We often hear the terms Deep Web, Dark Web and Tor. Sometimes, we even use the terms Deep Web and Dark Web interchangeably. But, are they same or are hey different ? And, how does Tor work ?
Let's try to understand this.
Deep Web is a part of the World Wide Web which are not indexed by standard search engines. So, one cannot browse those pages normally.
For example, one can login to social networking sites by giving his username and passwords and then change the profile settings in such a way that only a selected people would be able to see information about him. So, his profile pages will not be indexed by standard search engines and those webpages will be considered to be a part of Deep Web.
There are a number of ways a webpage can be part of a Deep Web. Just to name a few :
- Webpages that need authentication to browse through.
- Textual content encoded in multimedia files.
- Dynamic pages that are returned by the server in response to a specific query, for example after submitting a form.
- Websites that limit access to their webpages.
- Webpages that are intentionally hidden from the internet and is accessible only through special software like Tor, I2P or other darknet software.
- Webpages that are not linked by other pages searchable by standard search engines, i.e. pages without backlinks.
- Archived versions of webpages that are now inaccessible by search engines. There are many web archival services which enable users to see archived versions of webpages across time.
Dark Web is a part of the Deep Web which require specific software, configuration or authorization to access. The Dark Web is normally used for malicious purposes like child pornography, blackmarkets, or for whistleblowing etc.
Just to give some typical examples of contents of Dark Web :
- Botnets which communicate with their C & C Server for hidden purposes.
- Bitcoin services like tumblers.
- Commercial darknet markets for transactions of illegal drugs etc.
- Hacking groups and services.
- Phishing and scams.
What is Tor
Tor or The Onion Router is a software which can be used for browsing the internet anonymously. Tor was first developed by the United States Navy to protect sensitive communications. Later, it became open source and a multi-platform browser that is available in public.
What is anonymous browsing ?
Sometimes we use Proxy Servers which work as intermediary in the connection. But, that also cannot ensure the anonymity. They keep logs of traffic, from which the actual source can be traced back.
For anonymous browsing, one needs software like Tor. Using Tor one can browse the internet without revealing his personal identity. It is mainly done by using different techniques to conceal the user's IP address and by disabling pop-up windows, cookies etc.
How does Tor work ?
Tor uses a number of different dedicated nodes using which an outgoing network packets reach its destination. In each node, the network packet is encrypted to conceal the source IP address. Only at the destination node, the packet is decrypted and the data is retrieved.
For example, suppose a user is using a Tor browser and the corresponding network packets travel from node A to node Z before reaching the destination. So, a network packet will typically follow the following path :
- The data packet is encrypted at the user's system and reaches node A.
- Node A will again encrypt the data packet and send it to node B.
- Node B also will do the same and send it to node C.
- Eventually, the data packet will reach node Z.
- Node Z will decrypt all the layers and send it to the destination.
- When the data will be sent back to the source from the destination, it will typically follow the reverse path.
As at each node, the packet is encrypted to conceal the IP addresses, it is extremely hard to trace back the source.
Weaknesses of Tor
Tor cannot be called to be truly anonymous. It has a number of weaknesses. And, there are a few ways that can be used to derive information on the identity of the source.
For example, one can eavesdrop on the exit node to derive data. As Tor cannot encrypt the traffic between the exit node and the destination, any exit node that does not use SSL/TLS can reveal much information on the identity of the source.
This was a short article to give information on the Dark Web, the Deep Web and Tor. Hope you liked it.