10 Hacks Every Dark Web User Should Know

The dark web has a sinister and foreboding name for a reason. This is a place where all manner of illegal and underhand activity takes place, as well as somewhere internet users can free themselves from government censorship and draconian surveillance. Getting on the dark web isn't particularly difficult, but it's not somewhere you should head without doing your research first. If you visit an unfamiliar location in real life, you'll want to make sure you know how to stay safe and make the most of your trip, and it's the same with the dark web. As such, follow these hacks and tips to maximize your chances of staying safe and getting the most out of what the dark web has to offer.

Use IP Leak to make sure your IP address stays hidden

As with the general web, using a VPN with the dark web isn't essential, but is recommended. However, you should also check for IP leaks before you start doing any dark web browsing, even with a VPN up and running.

In simple terms, an IP leak is where your actual internet location is revealed to the sites you're connecting to—something you want to avoid on the dark web. This might be caused by a rogue website script or browser extension, for example. It's easy to do: Just head to IP Leak and check the IP address that's being reported isn't actually where you are. As an added bonus, the site checks for leaks through the WebRTC and DNS protocols, which can also reveal your location in a more roundabout way.

Avoid leaving fingerprints by resizing your browser window

Tor and a VPN of your choice can hide a lot about your identity, but you're still vulnerable to fingerprinting when you're on the dark web. That's where information being reported by your computer—such as the operating system, the system time, and even the fonts you have installed—is used to recognize you as an individual.

Another key piece of information used in fingerprinting is the size of your monitor display: If your browser window fills your screen, a bad actor can infer what monitor or device you may be using. Tor does use some tricks to try and obfuscate this, but you can help by not maximizing your browser window (and perhaps randomly resizing it from time to time).

An identity reset in Tor. Credit: Lifehacker

Use "New Identity" to hide who you are online

Tor includes a feature that isn't immediately obvious, but which can help you switch identities in a couple of clicks. It's like disappearing into a rest room and then remerging with a different disguise—disconnecting you from whatever you were doing through the browser before.

Click the menu button (three horizontal lines, top right), then pick New identity. All currently open tabs will be closed, and the browser restarts. You'll be rerouted through different Tor circuits to get back online, and all previous browsing data and cookies will be wiped away.

Use Dangerzone to securely open files on the dark web

Generally speaking, you don't really want to be downloading anything from the dark web, if you can help it: The dark web waters are swimming with malware, scams, and otherwise unwholesome material. However, there may be times when you need to open a document given to you by a trusted contact.

Anything you do need to open should be opened through Dangerzone. It basically puts a security sandbox around PDFs, images, and office documents, and strips out any kind of malicious or tracking data embedded in the file. You're then left with a sanitized file that's passed security clearance and can be opened as normal.

Add a bridge for extra security

For ease of use, you can have Tor connect to the web through a path of its choice, concealing your identity and location through a series of recognized nodes. If you want to take this a step further, you can add a bridge into the connection chain as well.

Standard Tor nodes (or relays) still report an IP address, though it won't be your actual one. Bridges don't share IP addresses at all, which makes it even harder for someone else to track who you are and what you're doing. They're particularly useful in countries where known Tor relays might be blocked by the authorities.

In the Tor browser, click the menu button (three horizontal lines, top right), then Settings > Connection to configure a bridge. Use Request bridges to ask for a bridge link from the official Tor bot, or use the web or Telegram links to find one.

Setting a pluggable transport. Credit: Lifehacker

Use pluggable transports to hide from your internet provider

Pluggable transports are a specific type of Tor bridge: As well as additional IP address cloaking and anti-censorship measures, pluggable transports hide the fact that you're actually using Tor from your internet provider as well. They're often used as a next-level step wherever the Tor network has been banned.

To configure a pluggable transport bridge inside Tor, click the menu button (three horizontal lines, top right), then pick Settings > Connection. Click Select a built-in bridge to choose from one of the available pluggable transports, which each come with a description of how they work.

Kill your other tasks and apps before surfing the dark web

If you're accessing the dark web through Tor, shut down everything else on your system: Clear out all the apps that are in memory, even if they're only running in the background (Task Manager on Windows and Activity Monitor on macOS can help with this).

Not only can running apps help to identify your system for fingerprinting (see the window resizing tip above), they can also make you more vulnerable to malicious websites and malware you might come across on the dark web. The more programs you've got running besides Tor, the bigger the target area for bad actors.

Use tools to create a "dark web persona"

All of the security and anonymity measures that go into Tor and VPNs are compromised to an extent if you then log into your regular accounts (like Amazon and Instagram) while you're also browsing the dark web. It makes it more likely that your credentials will be stolen, and that you can be identified as an individual user.

Some dark web users set down rules for a whole new internet persona to make it harder to reveal their real identities. This might involve going online at different times, using different devices, and maybe even different wifi networks. Any overlap with your "regular" internet use puts you at more risk.

This extends to email addresses and login names too: Use different ones on the dark web to the ones that you normally use. You can get burner email addresses from plenty of providers, including DuckDuckGo and Apple.

Ramping up browser security. Credit: Lifehacker

Use Tor's "Safest" mode to restrict what websites can do

The Tor browser includes a "maximum security" level that shuts down a lot of website activity like scripts and media playback. It's not on by default, and it can affect the functionality of sites (they'll typically look a lot more barebones), but if you want to stay as safe as possible then it's available as an option.

Click the menu button (three horizontal lines), then Settings > Privacy & Security and Change under Security. Select Safest to put Tor into maximum security mode, then click Save and restart.

Connect through Tails OS for an extra security layer

Access the dark web through Tor on Windows or macOS, and you're well protected from harm. Access it through the portable, Linux-based operating system Tails, and that protection goes up another level.

Tails runs from either a USB stick or through a virtual machine, which means any malware that does sneak through your defenses can't reach your main operating system and everything on it. (Everything on the OS runs through the Tor platform, not just the browser.) You will need to set aside some time for this, but it's worth the additional effort if you want to stay as safe as possible. Tails offers a full guide explaining how to get started.

from Lifehacker https://ift.tt/6hleRan
via IFTTT