How can I use the deep web

How does the darknet work?

Christian Löbering, Peter Stelzel-Morawietz

What we see and use on the internet every day is only a fraction of what is available. In the so-called Darknet, information and data can be published and exchanged with the greatest possible anonymity. But what is important for freedom of information in countries with strong censorship, of course, also attracts many criminals.

EnlargeDarknet - the dark side of the internet

At the latest, the revelation of the gigantic extent of NSA wiretapping has clearly shown: The transparent citizen is no longer a fiction. And censorship is also spreading more and more. While access to numerous websites is already blocked in other countries, there are also interest groups in this country who advocate that certain content on the web is not accessible to everyone.

In return, an area of ​​the web in which the exchange of information takes place completely anonymously is also heavily used by criminals in order to evade the access of the authorities. The Darknet is precisely this ambivalent area.

At the latest since the rampage in Munich at the end of July 2016, in which an 18-year-old shot nine people and then himself in a shopping center, the darknet has come into the public eye in this country.

Because there the man had obtained his murder weapon for the fatal attack. A few weeks later, the police arrested the gun seller. The authorities had previously contacted the dealer - also via the Darknet - with the help of a bogus arms shop and then arrested him. In January 2018, the man was sentenced to seven years in prison.

Darknet access via TOR

The expression Darknet, in other words “dark network”, is a perfect match for the meaning and purpose. The primary purpose of the Darknet is to communicate anonymously and undetected on the Internet. Anonymization services prevent one's own internet activities from being spied on. Of course, this only works if the surfer does not enter any personal data during the session, i.e. does not log into Facebook or his e-mail inbox, for example.

The anonymization network TOR is very popular. What many do not know: TOR is not only a cloak of invisibility for surfing, but also houses areas of the Darknet. These are hidden web pages on TOR servers that cannot be accessed from the normal Internet.

Riffle instead of gate: New anonymization procedure should lock out NSA

The principle of operation of the TOR network

TOR stands for "The Onion Router", in German "the onion router". The strange-looking title can be explained when you look at the functional principle: In order to disguise its origin, the Tor software installed on the user's PC routes each data package through various randomly selected computers (nodes) before it then passes through one End node (Exit Node) is passed into the open Internet. So that the data cannot be read on any of the Tor computers involved, they are encrypted. It is a multiple encryption based on the onion skin principle. Each of the nodes involved in the transport decrypts a layer. As a result, the packet that arrives at the node looks different to any eavesdroppers than the one that the node sends on.

EnlargeHidden Wiki: Largely unmoderated link directory of the Tor Deep-Web, which unfortunately also attracts black sheep

The encryption makes another function possible: namely, the hiding of websites and web addresses. The hidden data is on web servers within the Tor network. The addresses of the servers are encrypted in such a way that only special connection nodes in the Tor network can decode them. The encrypted addresses have the fictitious domain ending “.onion” and are published via relevant portals. On the one hand, these are community-managed directories that can be edited by anyone, such as the Hidden Wiki, and on the other hand, moderated search tools such as Torch.

If someone clicks on an encrypted link with the ending .onion, the request is sent to several participating computers, as is usual in the Tor network, but at the end not transmitted to an exit node, but to a connection node that has the real address of the web server in question knows. The node requests the data from the server and forwards it to the user. This means that it is not possible to find out where the server is actually located using conventional means. An informant is therefore fairly safe from being exposed.

The downside: illegal digital mischief

Networks in which one can publish all kinds of anonymously data naturally also attract criminals. And so you can also find illegal, repulsive and disgusting content and services there. From copyright-protected files to right-wing propaganda to drug dealers, gun sellers and contract killers who want to be paid using the anonymous digital currency Bitcoin.

Now you can not find everything that is (also) forbidden there in Torch & Co.: After all, it would be too easy for the police and investigative authorities to track down criminal transactions. Access to these onion sites and link lists is often only available upon invitation by participants who have already been accepted.

By the way, it was exactly this principle that the police used to track down the Marburg arms dealer. The investigators used the identity of another, previously blown customer and offered the alleged seller of the Munich murder weapon more rifles and ammunition in a sham shop. You knew and trusted each other from before - but this time the dealer had to deal with the police.

In addition, there are numerous hidden sites that try to attract visitors with sensational titles, but instead of the expected content (or in addition to it) throw malicious software under them. On the one hand, the naivety of many users who innocently download and execute arbitrary files is exploited. On the other hand, the attackers also exploit security holes in web browsers.

Use Tor in a virtual machine

The easiest way to access the Darknet is via the Mozilla Firefox-based Tor Browser for Windows. Download the German version of the tool, which is just over 50 MB in size, in the virtual machine and import it. It can't hurt to take a snapshot beforehand. After the installation, Tor will start automatically. In the “Connect to Tor” dialog, click “Connect”. It can take a few minutes until the connection is established. The two settings that you can choose from after clicking on “Configure” only play a role if you go online via a proxy server or want to use Tor in a country in which use is blocked, such as Egypt or Turkey.

You can tell that everything went well when the Tor browser loads automatically. To check anonymity, you should go to the website wieistmeineip.de right away. The Tor browser then wants to know from you whether the English-language versions of a website should always be loaded in the future in order to increase your privacy. We advise you to answer this question in the negative. If you open wieistmyip.de in Microsoft Edge, you will see that you are using a different IP address in the Tor browser.

Now visit The Hidden Wiki website in the Tor browser. It is normal for the page to take so long to load, as the data packets are routed through numerous nodes in order to disguise their origin. Numerous links to search engines such as Duckduckgo and portals, including the uncensored version of the Hidden Wiki, are listed right on the home page. A look at the uncensored Hidden Wiki reveals that everything is apparently allowed on the Darknet. Starting with stolen credit cards and hacked PayPal accounts to soft and hard drugs to pirated copies of all kinds and weapons - there is nothing that is not offered on the Darknet. Bitcoins are usually used for payment, as the digital currency promises maximum anonymity.

Darknet: good or bad?

Is the Darknet good or bad? We think: Neither of the two! Tor & Co. only offer one platform that allows the actors in it the greatest possible degree of anonymity. The pure use of the Darknet is therefore not forbidden, all the things that are illegal on the open Internet and in real life are of course there too. For freedom fighters or whistleblowers, it is a seemingly ideal place to publish data undetected. For agencies like the FBI, it is a tangible, albeit difficult to infiltrate, area to contact criminals.

So you can't judge the Darknet morally. So far, however, it has always been an important alternative to Clearnet, i.e. the normal Internet, where there is no doubt that practical and convenient web services are increasingly being paid for not with money but with your own data.

The long-term consequences of this development in the data economy harbors a considerable risk for the privacy and freedom of the individual. Because when private companies or authorities know more about you than the closest environment - and can link this data to new knowledge and align the Internet "experience" with it, self-determination is over.