Google only indexes a tiny fraction of the internet. By some estimates, the web contains 500 times more content than what Google returns in search results. The links that Google and other search engines return when you type in a query is known as the “surface web,” while all the other, non-searchable content is referred to as the “deep web” or “invisible web”.
The dark net, or dark web, constitutes a small fraction of the deep web. The dark web is made up of purposefully hidden websites and services. Both the owners and users of the dark web are anonymous. Although not everything on the dark net is illegal, it’s where you’ll find many of the internet’s black markets, hacker forums, malware vendors, and other illicit activity.
See also: The best VPNs for Tor
What is the dark web?
The dark web, or dark net, is a small part of the deep web that is kept hidden on purpose. Websites and data on the dark web do typically require a special tool to access.
The type of site most commonly associated with the dark web are marketplaces where illicit goods such as narcotics, firearms, and stolen credit card numbers are bought and sold. The darkest corners are used to hire hitmen, engage in human trafficking, and exchange child pornography.
More than that, though, the dark web contains content and data that can be accessed with anonymity. It could be a blog, forum, chat room, or private gaming server.
The beauty of the dark net is anonymity. No one knows who anyone else is in the real world, so long as they take the necessary precautions. Users’ identities are safe from the prying eyes of governments and corporations.
The dark web and Tor are often used by journalists and whistleblowers to exchange sensitive information, including Edward Snowden himself. The Ashley Madison data dump, for instance, was posted to a site only accessible to Tor users.
How to access the Dark Web safely
To access the vast majority of the dark web, you’ll need Tor. Tor is a network of volunteer relays through which the user’s internet connection is routed. The connection is encrypted and all the traffic bounces between relays located around the world, making the user anonymous.
Related post: Dark Web Monitoring Tools
Get Tor Browser
The easiest way to access Tor is through the Tor Browser. You can download and install it for free. You might want to hide your Tor Browser download using a VPN and your existing browser’s private/incognito mode.
Based on Firefox, Tor Browser lets you surf both the clear web and dark web. All your traffic is automatically routed through the Tor Network. Make sure to download the Tor Browser only from the official website, as not to risk downloading malware, spyware, or some other virus to your device.
Officially, the Tor Browser is only available on Windows, Mac, Android and Linux. Many experts advise against using third-party mobile browsers that utilize the Tor Network. Sorry, iOS users.
Added security: Use a VPN
Internet providers and websites can detect when Tor is being used because Tor node IPs are public. Although websites can’t identify you and ISPs can’t decrypt your internet traffic, they can see that Tor is being used. This can raise suspicions and draw unwanted attention.
If you want to use Tor privately, you can use either a VPN or Tor Bridges (Tor nodes that are not publicly indexed). Tor users in the USA in particular may want to use a VPN, which will be faster and more reliable.
When using a VPN for the dark web, your ISP will not be able to see that you are connected to a Tor node, only an encrypted tunnel to a VPN server.
NordVPN is the #1 choice for Tor and has been designed with Tor users in mind.
Navigating the dark net
Now that you have Tor, you can access the dark web. Dark net websites are called “Tor hidden services”, and they can be distinguished from normal websites by their URLs.
Instead of “.com” or “.org”, dark web addresses can be distinguished by the top-level domain, “.onion“.
Obviously, finding these .onion websites is the first challenge, as they won’t show up in Google search results. You can’t just Google “Silk Road” and hope to land on the dark web site.
BUT DON’T TAKE MY WORD FOR IT…
Always exercise extreme caution when using publicly posted onion URLs. If you can’t get a personal recommendation from someone you trust, verify the URL from multiple different sources.
The dark web has no shortage of scams, phishing sites, and malware designed to trick newbies. Links posted to the clear web in particular are often malicious. And because there’s very little use of HTTPS on the dark net, verifying whether or not a website is genuine using an SSL certificate is not feasible.
Reddit is also a valuable resource for finding the dark net or deep web site you’re looking for. Try the /r/deepweb, /r/onions, and /r/Tor subreddits.
Anonymity is in your hands
Again, we can’t emphasize enough that security and anonymity are paramount to those on dark web sites. Your ISP and the government might not be able to view your activity when on the Tor Network, but they do know you are on the Tor Network, and that alone is enough to raise eyebrows. In fact, a recent judgment by the US Supreme Court denoted that simply using Tor was sufficient probable cause for law enforcement to search and seize any computer around the world.
Another vital precaution is to ensure that your .onion URLs are correct. Onion URLs generally contain a string of seemingly random letters and numbers. Once you are certain that you have the correct URL, save it in an encrypted note—the Tor browser will not cache it for later. Otherwise, there’s a good chance of falling victim to a phishing scam like this fake bitcoin mixer.
We highly recommend employing another layer of security via a VPN.
What is the deep web?
The deep web is often confused with the dark net. Put simply, the deep web is all of the information stored online that isn’t indexed by search engines. You don’t need any special tools or a dark net browser to access most of the deep web; you just need to know where to look. Specialized search engines, directories, and wikis can help users locate the data they’re looking for.
Most of that information is hidden simply because the vast majority of users won’t find it relevant. Much of it is tucked away in databases that Google is either not interested in or barred from crawling. A lot of it is old and outdated. The contents of iPhone apps, the files in your Dropbox account, academic journals, court records, and private social media profiles are all examples of data that aren’t necessarily indexed by Google but still exist on the internet.
Many of the best general deep web search engines have shut down or been acquired, like Alltheweb, DeeperWeb, and CompletePlanet. Only a couple will offer more complete results than Google, Bing, or Yahoo:
- Dogpile – A metasearch engine that compiles results from several other search engines, removes duplicates and gives results
- The WWW Virtual Library – The original index of the web, but more of a directory than a search engine.
These are okay, but specialized search engines tend to be better than general ones for finding info on the deep web. If you’re looking for a court case, for example, use your state or country’s public records search. If you need academic journals, check out our article on using deep web search engines for academic and scholarly research. The more specific you can be, the better, or else you’ll just end up with the same search results that you would find on Google. If you need a specific file type, like an Excel file or a PDF, learn how to specify searches for that type of file (e.g. type “filetype:PDF” in your query).
VPN over Tor versus Tor over VPN
A VPN allows a user to encrypt all the internet traffic traveling to and from his or her device and route it through a server in a location of that user’s choosing. A VPN in combination with Tor further adds to the security and anonymity of the user.
While somewhat similar, Tor emphasizes anonymity, and a VPN emphasizes privacy.
Combining them reduces risk, but there’s an important distinction in how these two tools interact. Let’s first discuss Tor over VPN.
If you connect to your VPN and fire up Tor Browser, you’re using Tor over VPN, this is by far the most common method. All your device’s internet traffic first goes to the VPN server, then it bounces through the Tor Network before ending up at its final destination. Your ISP only sees the encrypted VPN traffic, and won’t know you’re on Tor. You can access .onion websites normally.
Tor over VPN requires you to trust your VPN provider, which can see that you are using Tor and keep metadata logs, though it can’t actually see the content of your encrypted Tor traffic. A logless VPN, which doesn’t store any traffic logs nor session logs is highly preferable. Traffic logs contain the content of your internet traffic, such as search queries and websites you visited, while session logs contain metadata like your IP address, when you logged into the VPN, and how much data was transferred. Traffic logs are a bigger concern than session logs, but neither are good.
For built-in Tor over VPN functionality, NordVPN operates specialized servers that automatically route you through the Tor network. You don’t even need to use Tor Browser, but keep in mind other browsers can still pass identifying information through the network. Alternatively, there’s IPVanish who claim to be the world’s number one VPN for Tor and come highly recommended, you can save 60% on the annual plan here.
DEAL ALERT: NordVPN is running a 2 year deal with a huge 66% discount here.
Tor over VPN also doesn’t protect users from malicious Tor exit nodes. Because Tor nodes are made up of volunteers, not all of them play by the rules. The final relay before your traffic goes to the destination website is known as the exit node. The exit node decrypts your traffic and thus can steal your personal information or inject malicious code. Additionally, Tor exit nodes are often blocked by websites that don’t trust them, and Tor over VPN can’t do anything about that, either.
Then there’s the less popular VPN over Tor, which is advised against by the official Tor Project. Only two VPN providers that we know of, AirVPN and BolehVPN, offer this service, although neither of these score highly for speeds. In this case, the order of the two tools is switched. Internet traffic first passes through the Tor Network, and then through the VPN. This means the VPN provider doesn’t see your real IP address and the VPN protects you from those bad exit nodes.
The big downside is that your ISP will know you are using Tor, which is cause for concern in some places and will put many people off using this method. In this instance, too, it is important to use a logless VPN and pay with Bitcoin if you can to stay anonymous. The VPN over Tor technique is also susceptible to an end-to-end timing attack, though it’s highly unlikely.
Tor over VPN requires you to place some trust in your VPN provider but not your ISP and is best if you want to access .onion websites. VPN over Tor requires you place trust in your ISP but not your VPN and is best if you want to avoid bad Tor exit nodes. Some consider VPN over Tor more secure because it maintains anonymity throughout the entire process (assuming you pay for your VPN anonymously). Although the official Tor Project advises against VPN over Tor, both methods are superior to not using a VPN at all.
The major caveat is speed. Due to all the nodes that your traffic passes through, Tor by itself significantly limits bandwidth. Adding a VPN to it, even a fast one like IPVanish will make it even slower, so please be patient.
I2P is an alternative anonymous network to Tor. Unlike Tor, however, it cannot be used to access the public internet. It can only be used to access hidden services specific to the I2P network. I2P cannot be used to access .onion sites because it is a completely separate network from Tor. Instead, I2P uses its own brand of hidden sites called “eepsites”.
So why would you use I2P instead of Tor? After all, it’s much less popular, can’t be used to access normal websites, and isn’t as easy to use, among other disadvantages. Both rely on a peer-to-peer routing structure combined with layered encryption to make browsing private and anonymous.
I2P does have a few advantages, though. It’s much faster and reliable than Tor for a number of technical reasons. The peer-to-peer routing structure is more advanced and it does not rely on a trusted directory to get route information. I2P uses one-way tunnels, so an eavesdropper can only capture outbound or inbound traffic, not both.
Setting up I2P requires more configuration on the user’s part than Tor. I2P must be downloaded and installed, after which configuration is done through the router console. Then individual applications must each be separately configured to work with I2P. On a web browser, you’ll need to configure your browser’s proxy settings to use the correct port.
Like I2P, Freenet is a self-contained network within the network that can’t be used to access sites on the public web. It can only be used to access the content uploaded to the Freenet, which is a peer-to-peer distributed datastore. Unlike I2P and Tor, you don’t need a server to host content. Once you upload something, it stays there indefinitely even if you stop using Freenet, so long as it is popular.
Freenet allows users to connect in one of two modes: darknet and opennet. Darknet mode allows you to specify who your friends are on the network and only connect and share content with them. This allows groups of people to create closed anonymous networks made up solely of people they know and trust.
Alternatively, users can connect in opennet mode, which automatically assigns peers on the network. Unlike darknet mode, opennet uses a handful of centralized servers in addition to the decentralized peer-to-peer network.
Configuration is fairly straightforward. Just download, install, and run. When you open your default browser, Freenet will be ready and running through its web-based interface. Note you should use a separate browser than the one you normally use to help ensure anonymity.
Freenet is still an experiment designed to resist denial-of-service attacks and censorship.