How to Access the Dark Web with I2P!

use-i2p-host-and-share-your-secret-goods-dark-web-anonymously.w654

What?  You mean there’s another way to access the dark web?  YES!

I’ve said this before, but it bears repeating – Tor is not the only way to access the so-called “dark web,” but it seems to be the most popular at the moment.  In fact, there are many ways to do so.  Oddly enough, many of the trending articles that discuss the dark web act as if Tor is the only way to reach it.

“Dark web” is essentially a metaphor for all the sites built on top of encrypted networks that require special software, configurations or permissions to access.  I must clarify this, however – Tor, I2P, and Freenet are completely separate networks.

On previous posts I’ve mentioned Freenet, but there are other options too, and I2P is one of them.  The reason that it probably doesn’t have the same reputation as Tor, or even Freenet for that matter, is that it’s a bit more complex to learn and use.  (At least that’s my guess).

So, downloading I2P is the easy part; just go to Download – I2P and install it!  The site offers packages for the following OS’s:

  • Windows
  • Mac OS X
  • GNU/Linux/BSD/Solaris
  • Debian/Ubuntu
  • Android

The tricky part, as you may have guessed, is the post-install work!  Courtesy of their homepage, I’ll offer the steps:

I2P_post-install-work

After running the installer on Windows, simply click on the “Start I2P” button which will bring up the router console, which has further instructions.

On Unix-like systems, I2P can be started as a service using the “i2prouter” script, located in the directory you selected for I2P. Changing to that directory in a console and issuing “sh i2prouter status” should tell you the router’s status. The arguments “start”, “stop” and “restart” control the service. The router console can be accessed at its usual location. For users on OpenSolaris and other systems for which the wrapper (i2psvc) is not supported, start the router with “sh runplain.sh” instead.

When installing for the first time, please remember to adjust your NAT/firewall if you can, bearing in mind the Internet-facing ports I2P uses, described here among other ports. If you have successfully opened your port to inbound TCP, also enable inbound TCP on the configuration page.

Also, please review and adjust the bandwidth settings on the configuration page, as the default settings of 96 KBps down / 40 KBps up are fairly slow.

If you want to reach eepsites via your browser, have a look on the browser proxy setup page for an easy howto.

Did that read like a foreign language to you?  Congratulations!  It did to me too, at first.  It may make more sense once you actually get into the process of setting it up…or not.

At first, I’ll admit I was somewhat intimidated by I2P, given that you couldn’t just install it and run it without a lot of configuration and forehand knowledge, but now that I’m more educated in that area, it’s kind of fun (believe it or not).  Or maybe it’s because I’m a nerd, I don’t know…

d4f20041254a0727ddce7cb81be9e68c

If you find the homepage’s instructions a bit too technical, there are a number of other sites that “translate” the setup tutorial into a simple guide. Deepdotweb featured one of these guides in this post: Full guide: How to access I2P Sites & Use TheMarketplace.i2p

The Tin Hat also offers a great tutorial here: How To Use I2P | I2P Tutorial & Setup Guide.  Plus, they explain how the network works in layman’s terms!

the_tin_hat_I2P

Screenshot credit: thetinhat.com

Once you have the network up and running and you open it in a browser (e.g. Firefox), you should see a page like this:

I2P_router_console_0.7.7

Credit: 2009 Wikimedia Commons

As it says, that’s the I2P Router Console, and from that page you can configure just about everything about your connection, how much bandwidth you’re using, and what IP address your “identity” appears to be (not unlike Tor, actually)!

Let the Right One In

hand-984170_960_720

I had to include at least one creepy image.

Now, I have to confess that the part where I got held up was when I tried to access actual I2P sites (known as “eepsites”).  I knew I was connected to the network, so that wasn’t the problem.

According to the official I2P FAQ, under the question explaining what eepsites are:

An eepsite is a website that is hosted anonymously – you can access it by setting your web browser’s HTTP proxy to use the web proxy (typically it listens on localhost port 4444), and browsing to the site.

I did this, but I was still unable to access a number of the eepsites (or at least the featured ones on the router console).  Therefore, my thought was that the sites themselves were down.

Either that, or my firewall settings were preventing me from accessing the sites – I plan on modifying those and giving this another try.  Of note: eepsites also tend to go down often (not unlike .onion sites), so that could also be the problem.

But Wait…There’s More!

I2PBote-inbox-0.4

Like its darknet cousin Freenet, I2P offers several main features:

Email/Messaging: I2P has a few different messaging services.  The main ones are a built-in email application and I2P-Bote, a secure messaging platform somewhat akin to Freenet’s FMS (Freenet Messaging System) application.

I2P-Bote is a P2P email service; there is no central server that stores your personal data. Email messages are stored in encrypted form on the computers of other I2P-Bote users, which is how it differs in its structure from standard email services.  No one with the ability to read your emails actually stores them on their servers.

If you check out the link above, it breaks down many of the security features of I2P-Bote, including its encryption method(s), and anonymity components.

I2P-Bote, as opposed to standard email services like Gmail or Outlook, uses cryptographic keys as destinations (i.e. randomly generated numbers and letters.)

sy10500b

This end-to-end encryption is the default with I2P-Bote.  Beyond that, I2P-Bote also sanitizes email headers, taking out any unimportant information, and encrypts what’s left (e.g. the subject line).

I don’t know about you folks, but I find that very reassuring!

IRC (Internet Relay Chat): Some of you are probably already familiar with IRC – it’s been around since the internet’s early days (1988, believe it or not)!  The difference with I2P is that it has an IRC service that allows users to chat anonymously.  Similar services exist on Tor, by the way.  I have yet to use the chat service, but I plan on doing so in the future (and perhaps writing a separate post about it).  According to The Tin Hat’s how-to guide:

“Often controversial topics are talked about in these channels, but nobody is afraid of offering what may be a very valid, but unpopular opinion, pushing you to explore new ideas from new perspectives.”

And I can’t help but be reminded of an episode of Numbers while reading that line where they said this:

numbers_irc

Uhh…no it isn’t.  But I digress.  If you do end up using I2P’s IRC, The Tin Hat recommends the chat rooms #salt and #i2p-chat, which you can connect to by setting your IRC client (such as X-Chat) to 127.0.0.1 on port 6668.  If you already have experience with this, feel free to give me some feedback on how it went!

Torrents: Oh my God, you can torrent over I2P?  Yes – in fact, some would say that gives it an advantage over Tor, which strongly advises against torrenting over their network.

I2P offers The Postman Tracker and I2PSnark.  The former is a lot like The Pirate Bay, and the latter is very similar to µTorrent.  Again, I have yet to try out this feature, but according to my research, the torrenting feature only provides more cover-traffic, which actually improves your anonymity (as opposed to Tor)!

I2P also gives the user an advantage in that they can use it as a proxy for clearnet torrents, like BitTorrent or µTorrent.  That way you’re less likely to get some ominous letter from the RIAA, or have others users spying on your torrents.  It’s not 100% foolproof, but I’d say it’s smarter.  

Beyond that, there is an I2P plugin for the Vuze torrent client called I2P Helper; if you intend to use I2P primarily for torrenting, then it works very well in this context.  I2P Helper allows you to download torrents from both the clearnet and the dark web simultaneously.  To boot, you can configure Vuze to use I2P by itself, or an already running external I2P router.

One of the positive things about using I2P for torrenting is that there is very little child pornography or other questionable material on the torrent trackers (despite claims to the contrary).  Rather, there are quite a few sci-fi books, programming books, leaked government documents, movies, and music.

Its downside, however, is speed, which on average is about 30KBps (compared to roughly 1-2 MB/s on most other torrenting sites).  The trade-off, of course, is the anonymity factor.  You’re much less likely to get discovered and sued by angry record labels and movie studios if you’re using I2P, as opposed to their “cousins” on the clearnet.  So the choice is yours.

Give Me Links!  Give Me Links!

09_Browse_to_Site

All right, you asked for it!  I haven’t vetted any of these links, so enter at your own risk. These links are courtesy of DCJTech.info: DarkWeb Link List.  I have to admit, they’re much easier to remember than most .onion addresses, aren’t they?

Directory (I2P)

File-Sharing and Torrents

Gaming

Messaging

Miscellaneous I2P Sites

OutProxies

Search Engines (I2P)

Shopping (I2P)

Social

Is that enough links to get you started?  Well, I hope you have fun checking them out.

As for me,  I do hope to explore I2P more in the near future; it seems perfectly suited to nerds like me!

With that…it’s off to the darknet again…

 

 

 

 

 

 

Advertisements

Darknet Markets: Apple Market

DISCLAIMER: This review is for informational and entertainment purposes only.  I do not condone illegal activity, and anything you do on the dark web is at your own risk!

Picture Yourself in a Boat on a River…

giphy

I just had to reference the Beatles; it’s that kind of day!  In any case, I’m delving further into the world of darknet markets.  Yet despite the fact that this is a topic of interest to me, I confess that I have only limited experience with them.  Maybe that’s because I’m reluctant to break the law or something…

I doubt, of course, that it’s illegal to merely visit the markets, so that would be the next logical step.

 

A is for Apple – Apple Market

applemarket.png

Although it’s not technically one of the “top” markets right now, Apple Market is the first I explored.  It’s relatively simple to use compared to some of its fellow darknet markets.

As you can see in the photo above, its products are categorized into tags, such as “drugs,” “cannabis,” “ecstasy,” etc.  What you might not expect is that in addition to drugs, they sell things like books on coding, controversial eBooks (such as The Anarchist Cookbook), or hacks such as “Eat Domino’s Pizza for Free,” or “Unlimited Free Uber Rides.”

In order to purchase any of these goods (as with any darknet market) you connect it to your bitcoin wallet (preferably a different one than you use on the clearnet).  In the case of Apple Market, it enables you to generate a temporary bitcoin address to receive payments.

There are also lists of “Top Vendors,” “Random Vendors,” and “Newest Vendors,” which can help the darknet market n00bs (like, uh…me) explore the various goods and get a feel for the market – as well as to promote those who are achieving success:

applemarket2

So, personally, I haven’t purchased anything from this market yet, but I will say that it’s very easy to use and to navigate.  They offer MultiSig transactions as well.  Plus, many of the customer reviews that I’ve seen rate it highly, and they say it’s a honest market, so you at least know what you’re getting.

I’m tempted to purchase some of the non-drug items, as a matter of fact, but I think I’ll pass for right now.

Anyhow, was that so scary?  No, in all honesty!  It just gets murky when you try to purchase certain goods.  It’s the stories of people who get caught in the process that make me awful wary.

That being said, if you want to give Apple Market a try, go ahead.  They seem quite honest, and it looks like they have quality goods for sale.

Nice job, guys!  I shall review some other markets very soon – in the meantime, time to get back to my IRL responsibilities!

 

 

 

 

 

 

 

Interview: Arne Babenhauserheide of pyFreenet & Infocalypse

logo

I had the good fortune of “meeting” Arne Babenhauserheide (can you say his name three times fast?) on Google Plus recently…at least as closely as you can meet someone online.  (Yes, he’s the smiling guy above.)

He’s contributed code to The Freenet Project, a peer-to-peer anonymity platform originally designed by Ian Clarke.  I was curious about his background in coding and developing, what his connection to Freenet was, and his views on internet privacy, so we chatted over Google Plus, and went into detail about a few of these ideas.

By the way, I’ve linked to a few English posts on Arne’s blog, Zwillingssterns Weltenwald, if you’re interested in checking those out!

LmSxuHW0vYtKLdcNdVG

How did you first discover Freenet?

Arne Babenhauserheide: I’m not sure.  My oldest communication archive is from 2007, when Freenet 0.7 was released with the friend-to-friend structure called “darknet”.  Plans for this had started in 2005, where Google trends shows the first spike of searches for “darknet”: Google Trends: “darknet”

I already used 0.5 – I remember being unhappy that many sites disappeared with the switch to 0.7 – but I can’t really put a date to that anymore.

I was active in the Gnutella community before discovering Freenet, so it’s likely that I learned about Freenet from other Gnutella users or developers.

I wrote my first article about Freenet in 2009, the first English article in 2010: Simple positive trust scheme threshholds

How do you think Freenet compares to other anonymity networks like Tor, I2P, and GNUnet in terms of privacy, usability, and functionality?

AB: Different from Tor and i2p – Freenet provides hosting without needing a server.  This means that you don’t need to be able to secure a webserver against arbitrary anonymous [sic] to be able to publish.

GNUnet is closest in purpose to Freenet.  The main difference is that Freenet developed its features together with users and following user demand.  At least two of its features were written following requests from users: the update mechanism for websites in Freenet and the Web of Trust to defend against spam.  The latter was developed because an earlier forum system which was easy to spam actually got spammed: People realized that anonymity without spam resistance means freedom to use spam bots to suppress all discussions they don’t like.

Different from GNUnet – Freenet provides anonymous equivalents to most things you find in the normal internet (We call the non-anonymous internet the “clearnet”).

You said you contributed some code to the Freenet Project.  What area of Freenet were you developing? (e.g. forums, links, etc.)

AB: I’m currently maintaining pyFreenet, which makes it easy to use Freenet from Python and which provides several tools, like an optimized commandline tool for managing websites in Freenet.

Also I’m maintaining Infocalypse, a plugin for versiontracking [sic] tool Mercurial which allows programming over Freenet, including pull-requests and getting the code from someone else by simply calling

hg clone freenet://USER/PROJECT

This functionality was created in Google Summer of Code 2011 by Steve (I was mentor for that project).  Steve is now the maintainer of Freenet.

Also I did some statistical calculations to optimize aspects of Freenet, and I talk to people. ☺ Last December I went to the privacy workshop from the EU Parliament as representative of the Freenet Project: STOA: Protecting online privacy by enhancing IT security and strengthening EU IT capabilities

Finally, I’m doing all kind[sic] of stuff I consider important.  My most recent work is finalizing the simulation for mitigating the Pitch Black Attack: Mitigate the Pitch Black attack (the simulation works).

There’s lots of stuff in Freenet which is partly done and just needs someone to put in a medium amount of work to make it actually usable.  Lots of low hanging fruit where putting in some effort can have a huge effect.

Is it recommended, in general, to have some familiarity with coding if you’re browsing darknets like Freenet?

AB: I don’t think so.  If you can browse the web, you can use most things in Freenet – thought you need some tolerance for web interfaces which look as if they were written in the last century.

Do any of the sites on the network disturb you? (Such as some of the ones on Linkageddon [the uncensored link list on Freenet])?

AB: There are some sites on Linkageddon where the descriptions hint at stuff which would disturb me.  I do not look at these because that’s the only way to get rid of stuff on Freenet: when no one accesses it, it gets replaced by new content.

If I could get rid of sites without killing censorship resistance – a central requirement for free speech and freedom of the press which is one of the core requirements of real democracy – there would be some sites I’d remove.  But I can’t give myself the ability to censor without giving it to everyone else.  And once everyone can censor (essentially decide for others what they are allowed to see), no one can speak anymore.  Would you invest in writing something useful when it when it could disappear at any moment just because someone you don’t even know does not like it? [Good point, AB!]

What gives me peace of mind is that this does not help large scale criminals or such: People who can launder money can already publish anonymously.  Some of these already own media cartels.  They don’t gain anything extra from Freenet.  Giving free publishing to everyone via Freenet levels the playing field.  And once money is involved, they make themselves traceable via normal police work, so this does not help organized crime.

Also I recently went afoul of someone by telling him that killing politicians does not help against injustice, because it gives those politicians an excuse to increase their powerbase.  It wasn’t long in that discussion that I was threatened that my websites would be destroyed.  Back then I deeply wished I had had this discussion in Freenet.

Anonymity helps those who are threatened with physical violence.  And if you have children you’ll really not want to have Neonazis, Islamists or Corporate Lawyers at your doorstep for ridiculing their lies.

So you decide to keep quiet and leave the digital space to aggressors.  And censorship takes hold.

Freenet helps me against this: In Freenet I can speak freely.

And for this, I have to grant all other people that same freedom.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iJwEAQEIAAYFAla4rDgACgkQ3M8NswvBBUirMAP9FcsQmRo9tT+cSL1qQcR09vU1
CvIZFCKO6PsjFwQnCTS6xMvbYgMgBuI5jX5+vlROShUHZbcNIDBR7p4q1DDZ4HeE
Fvd1+J2fwflvz7gIzyLSvzal3j62pl6YsOWW/N9jwfQ4h85ue/KwwJdq0CfDePoV
EiL3eaK+BmvELXh0D9g=
=lcn3
-----END PGP SIGNATURE-----