I think we all understand it exists. I just don’t see any reason why a decision that’s the equivalent of deciding whether you want to upgrade your cable package should be treated like Morpheus offering Neo the secrets of the Matrix.
Kind of. You said pages that are not available on search engines. What I’m talking about are pages on websites where if you clicked every possble link available, you can’t get to the page but typing in the address you can. It has nothing to do with search engines.
Fair enough.
For those who are curious, here is link that will get you to the Hidden Wiki:
kpvz7ki2v5agwt35.onion
Yes, that is a real link, but it won’t work in your current browser. You have to use the Tor browser (a slightly modified version of Firefox) to access it. That is what most of the links on the hidden web will look like.
BTW, Tor is slow, so give it a little time. It bounces things all over the internet to prevent tracking.
Some of it, maybe, but I think most of the “deep web” (aka, “hidden web”, “invisible web” etc) consists of pages that are generated on the fly from information in databases. They are normally to accessed by typing some sort of query into a form on a regularly accessible web page. Normal search engines can’t access this material both because there is no regular hyperlink linking to the material, and because there is no permanently existing web page that holds it. However, some specialized search engines can directly index at least some of the material in the relevant databases (see my and Tom Tildrum’s earlier posts).
It comes to much the same thing. If there is a link on a page somewhere (a regular html or JavaScript hyperlink, anyway), search engine spiders can get to it and index it. If there is no link on any page they can get to, they can’t get there.
How about you tell those of us who are curious what the content of that page is, so we can decide whether or not it’s worth downloading a new browser just to see it.
It’s like some fantasy cliche.
“Yo, wizard, I’m supposed to fight the Red Dragon and I was told you know how to defeat him.”
“Wise you were to seek me out for in truth I can reveal to you that the knowledge of which you seek.”
“Ummm…okay…tell me how to kill a dragon and try to do it in a grammatically correct manner.”
“First, you must travel across the Desert of Great Waste. Then you will reach the Endless Ocean. Voyage across the waters until you come to the Island With No Name. Seek out the tallest tower on the isle and climb to the chamber that lies at its top. In that chamber you shall find the Book of Al-Kar-Ka. And in the book, you will find the knowledge you seek.”
“Right. So this book contains the secret of how to kill a dragon?”
“Most assuredly.”
“And you know this because you know what’s written in that book?”
“My knowledge is vast.”
“I’m sure. But if the secret of killing a dragon is in that book and you know what’s written in the book, why don’t you just tell me the secret here and save me what sounds like a really long trip?”
“I…I never thought of that…I guess I could…the Book of Al-Kar-Ka says that the secret of killing a dragon is to use a copper blade rubbed with onions. Dragons are allergic to that combination. You have to stab them under their wings because that’s the only soft spot in their hide.”
“Copper, onions, and wings. Got it. A couple stops around the castle, an hour’s ride out to the Red Dragon’s lair. I should be back in time for supper. Thanks, wizard.”
“Glad my heart is that of help I could be.”
“Seriously, dude, syntax.”
Some further clarification.
The Tor network (and there are a few other such networks, in varying states of development) is not pages of the World Wide Web which Google and the like don’t index, it a whole different network of servers and routers and millions of web pages to which the major search engines and browsers don’t even connect.
Going on the hidden web is not like switching cable providers. Switch cable providers and you still get the same seventy-some channels with maybe a couple of differences. Going on the hidden web would be more like switching to a cable provider that gives every person in the world who wants one his own channel and he can anonymously broadcast whatever he chooses.
The Hidden Wiki is just like the Wikipedia page about the World Wide Web, except it provides information about the Tor network, which, I repeat, is not a part of the WWW, but rather an entirely separate and distinct network.
I provided the link in the spirit of the SDMB, to fight ignorance.
There is nothing stopping Google or whoever from indexing the TOR network. They can make a spider that speaks TOR, point it at the Hidden Wiki and then also get their regular HTTP spider to look for .onion links posted in forums or webpages and connect to them and index what it finds.
If the .onion address is ever posted publicly anywhere on the internet, it can be indexed.
In fact, here you go, its been done:
Here is the hidden wiki main page accessed through a normal browser using a proxy. (NSFW LINKS)
Yes, they could, but they don’t. And notice that your browser can’t directly access the .onion URL.
Personally, I wouldn’t access random .onion websites through a proxy using a standard browser. The Tor browser is designed with privacy and security in mind and makes it nearly impossible for your browsing to be tracked. If you don’t know what the link leads to … well, I wouldn’t do it.
The Tor network is useful, even necessary to some people. Using it for legitimate purposes is perfectly legal. Just keep in mind that it is totally uncensored and there are a lot people around who don’t like that fact.
you can through the onion.to proxy, just add .to to the end of any .onion link and you can visit it in a standard browser.
No neither would I, my point is that really to show the onion network is just another protocol, it’s like the difference between HTTP and HTTPS*, it’s not a whole separate infrastructure, as the Tor routers and hidden services run on existing machines accessible through the public internet, most of which probably run standard HTTP services with different content.
(*with extra stuff to stop client and server being able to identify each other).
You’re still telling us there’s great stuff out there. But you won’t tell us what the great stuff is. We should just go see it for ourselves. Don’t ask questions. Just download this software into our computers and go look.
Sorry but my rule of thumb is never download mysterious software based on promises of how cool the results will be.
I’ve given you a link that lets you see the main hidden wiki page without installing anything. Summary, there’s a bunch of sites about hacking, activism, sources of pirate software and people claiming to offer money laundering services, sites you can order drugs and weapons using Bitcoin and sites offering all kinds of pornography both legal and not legal.
I don’t know why he isn’t telling you. What you’ll see is basically a bunch of links to weird websites. It’s mostly conspiracy stuff, forums that would be very controversial for one reason or another, ways of buying dodgy things illicitly, and child porn. Don’t worry, by and large you will not be exposed to the latter so long as you haven’t got an utter pea brain. Anonymous is working to try and get rid of it entirely anyway.
Some of the forums are ingenious, seriously. And you should also browse Silk Road.
By the way the software itself is totally innocuous and refusing to install the software itself is on a luddite scale of refusing to install firefox, it’s that respectable now.
Again, is there a cite for this?
I entirely agree that AES is the right thing to use, and I’m not for a moment suggesting that it has secret flaws or something. But the NSA has in the past maintained and recommended other, classified crypto systems for especially sensitive work (Suite A), and if there is public info that gives any insight as to what the current state of affairs is I’d like to read it.
For amusement value maybe but you’d be an idiot to order anything from there. Authorities in several countries are well aware of the site. They might not be able to break the encryption but they can do stings like posing as a buyer and then tracing back the physical shipment.
The other risk to Tor is the DEA or NSA putting up hacked Tor relays that trace and log packets. Anyone can run a Tor relay, and there doesn’t seem any protection from this attack to me.
I did not say anyone should do anything. I simply provided the links for anyone who wants to.
The entire purpose of Tor is to prevent this kind of attack:
Thats correct they can never trace it with one connection. But what if someone runs both hacked Tor entry and exit nodes (on many many different machines) and alters packet contents on the entry node so that the exit node can recognise it? Over time you can correlate IP addresses of entries with exit requests. Since the Tor network follows a different random path each time, if you put up enough hacked Tor relays, sooner or later your packets will go entirely through hacked relays, then goodbye.
Also, people have been busted for running Tor exit nodes, when a user using them as a relay accessed something bad.
There’s an outline of this sort of attack here. In short, Tor specifically doesn’t protect against end-to-end timing attacks - that was a deliberate design limitation - and the sort of attack you’re describing is probably no more effective than those.