It's like the bbs days, you have to know the number to get in.....secret membership....rajagainstthemachine wrote:Has anyone been there and come back safely? you tube seems to filled with nothing but horror stories.
I'm slightly curious about the definitions and the differences... I do know one of them is filled with illegal stuff and the other is beyond the scope of indexing of an ordinary search engine, how much of it is true and how much is hogwash?
Why? I think you mysticize it a bit. For example, I don't allow indexing of some of my websites. They are private and this is the only reason.rajagainstthemachine wrote:Has anyone been there and come back safely? you tube seems to filled with nothing but horror stories.
I'm slightly curious about the definitions and the differences... I do know one of them is filled with illegal stuff and the other is beyond the scope of indexing of an ordinary search engine, how much of it is true and how much is hogwash?
You have to know the secret handshake.rajagainstthemachine wrote:and where does one get a number ?
x9200 wrote:Why? I think you mysticize it a bit. For example, I don't allow indexing of some of my websites. They are private and this is the only reason.rajagainstthemachine wrote:Has anyone been there and come back safely? you tube seems to filled with nothing but horror stories.
I'm slightly curious about the definitions and the differences... I do know one of them is filled with illegal stuff and the other is beyond the scope of indexing of an ordinary search engine, how much of it is true and how much is hogwash?
Darknet (nothing to do with the indexing), I believe this is not like a single authorisation requiring interface to some illegal world, but various services with some common points (i.e. anonymization, authorization, running over non-standard protocols etc). It could be for example based on TOR, or something different.
concur with you here, most of these websites may work solely on an IP address ( or possibly NAT) and with the advent of IPv6 the number of websites is only going to increase.Strong Eagle wrote:You have to know the secret handshake.rajagainstthemachine wrote:and where does one get a number ?
Seriously, there are millions of IP addresses that are not associated with any domain. You must know the IP address to access, and typically the first thing is a firewall or VPN appliance of some sort that you must get past in order further access content at the IP address.
This is how a variety of covert activities, legal and illegal, are conducted. Let's say you're into kiddie porn. You scour the internet and you finally find a public site that is ostensibly about discussing the dangers of kiddie porn. In reality, though, and after you have been vetted, someone might send you an instant message with an IP address and a password that takes you to another level of forums. And again, once you have been found to be 'trustworthy', you'll be handed the keys to the next level.
As x9200 noted, you would actually access the clandestine sites through anonymizing services so that in the event that the site were compromised, it would be difficult to trace you back to your own ISP assigned IP address.
On the legal side of things, lots of companies have IP addresses set up so that their employees can remotely access company data, email, and files. No web crawling bot will ever find them because they are not indexed, and if they were to be accessed on the basis of IP address only, authentication keeps unwanted people out.
And, this is why the NSA and the like hate encryption and want to have a direct connection into the internet pipeline. You're running a small terrorist organization. You set up an internet connection with a static IP, install a VPN appliance and a computer behind it. As you recruit, you hand out the IP address and your minions now have a secure communication tool as long as no one turns in the IP address. The only way the NSA can be aware of this hidden terrorist computer is to monitor all the traffic coming over the pipe.
I will look for it. Never was tempted so far. My incidental knowledge is based on what sometimes emerges when a specific background is given on some net security issues.rajagainstthemachine wrote:@X9 - I mysticized it a bit to stir up some discussion on it. more like a technical discussion based on say facts and protocols than based on hearsay. I also watched a few you tube videos where lots of people claim to have entered into a wrong realm where they were subject to robbery/harassment/intimidation or fear.
I think there could be a different reason. I expect the society behind the "dark net" just don't care about css and such. It does not add a iota to functionality. I am not a hacker nor an IT professional of any related sort, I just have some experience in administrating unix-like servers, and 90% stuff I do related to the administration is terminal, text based. If I need to use the web for some reason it will also be very basic, no java, nothing like this. Functionally it is just not needed and basic html (together with php/perl and such) is IMHO more than enough.rajagainstthemachine wrote:I've been an Internet user since the early 90's right from the dial up days and what I noticed in most of the videos showing the dark/deep web pages were all entirely html with no css or Jsp with a large number of animated gifs that were so reminiscent of that era.
I'm just speculating here and I could be wrong, but at some point many search engines had to have a look at all they junk they had indexed and said ok we're now going to focus solely on whats popular and ignore the rest, the legacy stuff stayed and I think a lot of underground websites which wanted to keep a low profile for various purposes not necessarily illegal aspects still stuck to basic html.. eg a website a company maintains for medical claims or payslips.
I'll be upto it.. when are we meeting..? time for an eagles gathering of sorts..zzm9980 wrote:Read this: https://www.torproject.org/docs/hidden-services.html.en
If you really want to learn more, buy me a coffee (sorry, it'll be a fancy hipster latte, not a kopi C) sometime and we can chat.
I believe it requires a lot of more effort to stay anonymous than just by using TOR. People don't even think about it. The authorities have access to the whole infrastructure so it may be enough to monitoring in/out from the TOR nodes to find somebody if sufficiently determined.zzm9980 wrote:"Deep dark web" or whatever is a non technical gibberish made up by the media. Although non-indexed sites and even sites with just IP (no domain) exist, that's not what this generally refers to.
What they're talking about are TOR hidden services. These are sites you can't just hit by IP unless you're coming over the TOR network and using a specific TOR-only address (.onion). Access to TOR hidden services are generally anonymous if the appropriate safeguards are taken, and not traceable. That said, US FBI, NSA, etc are getting really good at de-anonymizing the traffic. If you're doing something illegal enough that you'd be in their crosshairs, I wouldn't rely solely on it. (and if you are, google for the grugq's "opsec for hackers" paper to get some practical advice).
zzm9980 wrote:"Deep dark web" or whatever is a non technical gibberish made up by the media. Although non-indexed sites and even sites with just IP (no domain) exist, that's not what this generally refers to.
What they're talking about are TOR hidden services. These are sites you can't just hit by IP unless you're coming over the TOR network and using a specific TOR-only address (.onion). Access to TOR hidden services are generally anonymous if the appropriate safeguards are taken, and not traceable. That said, US FBI, NSA, etc are getting really good at de-anonymizing the traffic. If you're doing something illegal enough that you'd be in their crosshairs, I wouldn't rely solely on it. (and if you are, google for the grugq's "opsec for hackers" paper to get some practical advice).
rajagainstthemachine wrote:. I was surprised to know that there is voice over TOR as well -> https://guardianproject.info/2012/12/10/voice-over-tor/ pretty cool but it appears to be still at nascent stages.. i happened to chance upon it while reading about security threats that could impact a SBC.
Yes, if both entry and exit nodes are owned, TOR traffic can easily be anonimized. You should assume the NSA and other orgs are trying their hardest to add as many nodes as possible (since anyone can do it).x9200 wrote: I believe it requires a lot of more effort to stay anonymous than just by using TOR. People don't even think about it. The authorities have access to the whole infrastructure so it may be enough to monitoring in/out from the TOR nodes to find somebody if sufficiently determined.
I think I read recently the way one types on the keyboard (timing-wise, or other) is also being used. Interesting stuff.
Users browsing this forum: No registered users and 8 guests
