of such as in the world, such as in the world, such as to the world, such as in the world, such as to the sum of the sum of, the sum of the sum of, the sum of the sum, the sum of the sum, the sum of the sum, the sum of the sum, the sum of the sum, the sum of the sum.”

“far as you are, you will not be surprised if you are just like you are, or just like all those who are just like us. If you are just like us?”

“About Contact us we have said that’s a long way Which is a great deal! Find a post office eg weeg tool About our:”

“What are you looking for? It is also important for you to be able to enjoy the luxury of fresh fruits and vegetables, such as l”

“oo ansere wei im Zeitung: Waxayaal kuntikareysaa oo is dul saaran qoob ka ciyaarka Arooska oo la yidhaa”

The responses I highlighted in red seem the most peculiar. For instance, the “About Contact us” one seems to be text from a website, doesn’t it? As for the one above, it’s in Somali, which is strange because I had selected “English” as the language to translate to.

Some of the creepiest translations (which Nightmare Expo mentions) appear when the translate bot interprets your input as “Filipino”; they almost sound like subliminal messages (and this wasn’t the only one):

translategate3

So what do I make of all this? I’m not exactly sure what’s going on, but part of the issue seems to be related to machine learning (which Nightmare Expo mentions in the video). The Translate bot has a database of learned translations and responses, which it often pulls translations from.

It may be that when it’s attempting to pull information from the database, it’s accidentally retrieving information from other databases instead. That’s just a guess.

Anyhow, what creepy responses have you gotten from Google Translate?

Let me know in the comments…

P.S. What’s the translation of “do u know de way?” (I couldn’t resist.)

unnamed (1)

 

Advertisements

OpenNIC Project: DNS Neutrality!

Lately, the subject of internet censorship has been on my mind a lot, and that shouldn’t be surprising, given this whole net neutrality debate.

So, I was intrigued when a friend introduced me to OpenNIC, which aims to be an alternative, decentralized DNS root.

openNIC

OpenNIC is a user-owned and controlled top-level network information center (NIC). Its intention is to offer an alternative to established top-level domain (TLD) registries, like ICANN. The list of servers can be found here: OpenNIC Public Servers

The idea behind it, in a nutshell, is like a decentralized internet, somewhat like ZeroNet or Freenet, although OpenNIC hasn’t quite been developed to that point yet. I’m sure if you get into the technical details, they’re quite different – it’s the “decentralized” concept that they have in common.

Actually, this may interest some of you – I know how people like to access unusual TLD names that aren’t part of the usual registry. Well, you can do that with OpenNIC! Among the top-level domains available through OpenNIC are: .bbs, .chan, .cyb, .dyn, .geek, and .pirate. Just those domain names alone make me want to explore this further!

Here’s a list of the current TLDs available on OpenNIC (see OpenNIC – Wikipedia for more info):

Top Level Domain Names on OpenNIC

Name Intended Use
.bbs Bulletin Board System Servers.
.chan Imageboards and related communities (like 4chan).
.cyb Cyberpunk-related content.
.free Organizations that support non-commercial use of free internet.
.geek Geeky and nerdy stuff.
.gopher Content delivery using the gopher protocol.
.indy Indy media and arts-related sites.
.libre Similar to .free.
.neo General purpose (might include Keanu Reeves – whoa).
.pirate Internet freedom and sharing.

…and a few others, which are listed on the Wikipedia article. If you’re interested in discovering some of these sites, check out their search engine grep.geek; at the moment, you could say it’s the “OpenNIC Google.”

grepgeek

Now, like Tor, it may be hard to navigate at first, but that’s part of the fun I’m having with it, personally – just exploring. I have noticed that, as on Tor, a lot of the sites go down frequently, but that doesn’t really bother me anymore. So, let me guess – you’re wondering if there are any “disturbing” links on it?

I’ve come across very few so far, but if I find others, I’ll let you know. There was an interesting site called url.oz, which featured the art of Alex Milea:

urloz.png

Would you consider that disturbing? There was also a site for an organization called Nationalist Front, which is a white supremacy (or is it “alt-right”?) group.

nationalist_front

That didn’t surprise me all that much, because there are similar sites on Tor, Freenet, etc., that I’ve come across. Complain all you want, but I’m not linking to that one – it’s easy to find if you join the network.

One other site that I found interesting was called Anarplex, which is at shadowlife.bit. It’s a site involving “crypto-tribes, phyles, crypto-anarchy, [and] agorism.” I had been on their onion site (y5fmhyqdr6r7ddws.onion) before as well, and it had always intrigued me.

anarplex_edited

Anyway, as I’m fond of saying, disturbing sites aren’t really the point, and they never were. As with Tor and the other networks, the idea behind OpenNIC is to have an independent “internet” that isn’t controlled by ISPs and large corporations.

Oddly, all the people who are obsessed with things like “Marianas Web” might want to check this out – it’s kind of the same idea, being that it’s not part of “the internet” and is run independently.

Questions? Comments? Feel free to ask.

P.S. Here are a few more OpenNIC links for you to explore:

bortzmeyer.bit

shadowlife.bit

weblionx.geek

vedge.bit/hw/marconi

ogness.bit/og/stats/verbraucherpreisindex/

Beware, Maltego Will Find You!

by Ciphas

deep-web-1292333_960_720

A friend of mine recently introduced me to a program called Maltego, made by the South African security company Paterva – and if you use it, it may frighten you. It’s actually been around for a few years, but I only started using it this week.

If it sounds unfamiliar, Maltego is a data mining and pentesting tool that finds relationships between information found on different internet sources. Its “map” of data looks exactly like this:

maltego_graph_censored

So yeah, I’m sort of telling you about the “real me” here. Each dot on that graph represents places online that Maltego connected to you in one way or another. This may be via your email address, IP address or via an “alias” that you used in more than one place. As an example, if you use the username “aisettagess” on more than one website or service, it will find that!

Interestingly, some of the data that it found out about me was via Have I been pwned?, which I mentioned in an earlier post. Likely what happened was that the pwned site scanned for data on numerous sites, and then kept some of that information, so it was available to Maltego. If you consider using that site, keep in mind that it will probably log some data about you, unless you request otherwise.

Just so that I don’t dox a real person, let’s create a fictitious online user with Fake Name Generator.

David A. Bass
879 Burning Memory Lane
Tullytown, PA 19007

Mother’s maiden name: Scott
SSN: 192-42-XXXX

Email address: ftjaqxpl@sharklasers.com (thanks, GuerrillaMail!)

You get the idea. So, using Mr. Bass’ info there, let’s have Maltego gather data on him. It figures out what web servers he’s using, what top level domains he uses, what email servers he sends messages from, etc.

After gathering all this data, it combines it all into a graph like the one above, to get a complete picture. It also has a command line tool, but for the purpose of this post, I’m using the GUI version.

If you click on the green dots on your graph, it will show you the information tied to your various online aliases. Let’s say Mr. Bass there uses the following usernames: PennMan988, AllAboutThatBass859, and DBass1. And let’s say he has these email addresses: ftjaqxpl@sharklasers.com (the one above), and dbass345@guerrillamail.com.

Maltego will find any social media profiles or sites on which David used those email addresses – made even easier if he filled out his real name on the site. The graph illustrates using this key:

maltego_graph_key

Plus, based on information available online, it may figure out your relatives, employment history, average annual income, phone numbers, and even location. By the way, if you want more technical information about Maltego, Concise Courses did a great writeup on it – I suggest you check this out.

So why is this useful? Well, as I’d said in some other recent posts, if any of this information isn’t the kind of thing that you want to be available online, then you can now do something about it.

If you want to delete your profiles (or at least certain information) from any of these websites, take the opportunity and do it.

And for the future, consider what kind of information you’re putting out there before you do so.

Think of that next time you consider posting a nude selfie on Tumblr.

 

 

Who Is Selling My Data?

Lg_where-does-cc-data-go-stolen

by Ciphas

While I know this blog is primarily about the “dark web,” I think it’s easy to forget that the purpose of the dark web is privacy and anonymity (not sick stuff).

As I’d mentioned in my earlier post Is Your Password on the Dark Web? Maybe., it’s easy to unknowingly have your data stolen and, in some cases, passed around the dark web.

By the same token, there’s a good chance that advertisers have also mined and sold your personal data – be that your name, address, phone number, or something else. This article from Lifehacker, though it came out in 2013, has a list of some of the major companies that may have sold your data: The Top 50 Companies That Mine And Sell Your Data (and How to Opt Out).

If you want to skip that, the actual list is here: Master List of Data Broker Opt-Out Links. Click on any one of the links on this list to opt out of having your data sold.

opt_out_list

Of course, this is only one site, but it does seem to be very comprehensive, and covers a lot of the data broker sites. If you have time, I suggest going through each one and having your name removed, if necessary.

These are also good sites to take a look at, for the same reason:

CheckPeople.com

Pipl.com

Spokeo.com

Abine.com: How to Protect Your Data

Granted, if this sort of thing doesn’t matter to you, then don’t worry about it. The reason I mention it at all is that if you don’t want unscrupulous people to get hold of your personal information, it’s best to remove it, if at all possible.

I say this knowing that today is the social media age, where people constantly post selfies and videos of themselves doing who-knows-what, including pictures of themselves having sex. Which I would never do…really!

Anyhow, if this is something that concerns you, check these sites out. It may be creepy what you find.

peephole

 

 

 

Can You Access .Onion Sites Without Tor Browser?

by Ciphas

(Note: Thanks to Ben Tasker’s Security Blog and traudt.xyz for being references.)

Can you access .onion sites without the Tor Browser? Short answer? Yes, you can – but I don’t recommend it…I cannot stress this enough.

I’ve mentioned Tor2web proxies in a few previous posts, but didn’t elaborate on it much. onionto

In their own words, “Tor2web is a project to let Internet users access Tor Onion Services without using Tor Browser.” Tor2web and Web2Tor are reverse proxies which allow clearnet users (such as someone using Chrome, Firefox, etc.) to access Tor hidden services.

reverse_proxy

The proxy listens on port 80 (or sometimes 443) on a clearnet server, and then proxies requests to the Tor hidden service.

If you’re unfamiliar with proxy servers, Indiana University gives a great definition of one: What is a proxy server?  (Psst…I talked about this a little in my earlier post ‘Anonymous’ Proxy List?)

The example they use to illustrate on Tor2web.org is that when you see an onion URL, for example, http://pbfcec3cneb4c422.onion/, if you add “.to,” “.link,” “.cab,” etc. to the end of the URL (e.g. http://pbfcec3cneb4c422.onion.to), and that proxy will connect you to the onion service. Great, right?

Well, no – not great. In spite of its convenience, the problem with using these proxies is that whomever is operating the Tor2web proxy can spy on your web traffic. While this may not sound like a bad thing, if said proxy operator has malicious intent, then you (the user) are basically a sitting duck. Plus, if the point of Tor is being anonymous, and someone can detect your web traffic that defeats the whole purpose!

In fact, even onion.cab themselves – the proxy service, that is – warns users when they first try to access a site this way:

onion

If this doesn’t sound bad, then it should be noted that not only can the operator see your web traffic, but they can also modify it and inject code if they so desire.

Ben Tasker Security Blog has an excellent post about this called Don’t Use Web2Tor/Tor2web (especially Onion.cab) – the example he gives is that some Web2Tor services “have some pretty bad habits, including playing fast and loose with your privacy.”

If you visit  https://6zdgh5a5e6zpchdz.onion, but do so through onion.cab instead of through Tor, the proxy service injects piwik analytics code into the page, which looks something like this:

piwik_tracking

So why should you care? Well, the proxy service who injected the code now knows that your IP address accessed said onion service at a specific time. In addition, they’re also executing code on your browser that the operator of the original site is unaware of.

Within the code, some of the information that it can discover about you is:

  • The title of the page you’re viewing
  • An ID for the site
  • The time that you made the request
  • The exact URL you were looking at
  • The page that sent you to that URL
  • Details of which plugins you have installed
  • Whether cookies are enabled
  • Your screen resolution
  • A unique ID for you

Alternately, this third party operator can inject code into the site that may track you across hidden services – that is, if you’re using the onion.cab proxy.

You can even contract malware via some Tor2web proxies – read this article by Virus Bulletin – Vawtrak uses Tor2web to connect to Tor hidden C&C servers. Granted, this article is over two years old, but it can still give you an idea of what might happen if you rely on these proxies.

Thus, if your concern is privacy, it should be obvious why you don’t want to give this information away. The same goes for any proxy, really, but again, if you’re using Tor for anonymity, then accessing so-called “hidden services” via the clearnet is pointless.

I know that a lot of people who explore the “dark web” for fun just say, “Give me links!” But if you want to explore those links, do so in the right way – use the Tor Browser (from https://www.torproject.org/), and don’t try to do so via the clearnet.

There’s a reason it’s called the “dark web,” after all.

creepy_eyes

Should You Use a VPN with Tor? (Well, No.)

vpn-graphic-100022486-orig

This seems to be a very frequently asked question, and on many sites, people will tell you that you should use a VPN with Tor, for “extra protection.”

Based on my research, however, I disagree – and this seems to be an unpopular opinion. One reference I’d like to cite is a blog post by Matt Traudt, a.k.a. system33-, who is someone I respect with regard to Tor. The post in question is VPN + Tor: Not Necessarily a Net Gain.

One of the points he brings up here is the following:

Tor is trustless, a VPN is trusted. Users don’t have to trust every Tor relay that they use in order to stay safe with Tor. As long as the right ones aren’t compromised, working together, or otherwise malicious, the user stays protected.

This is the main problem with insisting on combining Tor and a VPN. VPNs can keep logs of your activity online (though some claim not to), whereas Tor does not.

However, using a VPN can hide your Tor usage from your ISP, especially if said ISP is suspicious of Tor.

The Tin Hat, on their post Tor And VPN – Using Both for Added Security, also makes the point that “Where this setup fails is at hiding your traffic from a malicious Tor exit node. Because the traffic goes through the VPN, and then to the Tor network, exit nodes can still watch your traffic unencrypted.”

My preference, personally, is to use a Linux distribution with Tor, like Tails or Qubes, or for the more advanced, Arch Linux or Manjaro Linux. These, of course, take time to learn and won’t do everything for you, but they are designed for security. While this doesn’t mean they are vulnerability-free, they can improve your protection, particularly if you understand their ins and outs.

Don’t get me wrong – Unix-like OS’s are not invincible – see Sophos: Don’t believe these four myths about Linux security, but depending on the situation, it’s preferable to using an OS like Windows.

Oddly enough, I haven’t “contracted” any malware via the dark web – at least not to my knowledge. This has happened more often on the clearnet, ironically. Maybe it’s because I don’t download mysterious files or install programs that I find randomly on networks like Tor.

I’m paranoid that way.

What about you, readers? What OS’s do you prefer to use (specifically in combination with Tor, I2P, Freenet, etc.)?

In the meantime, enjoy your dark web adventures, my friends – and please research any VPN or other “privacy” software before trusting it blindly.

16199cffb76fff8c74ad6dd8eac6afab

 

‘Anonymous’ Proxy List?

SPIDERMANLUCK.png

I forget exactly where I found this link – I think it was either Electronic Frontier Foundation or Privacy Tools  – but it’s a list of supposedly anonymous proxy servers, generated by a set of particular search engine terms:

+”:8080″ +”:3128″ +”:80″ filetype:txt

This returns results for lists of proxy servers that use ports 8080, 3128, and 80, which are apparently more anonymous than average proxies.

You’ll get different results if you use different search engines, too:

qwant.com: proxy list

Blackle.com: proxy list

For the curious, here are some of the actual results that you might get as well:

rebro.weebly.com: proxy list

Proxy Spider: short proxy list

kan339: proxy list

lategoodies.tripod.com: proxy list

h3furnitureoutlet: proxy list (yeah, a furniture outlet has a proxy list)

proxy IP list: anonymous

jobabroad.sweb.cz: proxy list

playinator.com: proxy list

Even so, as I mentioned in a few earlier posts, this all depends on whether you trust proxies at all. Which is why I haven’t used any of these, personally.

It’s similar to using a VPN in combination with Tor. Are you really anonymous when doing this? That depends on whether or not you trust your VPN provider! By the same token, it’s very risky to use certain proxies, unless you know what data the proxy server is collecting about you. Never mind the fact that .txt documents can contain malware (just as some PDFs on Tor do). Read Should You Trust Any Proxy? to find out a little more.

Regardless, it’s an interesting experiment to try Googling this, even if you don’t decide to use the proxy services themselves. Most of the sites look like this:

anonymous_proxy

While the idea of “anonymous proxy server” sounds great, in theory, they could be just like malicious Tor exit nodes – intending to steal data or worse.

So yes, these proxies exist. Should you use them? That’s up to you.

Call me paranoid, but personally, I wouldn’t.