.Onion — The Real incognito

Vasanth Vanan
Jun 12 · 4 min read

also the magic clue for Onion routing (TOR)

Image courtesy: ibtimes.co.uk

Some Internet users still believe surfing through incognito mode makes you invisible to the Internet. Sorry, but Google Chrome's incognito isn’t as private as you think. It only hides traces of your activity from people using your computer, not the internet. Then Who is the Real incognito?

“ Everyone is a Gangster until the Real Gangster arrives! ”


The name sounds misleading, but it has the actual meaning with it. Onion Routing communicates anonymously over the Internet. It achieves it by using the free Software browser called “TOR”. When you make an HTTP request from a TOR browser, it bounces around different routers situated in different countries confusing the attacker from hijacking the connections. So it is hard to find the user who has actually requested the particular website and thus it provides anonymity.

When facebook.com was accessed through TOR, it communicated different routers, and passed over the different overlay networks called Relay Circuits

How does it Connect?

At first, Online routing connects you to the Internet Service Provider, and it would create relay lists containing all the active nodes to connect securely. Then, it will connect you to different Middle nodes and would finally connect you to the Exit Node. This Exit node will actually make the HTTP request to the servers. Suppose the connections are being tracked, only the last hop, i.e Exit node would be identified as the one who visited the website. When Facebook is accessed, it will only contact the exit node’s IP address instead of your IP address.

Multiple Layer of Encryption

Online Routing sends messages through strong encryption for each communication, thus acquiring multiple times of Encryption with different keys in layers. Let us assume the Client user has different shared keys to each node.

  1. The client has 3 symmetric keys named k1, k2, k3.
  2. Communicating From browser to the middle node (France) it uses k1 as the shared key to encrypt.
  3. From Middle node (France) to Middle node (Germany) it uses k2 as the shared key.
  4. Similarly, K3 is used for Middle nodes (Germany) and (Netherland)

It is decrypted the same way. Thus, an Onion Routing is Established.

Image Courtesy: computerphile

The Dark Web:

Initially, these Onion routing services were used by US Naval Research to protect their US intelligence data online. Later, TOR was released as Open Source which gave birth to the Dark Web. (Peer-to-Peer Network)

Dark Webs are the part of the websites which are not indexed by search engines. These are webpages which enforce to indulge in illegal activities like gambling, guns, black market, hacking, Movie piracy, bitcoin, child pornography, and drug markets. Since Onion routing has the anonymity feature, internet users started to communicate & did business anonymously through dark webs.

Image Courtesy: legitscript.com

These dark webs are not like normal websites. It has a .onion domain name, which points to Tor hidden services, that can be accessed only through TOR.

A onion website address may look like: http://3g2upl4pq6kufc4m.onion/

Facebook provides an official onion web address to access through TOR hidden service:


TOR maintains a directory list which provides all the related .onion websites.


It is advised not to visit some of the onion websites as it will be too horrifying and disturbing. Some of the .onion websites are considered as the scariest thing on the internet.

The following information has been taken from here.

Besa Mafia
Besa Mafia, allegedly allowed people to hire hitmen to take out any rival they wished — as long as they paid the price to do so.

The Cruel Onion
The Cruel Onion is a Wikipedia-like site that allows users to post them abusing animals online.

The Cannibal Cafe
The Cannibal Cafe is a website that is devoted to people who want to eat human’s flesh. This website also sells part of human flesh for money.

Peter Scully’s Red Room
red rooms are websites that allow you to witness someone being raped, tortured, or killed for a price. To be a spectator, you have to spend some money.

Other .onion websites include:

  • movie-piracy which communicates through P2P network to share files and resources.
  • Black markets such as Silk Road, a platform for selling illegal drugs, electronic components.
  • Hiring-a-Hacker, a website that hires a real hacker to attack any rivals and pay for it.

FBI has raided few of the websites and it has been shut down. But still, some of the deep technical nature of this network remains forever in the dark. Technologies are meant for a good cause, use it wisely.

Always Stay safe and Secured 🙂

Vasanth Vanan

Written by

Information Security Enthusiast