The Dark Web
VPN and Tor are two ways to stay anonymous and preserve your privacy when online. Each has its strengths and weaknesses, which we discuss in some detail in this article, but the bottom line is that Tor is extremely secure but very slow and unsuitable for P2P downloading, while VPN is less secure because it relies on trusting your VPN provider, but is much faster, is great for P2P downloading, and generally provides a better web browsing experience.
What both these technologies have in common is that they are primarily concerned with accessing the publicly indexed ‘visible’ (or ‘surface’) web. There is however another internet out there known as the Dark Web (or Dark net, Deep web etc.), which includes all the websites not indexed by search engines.
How big this Dark web is no-one really knows, although Mike Bergman, founder of BrightPlanet and credited with coining the phrase Deep Web, famously estimated that ‘the Deep Web is currently 400 to 550 times larger than the commonly defined world wide web’ back in 2001, and is still regularly cited today,
‘The Deep Web is the fastest growing category of new information on the internet … The value of Deep Web content is immeasurable … Internet searches are searching only 0,03% … of the [total web] pages available.” (Micheal K. Bergman).
Much of the so-called Dark web simply comprises of private websites (some of which have taken active measures to avoid being listed by search engines), IIRC chat forums, Usenet groups, and other perfectly legitimate web use. There also exist publicly accessible ‘darknets’, secure networks that can be accessed by the public, but which allow users a very high level of anonymity. The best known and most used of these are I2P and Freenet (we will discuss Tor in a moment).
Traditionally (and notoriously) the preserve of pedophiles, terrorists, drug dealer, gangsters and other people and material that most right-headed internet users would want nothing to do with, increasing awareness of pervasive government surveillance (thank you Mr Snowden) and ever more draconian copyright enforcement measures are fueling a surge of public interest in an internet that is ‘off-grid’.
Tor as a Darknet
Tor sits in a slightly odd position, as it was designed primarily to access the visible internet anonymously. This however is one of its primary weaknesses, as there are a limited number of exit nodes, which makes it easy to block these exit nodes, to set up ‘honeypot’ exit nodes to monitor traffic (although the way in which the onion router works should still ensure that the end user remains anonymous), and to perform ‘end-to-end-timing’ attacks to uncover the identity of Tor users.
In response to this, Tor has developed its Hidden Services protocol, which allows Tor-only websites (.onion) and services to exist entirely within the Tor network, so that users do not have to access the visible web through potentially dangerous exit nodes at all. Tor Hidden Services therefore also acts as a Darkweb, and is by far the most popular such service.
However, because Tor was not originally designed as a Darknet, alternatives such as I2P and Freenet, which were designed from the ground-up as Darknets, offer distinct advantages.
What is I2P?
The Invisible Internet Project (I2P) is a decentralized anonymizing network built using Java on similar principles to Tor, but which was designed from the ground up as a self-contained darknet. As with Tor, users of I2P connect to each other using peer-to-peer encrypted tunnels, but there are some key technical differences:
- Unlike Tor, which uses a centralized directory to manage the overall ‘view’ of the network, as well as gather and report statistics, I2P uses a distributed peer-to-peer model
- Unlike Tor Onion routing, I2P uses Garlic routing, which encrypts multiple messages together to make it more difficult for attackers to perform traffic analysis
- Unlike Tor, I2P tunnels are uni-directional, so incoming traffic and outgoing traffic are completely separate, which improves anonymity
- I2P uses packet switching instead of Tor’s circuit switching, which means transparent load balancing of messages across multiple peers, rather than a single path. Essentially, all peers participate in routing for others
- I2Ps uses its own API rather than SOCKS which is used by Tor. This helps to make I2P more secure than Tor.
The end result is that if using hidden services, I2P is both much faster than using Tor (it was designed with P2P downloading in mind), more secure, and more robust.
Just as Tor is primarily a tool designed to anonymously access the visible web, but which can be used as a Darkweb, I2P is a Darkweb tool that can also be used to access the surface web anonymously through ‘Outproxy’s’ (which are equivalent to Tor Exit Nodes). I2P Outproxies suffer similar weaknesses to Tor Exit Nodes however, and the fact that there are far fewer of them (as I2P has a much smaller user base) means that they are potentially more open to attack.
One thing to note is, as with VPN and Tor, I2P does not hide the fact that you are using the service, but does make it very hard to discover what you get up to when connected to it.
What can I do with I2P?
Still need I2P explained a little bit more? Don’t worry. I2P is effectively an internet within an internet, and once connected you can send email, browse websites, use blogging and forum software, host websites, take advantage of decentralized file storage, engage in anonymous real-time chat, and much more. As noted, you can also surf the open web anonymously, but I2P is probably not the best tool for the job in this regard.
VPN vs Tor vs I2P – Which should I use?
The simplest answer is that it depends on what you want to do. Fortunately, there is nothing stopping you using all three depending on the task at hand, which is the approach we would advocate.
- VPN – for general internet use VPN is fast and easy to use, while providing a high degree of privacy. We firmly believe that people should VPN all the time by default to prevent dragnet surveillance by the likes of the NSA. It is also ideal for P2P downloading.
- Tor – if you need to interact with the outside world as anonymously as possible (for example you are a whistleblower wanting to contact a journalist) then Tor cannot be beaten (and a further layer of anonymity can be added by connecting to Tor through a VPN service). If you want to surf the internet anonymously for free then Tor is also good, but it can be frustratingly slow. Although Tor Hidden Services are not as secure or fast as I2P, their relative popularity can make them more fun, and may be important to website owners looking for visitors. It is also older, has more developers, and is better funded
- I2P – is technically the superior option is you want to access the Dark web, and is our tool of choice for this. Although not as popular as Tor Hidden Services, it is still very sociable (and much more so than rival Freenet), and is an excellent choice for P2P downloading. Like Tor, it is a good free option for accessing the visible web anonymously for free (and may be faster), but the limited number of Outproxies mean that it is also much less anonymous when used in this way.
Check out our article on How to use I2P: An idiot’s guide, and look out for our upcoming article on Freenet.