The Dark Web - Everything You Need To Know
You’ve probably heard of it. The dark web, or the dark net. But what exactly is it? What does it do? How do you access it? Does anyone even care? If so, how do you stay safe? I'm going to open with some background, but I'll get to instructions - pinkie swear. So read on.
"Deep web" is distinct from "dark web". The "dark web" is the encrypted network that exists between Tor servers and their clients, whereas the "deep web" is simply the content of databases and other web services that for one reason or another cannot be indexed by conventional search engines. If you want to read up more on the difference, I recommend checking Clearing Up Confusion - Deep Web vs. Dark Web
Here be dragons
Neither the deep web nor the dark web can be indexed, but not all that cannot be indexed is the dark web. For purposes of this question, I assume you want the dark web - that much-hyped, mysterious place that the media would have you believe is a wretched hive of scum and villainy where you'd be well-served to shoot first if you hope to survive. Activists will tell you it's our last, best hope for privacy and free speech, all alone in the night.
As with most things, the truth falls somewhere in between. But you didn't come here for analysis, you came here for instructions. Fair enough.
First of all, if you want anyone who matters to take you seriously, drop the "dark/deep web" thing. What you want to access are sites using the Tor Hidden Service Protocol. It works over regular Tor (anonymity network), but instead of having your traffic routed from your computer and through an onion-like layer of servers, it stays within the Tor network. You won't know exactly what system you're accessing unless they tell you, and they won't know who you are unless they do - or unless one of you is careless.
But given that you're the one starting out and they're the ones running hidden services, they kind of have you at a disadvantage if you screw up. Fortunately, the tales of people having their lives ruined by browsing the wrong sites and being hunted by mafiosi bent on silencing them for having witnessed a mob hit inexplicably streamed online are massively overblown. At most, you might find yourself mercilessly trolled, get pizzas ordered to your door, or if you're particularly unfortunate, get Swatted. Check out ‘Swatting’ Prank Ends Horribly for Victim — and He Has the Injury to Prove It.
The simplest way to start using Tor is to download the Tor browser bundle (assuming you're on Windows). You can get it at: Tor Browser. You can find installation instructions for Tor on other operating systems on the same page.
Once it's installed and launched, the browser should connect automatically to the Tor network. From there, you can use a directory of certain hidden services to get started. Some of these directories include:
These sites may contain links to illegal services and are provided for informational purposes only. If you're scammed or get yourself into trouble, your recourse against the people you've dealt with is likely to be limited at best.
Stay safe out there. But is it safe though?
The term "Deep Web" refers to the unindexed web - databases and other content that search engines can't crawl. Your question most likely refers to what's sometimes called the "Dark Web", or more technically, Tor's hidden services.
It's understandable to be a bit nervous about the so-called Dark Web. It's been played up in popular culture quite a bit, and indeed it contains interesting and sometimes rather terrible content. It's also the subject of occasionally amusing speculation and fiction.
But scary stories to tell in the dark aside, Tor hidden services are no more unsafe than the regular Internet. The key part of "Dark Web" is web. The same best practices you should apply anywhere else on the web will help keep you out of trouble on the "Dark" web.
In fact, you might even be safer on the Dark Web if you play your cards right. If you're using the Tor browser bundle, it comes preconfigured to protect you against some of the privacy threats that normal browser configurations would subject you to.
This should go without saying, but it's surprising how often it comes up: If you register on a hidden service site, don't use your real email address. Create a throwaway email. And don't use a username - for the email address or anything else - that you've used before or plan to use elsewhere. And most certainly don't use your real name.
If you engage in a commercial transaction, use a site that has a good reputation. Never pay with a credit card - there's little recourse in tracking down a hidden service operator, and a chargeback might be awkward to explain depending on your transaction. If you pay in Bitcoin, use a site which provides an escrow service.
If you absolutely must download something (and I wouldn't suggest it if you don't know what you're doing), scan at VirusTotal or a similar service.
If you live somewhere connecting to Tor might cause problems for you, consider connecting to Tor via a "bridge". This isn't foolproof, but it will make it less obvious that you're connecting to the Tor network. You can find instructions for getting bridge addresses and configuring your software at Tor Project: Bridges.
Most importantly, exercise common sense. If something seems too good to be true, it probably is. If someone is being unusually friendly, ask yourself why. If someone is making outlandish threats, consider whether the threats are actually realistic. Your own sense of possibility and perspective are your greatest allies. Hone them and learn to use them - they'll do you more good than any antivirus or defensive software.
To directly address the original poster's concern, accessing hidden services won't "piss off" the authorities unless you live in an unusually authoritarian country. So many people use Tor, you'll basically be lost in the noise. (There are still concerns - see How the NSA Targets Tor Users.) If you're particularly worried, you can connect to a VPN before connecting to Tor in order to further obfuscate your traffic.
When using Tor, be aware that when browsing the normal web, the operator of the exit node (the server in the chain closest to the site you're accessing) can see your traffic if it's not encrypted. Be mindful of using sites that don't support encryption if you're submitting personally identifiable information.
A user in the comments section (who for some reason I can't tag) reminded me of Tails, a Linux distribution that can be booted from a USB stick, and automatically routes all traffic through Tor. One of its benefits is that even if something goes terribly wrong, you just have to reboot (or in a worst-case scenario, reformat the USB stick) and everything is back to normal - you can browse with minimal risk.
Tor and its hidden services are a great resource to explore, and learning to navigate them is a keen way to build your skills for day-to-day web use - after all, if you can make it there, you can make it anywhere.