If you found it by browsing, it’s probably not dark web

Posted: August 1, 2015 in Dark Web, Darknet
Tags: , , , , , ,

Fun fact: the proper technical term for dark web sites is hidden services. It’s easy to forget what this implies, but as I’ve been researching the past couple of months for a new book, I’ve been reminded of how the dark web is designed to work.

There's sites on the Dark Web you - and I - will never see

There’s sites on the Dark Web you – and I – will never see

When people ask what’s on the dark web, those who reply will tell them all about the sites that they found once they downloaded Tor and “went exploring” or “browsing” (usually from finding The Hidden Wiki and clicking on some links). Check out the 11,000 comments on this thread on Reddit to see what I mean. (And for something fabulously weird, somebody for some reason decided to narrate a comment I made)

The dark web, of course, was around long before Silk Road. But Silk Road brought the dark web to the masses. It was the first commercially successful hidden service that had no intention of being hidden. Darknet markets want customers. They put their URLs out there. They list themselves on the wiki and other Tor directories. They don’t want the sites to be hidden, just the site’s servers and owners.

But the original idea of Tor’s hidden services is that they are hidden from anybody who doesn’t know about them. There’s no referral links being spammed on Reddit or the intel exchange or general access forums. If you stumble across them, you’ll be none the wiser. There’s no fancy graphics, no link to “Register”, no FAQ, no indication of what is behind a single box asking for your credentials.

I was told by some operators that they have forums and sites accessible through entry points like the Hidden Wiki that operate almost like stooge sites. They may need an invite or recommendation to get in, but barriers to entry are not that high. Because they are not the real thing. They are just somewhere to distract journalists, law enforcement and nosy parkers while they operate the real site elsewhere. At best, they are a testing ground where they may pick valuable contributors and invite them to the place nobody else knows exists.

Others are ghost sites that require you to have the entry credentials from somewhere else altogether – a real-life contact, through private networks, or some other way. I have an OpEd in tomorrow’s Sunday Age that touches on hurtcore. There’s one current easily locatable hurter site operating, but more that are behind these private walls.

If I mention hidden sites from time to time on Reddit or Twitter, I inevitably get PMs or mail from punters asking whether I can “get them in” to some of these places. I always say no (which I would do even if I could, but I’m totally telling the truth). I have no desire to research any of these places in particular. Here’s why:

1. First, let’s have a think about what these sites may be hiding. Other than the banal just-want-our-privacy places, let’s let our imaginations run wild a bit and assume they fall into one of the following categories:

Child and/or torture porn – I have no desire whatsoever to go anywhere near it. I’m not the slightest bit curious. Nothing to do with it being illegal to even look at or any fear of getting caught. You can’t un-see that shit. I prefer my future to be nightmare-free thank you.

(On a side note, you can tell that the people who express a desire to find web-cammed snuff or gladiator fights to the death have a Hollywood-version picture in their heads of what they would look like. You know, sexy blonde girls still managing to be pretty as they are being sexually tortured, or proud-but-frightened muscular men in evenly-matched fights for the amusement of deranged billionaires. I can guarantee that if such sites exist in any form, they will bear no resemblance whatsoever to the movie version)

Hacking spaces – It would be pointless me “investigating” such a thing, because I would not understand a bloody thing that was going on there. Hacker-speak (the real stuff) is all gobbledygook to me. It looks like people are spewing random numbers and letters that they pretend are words at each other.

(again: it doesn’t look like CSINCISL&O:Cyber. It’s not going to be people laying out their plans to hack into a major piece of infrastructure in plain-speak exposition. There won’t be cool graphics of lights and lines bouncing around the globe until they zoom in on the car of the “target”. There’s probably not even a hot goth chick or socially-awkward-yet-strangely-lovable guy on the other end of the keyboard.)

Terrorists planning stuff – I believe they actually mostly use telephones, but anyway it would most likely be all in another language (I am sadly uni-lingual) in which case I would have no idea what was going on and it would be people I really, really wouldn’t want to fuck with. Remember, I report on stuff under my own name. I’m not hard to find. Nuh-uh, no thanks.

Good guys planning stuff – in which case, keep up the good work and contact me if you ever want to make it public. In the meantime, I’ll leave you to do it in secret.

2. Second, If they are truly designed not to be found, I am the very last person any people who have access to them would tell. Honestly, I must be the absolutely least-anonymous, most doxxed person in all of Onionland. Nobody is going to say “Hey OzFreelancer, here’s my super-sekrit sicko site, come have a look and I totally trust you not to tell anybody, because its not like you’re a reporter or write books about this stuff, k?”.

3. Finally, if people were wanting to be really, truly secret, not only would they use a hidden service, but even when communicating within the hidden service, they would encrypt their stuff to the specific users they wanted to see it. So even getting in would be useless as it would still be all random strings of letters.

The closest I ever maybe might have come was when I was contacted by somebody declaring him/herself a “hacker” (don’t get me started on the multitude of apparent meanings “hacker” has when it is being self-proclaimed) who, after a bit of chat, provided me with an onion address that brought me to a page that looked plain white, but actually had two white boxes I could click into. They didn’t say “username” and “password”, just two boxes. I entered the information that the “hacker” had given me and I was inside something that looked a little bit like a cross between an IRC chat and a 4Chan board. I barely had time to register what I was looking at (or take any screenshots) before I was bumped back to the login page. Username/password combination no longer worked. A few hours later, the onion address came back ‘page not found’ and the “hacker” never contacted me again.

It may have been an elaborate hoax (I’ve had no shortage of those played on me over the years) or I might have had a peek at something truly “hidden”. And, as usual, I will probably never know.

But that’s the thing. Hidden services are not designed to be found. And you and me are never going to find them by “browsing” the dark web.




  1. Danny Swith says:

    Why the common disappear

  2. Lex says:

    In case nobody has tipped you off yet, congratulations! – You’ve (probably) been hacked.
    The site was a trap that was triggered when you confirmed your real-life identity by using the login that the hacker gave you. Whatever they wanted from your PC, they most likely got.
    Now would be a great time to upgrade to a new machine, THEN change all your passwords everywhere.

    “I barely had time to register what I was looking at (or take any screenshots) before I was bumped back to the login page. Username/password combination no longer worked. A few hours later, the onion address came back ‘page not found’ and the “hacker” never contacted me again.”

    • Remco says:

      I would hope anyone knowledgeable enough to be able to investigate the deep web is knowledgeable enough to do this from a ‘sandbox’ machine (Be it physical or virtual) on which no other data is stored and no other logins are made to anything unrelated to what is being investigated. (I.e. No personal logins / accounts)

  3. ciphas says:

    Good point about the “dark web” thing. I think the technical definition means sites that are built on top of darknets, but there are always sites that are more hidden and harder to access. These are the ones that have been the source of a lot of the urban legends – am I wrong?

    And be careful – I hope no one hacked you, but if they did, might be time to get a new machine.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s