[GlobalMan]

Here's a rundown of the sites that have been indexed by type





So you have about 49.25% percent that are at least legit categories (some obviously will be partially used for illegal activity)

[WestIndianArchie]

(08-02-2015 03:56 PM)Brodiaga Wrote:  

What is the reason to use the deep web for those who are not looking for drugs, k pron or anything of that sort? Is there anything interesting there, like super red pill discussions for which you would get banned even here?

Somebody just said they had free books.

That's good enough for me.

WIA

[Cr33pin]

I am in a different country.... I can also sign on to the cafe next doors wifi from my apartment with my lap top and I have a vpn service. So would I was be safe as shit if I ventured on the deep web right? There would be no other way I could really be tracked?

I never even wanted to or thought about exploring the deep web till I saw this thread... it has peaked my curiosity.

[Horus]

(08-03-2015 05:42 AM)Cr33pin Wrote:  

I never even wanted to or thought about exploring the deep web till I saw this thread... it has peaked my curiosity.

The correct spelling is piqued in this context.

I'm not trying to be a dick and I know it's irrelevant to the thread, but I always appreciate it when people point out my spelling and grammatical errors.

[lskdfjldsf]

Cr33pin, do not try this in Europe. Even normal internet usage here can get you put on a government list, or worse. For all the shit we talk about America, it really is a free country and offers basic protections when it comes to internet use. All things considered.

The telecom industry in Europe is highly centralized, highly regulated, and highly monitored (for example, right-wing opinions in Germany can be prosecuted as Volksverhetzung if not formulated properly). Auto-tracked content monitoring/flagging. There's no history of free speech protections or tolerance of "questionable" behavior; intent is irrelevant.

I get nervous browsing MPC and some Twitter feeds here. The Deep Web is a sure way to end up in prison.

[Cr33pin]

(08-03-2015 07:02 AM)Horus Wrote:  

(08-03-2015 05:42 AM)Cr33pin Wrote:  

I never even wanted to or thought about exploring the deep web till I saw this thread... it has peaked my curiosity.

The correct spelling is piqued in this context.

I'm not trying to be a dick and I know it's irrelevant to the thread, but I always appreciate it when people point out my spelling and grammatical errors.

I actually knew this cause I googled it the other day... however thank you for reminding me because I obviously forgot ha.

[Tokyo Joe]

O dear god, the Deep Web...! My fingers are shaking just trying to type this out.

One day many years ago I accidentally stumbled into the Deep Web completely unawares. There I beheld things heretofore unimagined --

* the unedited, uncut Zapruder Film
* detailed instructions for the transmutation of table salt into crystal meth
* the full seven volume history of the Roswell Project
* a technical recounting of the joint Indian-Israeli undersea thermonuclear test that caused the 25 December 2004 Indian Ocean tsunami
* the line of control by which the Eight Families manipulate the U.S. Federal Reserve System
* hardcore German porn starring an 18-year-old Natalie Portman
* the means that the Bank for International Settlements uses to pacify the world population (hint hint: think fluoridation of the water supply, but more sinister)
* a complete list of the 57 associates of Bill and Hillary Clinton who were covertly assassinated but passed off as suicides and accidents
* Obama's real Mombasa birth certificate

... And much much more I am hesitant to discuss. About 28 hours into my poring over this information, a team of agents from U.S. OGA (i.e. "Other Government Agencies") forcibly burst into my apartment and carted off my computer, hard drives, all electronic media. And then my brain was degaussed to such an extent that I had to relearn the most basic bodily functions.

Even if I could find it now, I would never go back to the Deep Web again.

The horror! The horror!

[samsamsam]

Dammit TJ! You troll.

I was sort of going wow this shit exists and then bam OGA nonsense.

[Paracelsus]

What're you talking about? TJ dropboxed me a copy of the unedited Zapruder footage just before the Feds broke in and got him. The one I saw had pretty damn good resolution, you could clearly see Elvis on one of the motorcycles.

[Repo]

He got me until transmutable table of salt into chrystal meth. We all know that this knowledge was lost with Atlantis.

[General Stalin]

I would like to think that the more interesting aspects of Deep Web would be things like TJ joked about: classified inner-circle information. Conspiracy theorist wet dream type of stuff.

[samsamsam]

(08-03-2015 10:06 AM)Paracelsus Wrote:  

What're you talking about? TJ dropboxed me a copy of the unedited Zapruder footage just before the Feds broke in and got him. The one I saw had pretty damn good resolution, you could clearly see Elvis on one of the motorcycles.

The steps necessary to make it remotely safe to access the deep web makes me

[Sooth]

Had a look around over a weekend a few years ago just to see what the deal was.
Found all the drugs/guns/cp etc. Pretty much exactly what I expected to be there.
The idea of the "deep web" is more intriguing than the content that's actually in it.
You would be better off gaining normal world knowledge that will help you legally.

[presidentcarter]

(08-01-2015 10:33 PM)PALEO DUDE Wrote:  

The claim is that the regular web is just a small percentage of the enormity of the content found on the deep web. So i'm curious if anyone has any links to less popular but interesting websites they would like to share?

How has this not come up yet? I've seen this language used in other places as well. But...how does "deep web", full of weird taboo, actually amount to a much larger amount than the "real" web that billions of people all know and use. Seems crazy.

I'm watching the 2015 film about it now (narrated by Keanu Reeves ).

[LeeEnfield303]

Quote:

* hardcore German porn starring an 18-year-old Natalie Portman

OK, you got me, I'm in.

[NovaVirtu]

(08-01-2015 10:33 PM)PALEO DUDE Wrote:  

The claim is that the regular web is just a small percentage of the enormity of the content found on the deep web. So i'm curious if anyone has any links to less popular but interesting websites they would like to share?

[h3ltrsk3ltr]

From what I understand from my cable running days, the last few feet of the fiber or coax running from the 1000+ pair trunk to the CO is unencrypted plain text data packets. Some agency (gov or otherwise) could run sniffers on this portion.

I assume this is at least close to the facts, if not quite right, I admittedly know just enough about this to sound ignorant.

Additionally, if you were under the government's Eye of Sauron, they could sniff shit (heh) going into your node/home or whatever regardless of encryption you're running. And it's been speculated that the NSA has the ability to break most non-custom encryption.

Can anyone weigh in on this?

[Alpharius]

(08-04-2015 10:17 PM)h3ltrsk3ltr Wrote:  

And it's been speculated that the NSA has the ability to break most non-custom encryption.

Can anyone weigh in on this?

That's kinda their job.

Read some James Bamford, I read one of his books in college and was one of the few people who just kinda shrugged when Snowden turned traitor on the US. I guess anyone who reads Wired also should not have been surprised.

[h3ltrsk3ltr]

(08-04-2015 10:27 PM)Osiris Wrote:  

(08-04-2015 10:17 PM)h3ltrsk3ltr Wrote:  

And it's been speculated that the NSA has the ability to break most non-custom encryption.

Can anyone weigh in on this?

That's kinda their job.

Read some James Bamford, I read one of his books in college and was one of the few people who just kinda shrugged when Snowden turned traitor on the US. I guess anyone who reads Wired also should not have been surprised.

Nah I got that.

Just wondering if anyone has some technical knowledge on this.

[ManVsMachine]

(08-04-2015 10:38 PM)h3ltrsk3ltr Wrote:  

(08-04-2015 10:27 PM)Osiris Wrote:  

(08-04-2015 10:17 PM)h3ltrsk3ltr Wrote:  

And it's been speculated that the NSA has the ability to break most non-custom encryption.

Can anyone weigh in on this?

That's kinda their job.

Read some James Bamford, I read one of his books in college and was one of the few people who just kinda shrugged when Snowden turned traitor on the US. I guess anyone who reads Wired also should not have been surprised.

Nah I got that.

Just wondering if anyone has some technical knowledge on this.

Most encryption you use in your regular web use (lets say via an HTTPS connection) is already encrypted to a level which would take years to break. Even the NSA would have trouble with it. There are numerous other research institutions which are just as far along, if not further, in breaking encryption and they aren't there yet either. There would need to be massive amounts of collusion between security experts across the world on techniques outside the realm of public knowledge (*takes tinfoil hat off*)


I continue....however, your HTTPS connection is created with a public key from the web server, and a Certificate offered by a third party. Your browser uses this key to encrypt a key of its own which is passed to the server to decrypt along with other http data you send before passing you back the page you requested.

If the NSA has control of the issuer of the Certificate (the "Certificate Authority") they can decrypt your HTTPS connection. They could also pass you a fake signed certificate that you couldn't tell the difference between.

Now, what if you self-signed and encrypted your own public key? Well this actually would be more secure if you did it properly, and the experts would need to find another way in, but the client's browser would have a big red "X" over the "Https" in the status bar, and your browser tells you not to trust the connection!


Similarly with TOR as with the control over Certificates, they now control many of the relay nodes through which you connect. Most "bad guys" on the deep web are also not security experts - they reveal themselves through other means, many of which you wouldn't even expect like the plugins you use!


In layman terms, they're essentially experts at being the man in the middle.

[h3ltrsk3ltr]

(08-04-2015 11:06 PM)ManVsMachine Wrote:  

Most encryption you use in your regular web use (lets say via an HTTPS connection) is already encrypted to a level which would take years to break. Even the NSA would have trouble with it. There are numerous other research institutions which are just as far along, if not further, in breaking encryption and they aren't there yet either. There would need to be massive amounts of collusion between security experts across the world on techniques outside the realm of public knowledge (*takes tinfoil hat off*)


I continue....however, your HTTPS connection is created with a public key from the web server, and a Certificate offered by a third party. Your browser uses this key to encrypt a key of its own which is passed to the server to decrypt along with other http data you send before passing you back the page you requested.

If the NSA has control of the issuer of the Certificate (the "Certificate Authority") they can decrypt your HTTPS connection.

Now, what if you self-signed and encrypted your own public key? Well this actually would be more secure if you did it properly, but your client's browser would have a big red "X" over the "Https" in the status bar, and your browser tells you not to trust the connection!


Similarly with TOR as with the control over Certificates, they now control many of the relay nodes through which you connect.


In layman terms, they're essentially experts at being the man in the middle.

First, I would give a rep point and a bottle of...let's say mid shelf bourbon for a datasheet on practical encryption, public keys, and whatever else you could provide on this topic. I'd be willing to write part of it or help in any way I can.

Second, how does the physical layer play into vulnerability? Is it possible for any entity, like the middle man, (VPN/proxy companies, an ISP, web host, cell provider, the government, or someone else) to simply intercept the information physically after its been encrypted properly because they're part of the infrastructure?

I know you sort of already answered the second part, I guess I just need more clarification if you'd be willing to provide it.

[ManVsMachine]

(08-04-2015 11:18 PM)h3ltrsk3ltr Wrote:  

First, I would give a rep point and a bottle of...let's say mid shelf bourbon for a datasheet on practical encryption, public keys, and whatever else you could provide on this topic. I'd be willing to write part of it or help in any way I can.

Second, how does the physical layer play into vulnerability? Is it possible for any entity, like the middle man, (VPN/proxy companies, an ISP, web host, cell provider, the government, or someone else) to simply intercept the information physically after its been encrypted properly because they're part of the infrastructure?

1 ) Oh man, cryptography gets pretty complex and to be honest with you, I'm not the best at understanding it myself. This explanation I'm giving you is the "Jim Bean" of cryptography. Look at those tasty middle shelf bourbons, and then move your eyes down to the floor. . The public key cryptography I mentioned uses RSA cryptography, which, to explain at the highest level essentially uses two VERY LARGE *DIFFERENT* (assymetric) prime numbers of similar bit length, and what makes them so hard to break is that its so damn hard to factor prime numbers. A 256-bit key will take you testing 2^256 possible keys to break. The math is provided here: https://en.wikipedia.org/wiki/RSA_(crypt...generation

Now, the RSA is just one part of the puzzle. Your private key is created with AES encryption which I understand even less, lol. But these tend to be harder to break unless you use a very very large bit RSA prime.


2) Very perceptive of you!!! almost every single point in the physical layer you mentioned is also a point of vulnerability. And yes, they can and will intercept it physically because its much easier than all of the other ways. More likely, this information will just be handed to them on a silver platter from the services you use.
But to break down the layers you provided:
* VPN/Proxy Companies - if the proxy company itself is "compromised by" (read: "working-with") authorities, technically all of the IPs you could connect to can be listened in on. With ones that are not, often times they can set up "honeypot" proxies which seem innocent enough until you connect through it, then all of your behavior is logged anyways.
* All your standard ISPs Americans and Europeans are already signed onto giving this information to relevant authorities who request. And I'm sure there is clause in the Terms and Conditions you didn't read which allows them to do so!
* Cell Provider - You've heard of PRISM, right? . Interestingly enough aside, even your local PD (and hackers, as well) can set up fake cell towers nearby which your phone by default doesn't know the difference allowing them near full access to your data.
* Gov't - where exploiting your weak connection doesn't work, just raid the house and get physical access to the machine.
* Web Host - this is a pretty cool FBI trick - they will often exploit browser vulnerabilities (all browsers still have some) to run malicious code against your browser to reveal information identifying you. FBI got into TOR through a Firefox exploit, and caught a lot of bad people that way!



But honestly mate, there are literally so many other tells that your browser and your connection will give *you* away it would be better moved into a different thread, and my time is short . Simply put, anyone can be found easily through correlating your behavior and your usage.


Let's just be glad that the bad guys don't understand how to cover up all the holes.

[h3ltrsk3ltr]

I'd be down with putting another thread up on this. However, this discussion probably warrants its own forum though I'm sure they are out there.

Thanks for the input MVM! Everyone should have some understanding of these things and sadly very few do.

[tynamite]

Afihi and grams are good tor search engines. Don't forget to disable javascript as it's not done by default.

[chyamor]

All the good stuff happened back when this was new. Insider trading, sports match fixing, etc. Now its just a fed's pet project.