OP 21 August, 2023 - 05:20 AM
(This post was last modified: 21 August, 2023 - 06:21 AM by RedBills. Edited 3 times in total.)
Hello, today I am presenting you my guide to using TOR and staying anonymous, sources linked below
What is the dark web?
The "dark web" is a series of private, anonymity centered networks, such as TOR and i2p. These networks operate using nodes or relays, which are voluntarily hosted by the community, the traffic between these relays being always encrypted.
Dark web != Deep Web
A lot of times uninformed people confuse the dark web for the deep web, that is a mistake. The deep web is accessible by the world wide web, while the dark web is only accessible through other networks.
The deep web consist of normally unindexed resources such as private ftp servers, academic login portals and torrent files.
Short glossary:
onion circuit - A circuit going through 3 relays, with an entry (guard) node, a middle node and an exit node
onion service descriptor - list of introduction points along with private keys for validation
How does the TOR network function?
When accessing a tor hidden service, both parties have some tasks to complete, firstly, the onion service picks 3 random introduction points from the list of all of the available relays, forms an onion circuit with each one of them and adds them to the onion service descriptor, which will be used by the client when connecting to it, after that, the client picks one of the introduction points from the onion service descriptor, forms an onion circuit with it, picks a rendezvous point which will be used as a middleman between the service and the client, and using said introduction point, it sends the server the location along with a secret passphrase to the server. Only after that, the client and the service can communicate.
All of the traffic, except for the entry relay traffic is encrypted, making the process as anonymous as possible.
How TOR service users and operators get caught:
It's no secret that the tor network isn't perfect, with some vulnerabilities emerging throughout the years, but most of the indictments, arrests and legal actions are possible through OPSEC mistakes, such as poorly tumbled crypto, lack of common sense and manipulation.
Throughout the years law enforcement agencies have performed some attacks against the tor network, such as the famous case of KAX17, where supposedly the german government used a method by which they introduced as many nodes into the tor ecosystem as possible, analysing all off the incoming and outgoing traffic, making it possible to deanonymize users.
Some bad OPSEC stories:
The case of Alexandre Cazes, the former administrator of the Alphabay marketplace, which used his personal email, tied to his real name, hosted on his own servers, also tied to his real name to contact his customers.
The case of Black Goblin Marketplace, which was accidentally hosted on the clearweb.
The case of Empire Market, which had a tor node which was completely open to the web, proven by a security researcher on twitter.
The case of Blake Benthall, the admin of the silk road 2, which found his downfall with a vulnerability in the service's code.
The case of Ross Ulbricht, which ran the original silk road, which leaked his server ip through his buggy captcha service, also fell for a honeypot set through a captured market administrator.
And the list goes on
How to stay anonymous on the Tor network:
Use a separate device for browsing on tor.
Use a public network for browsing tor, also use tor bridges so nobody can find out, through a traffic analysis that you are using tor.
Use pgp software to do all communication, and software such as xmpp.
Encrypt your device using veracrypt.
Use a bootable operating system such as tails.
Spoof your mac address.
Only use XMR when dealing on the tor network.
Do not sign for any package arriving to you after a deal done on tor.
What is the dark web?
The "dark web" is a series of private, anonymity centered networks, such as TOR and i2p. These networks operate using nodes or relays, which are voluntarily hosted by the community, the traffic between these relays being always encrypted.
Dark web != Deep Web
A lot of times uninformed people confuse the dark web for the deep web, that is a mistake. The deep web is accessible by the world wide web, while the dark web is only accessible through other networks.
The deep web consist of normally unindexed resources such as private ftp servers, academic login portals and torrent files.
Short glossary:
onion circuit - A circuit going through 3 relays, with an entry (guard) node, a middle node and an exit node
onion service descriptor - list of introduction points along with private keys for validation
How does the TOR network function?
When accessing a tor hidden service, both parties have some tasks to complete, firstly, the onion service picks 3 random introduction points from the list of all of the available relays, forms an onion circuit with each one of them and adds them to the onion service descriptor, which will be used by the client when connecting to it, after that, the client picks one of the introduction points from the onion service descriptor, forms an onion circuit with it, picks a rendezvous point which will be used as a middleman between the service and the client, and using said introduction point, it sends the server the location along with a secret passphrase to the server. Only after that, the client and the service can communicate.
All of the traffic, except for the entry relay traffic is encrypted, making the process as anonymous as possible.
How TOR service users and operators get caught:
It's no secret that the tor network isn't perfect, with some vulnerabilities emerging throughout the years, but most of the indictments, arrests and legal actions are possible through OPSEC mistakes, such as poorly tumbled crypto, lack of common sense and manipulation.
Throughout the years law enforcement agencies have performed some attacks against the tor network, such as the famous case of KAX17, where supposedly the german government used a method by which they introduced as many nodes into the tor ecosystem as possible, analysing all off the incoming and outgoing traffic, making it possible to deanonymize users.
Some bad OPSEC stories:
The case of Alexandre Cazes, the former administrator of the Alphabay marketplace, which used his personal email, tied to his real name, hosted on his own servers, also tied to his real name to contact his customers.
The case of Black Goblin Marketplace, which was accidentally hosted on the clearweb.
The case of Empire Market, which had a tor node which was completely open to the web, proven by a security researcher on twitter.
The case of Blake Benthall, the admin of the silk road 2, which found his downfall with a vulnerability in the service's code.
The case of Ross Ulbricht, which ran the original silk road, which leaked his server ip through his buggy captcha service, also fell for a honeypot set through a captured market administrator.
And the list goes on
How to stay anonymous on the Tor network:
Use a separate device for browsing on tor.
Use a public network for browsing tor, also use tor bridges so nobody can find out, through a traffic analysis that you are using tor.
Use pgp software to do all communication, and software such as xmpp.
Encrypt your device using veracrypt.
Use a bootable operating system such as tails.
Spoof your mac address.
Only use XMR when dealing on the tor network.
Do not sign for any package arriving to you after a deal done on tor.
Please use common sense.
Do not use the same credentials for all hidden websites. LE has checked hansa marketplace data to compare it to other compromised marketplaces and deanonymise.
Do not, under any circumstances post your confidential documents on the dark web (you'd be surprised, but it has happened).
sources: torproject.org, wikipedia.org, Mental Outlaw on youtube, dread forum
Please like and rep, onion service operator crash course incoming.
Do not use the same credentials for all hidden websites. LE has checked hansa marketplace data to compare it to other compromised marketplaces and deanonymise.
Do not, under any circumstances post your confidential documents on the dark web (you'd be surprised, but it has happened).
sources: torproject.org, wikipedia.org, Mental Outlaw on youtube, dread forum
Please like and rep, onion service operator crash course incoming.
This is a bump
