The dark web is content on an Internet overlay network that requires specific software, configurations, or authorization to access.
Searching the dark web allows users to buy and sell anonymously while safeguarding their own identity.
While the deep web is made up of large quantities of information that is not indexed by search engines, only a small part of this realm is known as “dark web”.
The Dark Web, which includes small friend-to-friend networks and larger networks such as Tor, Freenet, I2P and Riffle operated by the public.
Those using the dark web refer to the regular internet as Clearnet because it is unencrypted. Tor’s dark net or onionland uses the anonymous traffic technique of onion routing under its top-level domain suffix .onion.
The domains of a number of websites on the dark web include .onion, and they are reachable only by use of Tor.
The most popular sites on the dark web tend to be hosted by users as opposed to site owners; only 10% of sites with content in Hidden Service Directories are considered noteworthy or prominent. The most popular sites on the dark web include community forums, chatrooms like Torbook, and professional markets like BlackMarket Reloaded and Blue Sky.
Onionland consists of websites using the Tor network for anonymous access to the Internet. Many Hidden Service Directories (HSDirs)—specialized .onion websites that publish lists of .onion sites—are hosted on dark web servers that provide some form of anonymity to the administrators and keep no records of visits.
The most popular software for reaching the dark web is Tor, short for The Onion Router.Anonymity networks like Tor increasingly make it possible to “host” Internet services within a distributed network without revealing the location where the service is hosted, and therefore protect physical locations. These services include websites where users can register for accounts, publish anonymous posts (i.e. blogging), make collaborative documents (such as wikis), chat via instant messaging or IRC, share pictures or videos anonymously, send encrypted emails, and trade goods and services in marketplaces.
Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal user’s information and location. Tor does not prevent an investigator from discovering the computer’s actual IP address; however it prevents tracing activity back to the user as long as the computer uses Tor with correct configuration. For this reason, some websites on the regular web require Tor, for example, Deep Web Sites to protect visitors’ personally identifiable information or location.
The Guardian Project advertises a free plug-in called “Orbot”, available in Google Play and the Amazon Appstore as a proxy app which allows Android users to directly access .onion sites without needing to install Tor.
The Tor Project also develops and maintains Tor Messenger, an instant messaging program that allows users to chat (with others who have the program installed) instantly with anyone on specified .onion websites, or communicate via private messages using end-to-end encryption with other Tor Messenger users.
In addition to its internet proxy function, Tor can also be used for network services that do not necessarily have anything to do with anonymity. In these cases, users in the same virtual location may run servers which are only reachable through Tor and only accessible by other computers on the same anonymized network. This set-up resembles a LAN but is technically a VPN.
The dark web is used for a variety of reasons. The main distinction is between open web and hidden services, and the dark web serves to hide certain activities from the deep web.
Alternative domains are often used by cybercriminals to host malware or advertise criminal services (such as stolen credit cards) on websites that may have otherwise been hosted under their own domain names. Sometimes the dark web is used just for posting publicly available information, like RSS feeds or Facebook personal blogs and pages.
Similarly, some users of Tor may use hidden services as mechanisms to access public websites anonymously. To do this, a user would connect to the remote server through an entry node and then create a new circuit (a connection) to the desired hidden service (e.g., a website) through an exit node, thus muddying the origin of their traffic and making it appear to come from the hidden service.
The dark web has been used for both legal and illegal activities by its users. The FBI acknowledged in 2014 that “almost all online criminal drug market activity now uses Tor”.
The largest drug marketplace on the dark web is “Silk Road 3.1”, followed by AlphaBay (operated offline after its alleged founder’s arrest), which was seized in early 2017. Silk Road 3.1, AlphaBay and other major drug marketplaces have been targeted by a wide variety of law enforcement agencies.
In October 2013, the FBI arrested Ross William Ulbricht (known online as “Dread Pirate Roberts”) and shut down his illegal drug marketplace known as Silk Road. Silk Road replaced earlier markets where similar activities occurred; it was followed by several other prominent dark-web marketplaces, including Agora, Evolution and Black Market Reloaded. The FBI seized $3.6 million worth of Bitcoin in the course of their investigation into the black market site, as well as arresting two UK men for drug trafficking and attempting to seize approximately another $800,000 worth of Bitcoin from anyone who was willing to volunteer it up. One reason given for using Bitcoins is that payments are hard to trace; Bitcoins are not tied to a particular country; instead, they can be exchanged anonymously for almost any currency. However, the FBI has since been able to track down Bitcoin payments and in 2014 sentenced Silk Road founder Ross Ulbricht to life imprisonment without parole.
In 2013 the U.S. Department of Justice seized Liberty Reserve S.A., an anonymous payment service based in Costa Rica, and charged it with money laundering. The company had allegedly serviced over five million users who performed transactions worth $8 billion. The case is believed to be the largest international money-laundering prosecution in history.
In December 2014, a study of three months’ worth of hidden services traffic found there were an average of 41 visits to those sites from the public Tor network every hour. The total number of hidden services visits per month was 22,000 to 27,000, and there was a core of 1,300 websites that accounted for 97% of traffic. Of all this activity, only 3% included markers which indicated illegal content; however, it included websites offering both illegal and legal goods and services. Similarly, a study in 2015 of Silk Road 2 found that nearly 4% of the site’s monthly traffic was made up by people using the Tor network to access it; no attempts were made to analyze if these users were also the site’s actual customers.
Tor has enabled dissidents and activists to avoid government scrutiny in their own countries. For organizations and individuals who require anonymity, such as human rights groups, the Tor network has helped provide a level of protection from monitoring and surveillance by governments. This was demonstrated in 2012 when the public learned how American agencies, including the NSA, FBI, DHS and CIA were actively trying to monitor online communications on the Internet and consider Tor’s users to be “extremists” or a “malicious cyber criminal element” that includes possible terrorist-activists. The NSA has also declared earlier that Tor along with other services like Psiphon are threats to national security, and they have made great efforts to develop techniques to degrade the network.
Tor was originally developed, and continues to be primarily, a tool for political protection. Donors and volunteers who run the network have been motivated by privacy concerns as well as support of free speech activities online. However, Tor has also attracted criminals in addition to ordinary users:
Founded by members of the hacktivist group Electronic Disturbance Theater (EDT), the Freedom Hosting network provided an infrastructure for hosting websites that could not be taken down, and contained links to child pornography. It was a target of the U.S. Department of Justice investigation called Operation Torpedo set up in 2012 which involved seizing and taking offline over 400 hidden services sites on Freedom Hosting’s network..