Text originally published by Nika Gigolashvili on the Cyber Secure Central Forums.
‘Deep web’, a commonly misunderstood term, most people are scared of. The Deep Web is not something to be scared of. The Dark Web is a part of the Deep Web, which is something you may have heard about, representing illegal service and content. The Deep Web in general terms refers to websites which are not indexed, websites which could not be searched for by standard search engines, most people will not even get to such websites. The Deep Web is mostly used by people who are restricted to browse through normal websites by a government, or want to stay anonymous in the cyber world.
It is hard to stay anonymous in the cyber world, where most websites are gathering information about you while browsing. Every time you search for something on google information adds to their database. Furthermore, most web sites give google information about you: e.g. how much time you were on the exact page of a website, which ads you like, which type of information is most interesting to you, what information you are searching for and much more. From my perspective this information should be private. Even if this information is not used to harm people, it can be used to do so!
You are giving out information about yourself all the time without even noticing. Most people do not care about anonymity today, and do not know what can happen to this information. For people who want to stay anonymous and don’t want to give out heaps of information about themselves there are services like VPN (virtual private network), for browsing through the web without giving information out by hiding your network identity. VPN services are also used to bypass governmental restrictions on downloading apps or visiting websites. For further exploration of the Deep Web you will need additional software, to browse through some websites on the deep web.
The Deep Web and Dark Web are not safe places if you don’t take precautionary measures. A lot of Deep Web and Dark Web users are good hackers, and can get you in trouble if you don’t know which websites you are visiting. Some of the websites contain malware which can be exploited by some action on the website. A user visiting the Deep Web must always know which websites he is going to visit, and take protection measures by installing software to increase their security and anonymity on the network.
To stay safe:
- Never interact with someone on the Deep Web;
- Never download any file, if you don’t have enough knowledge to measure files safety.
- Never buy any product or service on the Deep Web. Most of the products and services on the deep web are stolen or illegal. For example, you can find some hacking services, illegal gun shops and illegal drug shops.
Transactions on deep web are made in crypto currency, like bitcoin, which allows them to stay anonymous. However governments are still trying to track and catch people, who are offering illegal services or products. Know that you are never 100% secure, and take every protection measure possible to hide your identity or personal information.
Let’s talk about software, the most commonly used software to browse the Deep Web is Tor. Tor is free software, which helps you defend against traffic analysis (a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security), which helps to stay safe from getting hacked. The Tor Browser is similar to a normal web browser in many ways. It is no more difficult to use than Chrome or Firefox. The difference is that the Tor Browser connects you to the internet through the Tor network. It blocks websites or parts of websites that can lead to data leak or security breaches. As you might know windows is not a very safe OS. My suggestion if you are a Windows user and want to browse the Deep Web, is to use VM (virtual machine) with a safe OS like kali Linux on it, VPN(virtual private network) and Tor to browse the Deep Web.
Tor also allows to connect to some websites which are not accessible from normal browsers. Websites which can only be visited with such software have “.onion” top-level domain suffix. Its advantage is that it is free to create. Addresses in the .onion TLD consist of 16-character alpha-semi-numeric hashes, which are incomprehensible and non-mnemonic in nature and are automatically created when a hidden service is configured using a public key. Decimals digits from 2 to 7, and any letter of alphabet can be used to create these 16-character hashes, which thus represents an 80-bit number in base 32. By continuously creating huge numbers of key pars unit a desirable URL is found (which is a computational process that can be done simultaneously), a human-readable .onion URL can be set up with specifying the first 8 characters of the domain. For example, a search engine which you can find on the Clearnet with duckduckgo.com address has .onion domain with https://3g2upl4pq6kufc4m.onion/ and is only accessible through the Tor network.
The content of this article does not reflect the official opinion of Cyber Secure Central. Responsibility for the information and views expressed in the article lies entirely with the author(s).