Depending on how much reading you've done on the subject of the Dark Web, you may have heard the word "Onion" quite a few times already. Does the Dark Web have some obsession with this tasty food item? In fact, when it comes to the Dark Web the word "onion" has a very specific, very important meaning. It refers to both a unique web domain format and to the Tor Network. Both of these are going to require some sort of explanation. By the end of this article all your basic onion questions should be answered in full, so buckle up Dorothy, cause Kansas is going bye-bye.
"Tor" is short for The Onion Router. It's actually three things. Firstly it's a network of anonymous volunteers that act as a privacy filter between Dark Web users and the rest of the internet. Secondly, it's a special browser that allows all that Dark Web technology to work properly. Lastly, the project aims to keep all of the above going.
You'll notice that the word "onion" is part of Tor, and that's no accident. Onion routing is the cornerstone of how the Dark Web operates on a technical level. OK, it would be more accurate to say that onion routing is the method that underpins most of the Dark Web. There are corners of the Dark Web that operate using a different system, but the vast majority of the Dark Web exists in Tor. So just what is onion routing?
At its core, onion routing is about the clever use of encryption. Encryption is, of course, the term that refers to all the methods that can be used to scramble information so that not just anyone can read it.
Computers send data across the internet in small packets. They don't just carry pieces of the data that's being sent, such as an image or text. They also contain all sorts of metadata which includes the origin and destination of the packet. Encryption, such as HTTPS, is used across the regular old surface web. It prevents ISPs, the government, and hackers from reading their content. However, anyone intercepting the packet can still see who sent the packet and where it's going. If the site that person is visiting is forbidden in their country, then it doesn't matter that the data inside the packet can't be read.
Onion routing uses multiple layers of encryption to obscure that additional information about the data packet. These heavily-encrypted packets are then sent from your computer to their destination along a random route through thousands and thousands of volunteer computers. Each node on this network received the packet and strips a layer of encryption, before sending it on. The last node, or "exit" node, take away the last bit of extra encryption before sending the packet to its final destination. Because of this elaborate method of routing packets, no one along the way knows who the original sender is or where the data is going, apart from the exit node that is. Which does know the final address, but nothing else.
The end effect of this is that anyone who uses Tor is almost impossible to track through the Tor network itself. It's a military-grade solution that's been adapted for all the uses we know the Dark Web for today.
Everyone knows the format of surface web URLs these days. For example, this site is at https://www.technadu.com. That we address is translated by a DNS server into the specific IP address of the server that hosts it. Onion addresses look different. For example, this is the official Facebook .onion site:
facebookcorewwwi.onion
This still looks pretty readable for a human, just like a normal URL. This is actually pretty uncommon. Since these addresses are generated using a randomized process. This process yields a string of characters. No one is going to remember them. Facebook had to pull some high-end trickery in order to make an onion domain that actually says what they wanted.
Now look at this address:
duskgytldkxiuqc6.onion
This is a test site created by the Tor project. It's a more typical example of what onion addresses look like.
If you type an onion address into your regular browser right now and try to visit the site, you'll get an error message. So given that you have an onion address, how do you actually visit the site? There are two ways to do this. However, one of them is certainly not recommended. Let's start with the safest way to access an onion site.
The safest way to access an onion site is by using the stock, pre-configured download of the Tor Browser. Just download the software and type in your onion address. This will provide a high level of anonymity and makes it dead easy to open and view onion sites.
While the Tor browser by itself is going to be more than enough for most users, it's not perfect. In fact, there are more than a few methods that use the unique fingerprints of the actual computer you are using Tor on to build a traceable profile.
The Tor Project actually has an answer to combat this and it's called Tails. Tails is an entire operating system you boot from a removable disk. Each time it loads it's a fresh, generic copy. So any attempts to profile the computer itself will fail. For those who need maximum security, Tails is a must-have tool.
The second method of connecting to onion sites is not one I would recommend. There are several sites that will act as a middleman between the clearnet and the Tor network. Just provide the onion address and they'll display the page for you. This is much easier than using Tor, but it comes with a mountain of problems. The main one is that all of the anonymity that Tor provides is gone. There is also evidence that these sites may be tracking you. Needless to say, we don't recommend this.
So you might be thinking that this is all very cool, but how does one actually go about creating a .onion site?
It actually starts with exactly the same step you use when you want to browse other onion sites. That is, you begin by downloading the Tor browser. This installs the Tor service on your computer, which is needed in order to host a site on an onion domain.
Once the Tor service is installed on the machine, you install a web server on the computer in question. Just the same as you would set up any other clearnet we server. Tor specifically recommends using Savant for Windows servers and thttpd for everything else.
Once you've set up your web server according to Tor's recommendations, you need to configure the hidden service itself. Configuring the hidden service automatically generates a .onion address for you, which you can post to places like Reddit or anywhere else.
By all accounts, the Dark Web is shrinking and many .onion sites disappear without warning. This isn't too surprising. Most hosts put these sites on personal computers. Often with dubious internet connections. Others are installed secretly on company servers or are otherwise not meant to be where they are. Few people are going to pay for traceable hosting unless they really know what they are doing to cover their tracks.
The Dark Web is fairly small, however. Unless you are a huge market such as the erstwhile Silk Road, a normal web connection and an old PC you have lying around will probably be OK for most onion sites. It's not automatically illegal to host one either. You can have a perfectly legal site and keep it exclusive and private by hosting it on Tor. Well, unless you live in Gemany.
Have you visited a .onion site before? Let us know in the comments. Lastly, we’d like to ask you to share this article online. And don’t forget that you can follow TechNadu on Facebook and Twitter. Thanks!