Breaking News and Updates
- Abolition Of Work
- Alternative Medicine
- Artificial Intelligence
- Atlas Shrugged
- Ayn Rand
- Basic Income Guarantee
- Big Tech
- Black Lives Matter
- Boca Chica Texas
- Casino Affiliate
- Cbd Oil
- Chess Engines
- Cloud Computing
- Conscious Evolution
- Corona Virus
- Cosmic Heaven
- Designer Babies
- Donald Trump
- Elon Musk
- Ethical Egoism
- Fifth Amendment
- Fifth Amendment
- Financial Independence
- First Amendment
- Fiscal Freedom
- Food Supplements
- Fourth Amendment
- Fourth Amendment
- Free Speech
- Freedom of Speech
- Gene Medicine
- Genetic Engineering
- Germ Warfare
- Golden Rule
- Government Oppression
- High Seas
- Hubble Telescope
- Human Genetic Engineering
- Human Genetics
- Human Longevity
- Immortality Medicine
- Intentional Communities
- Jordan Peterson
- Life Extension
- Marie Byrd Land
- Mars Colonization
- Mars Colony
- Mind Uploading
- Minerva Reefs
- Modern Satanism
- Moon Colonization
- National Vanguard
- New Utopia
- Online Casino
- Personal Empowerment
- Political Correctness
- Politically Incorrect
- Post Human
- Post Humanism
- Private Islands
- Quantum Computing
- Quantum Physics
- Resource Based Economy
- Ron Paul
- Second Amendment
- Second Amendment
- Socio-economic Collapse
- Space Exploration
- Space Station
- Space Travel
- Teilhard De Charden
- The Singularity
- Tor Browser
- Transhuman News
- Victimless Crimes
- Virtual Reality
- Wage Slavery
- War On Drugs
- Zeitgeist Movement
The Evolutionary Perspective
Category Archives: Tor Browser
Posted: July 5, 2020 at 9:41 am
As protests in support of the Black Lives Matter movement continue around the United States, Gmail is treating emails from advocacy and political groups referring to racial justice issues like marketing emails.
The Markup analyzed hundreds of emails sent to a test Gmail account from more than 200 candidates and organizations from across the political spectrum from whom wed signed up to receive communications. Of the emails referring to racial justice received since George Floyd was killed in May, Gmail sent seven in 10 to the less-visible promotions tab, which the company says is for deals, offers, and other marketing emails.
We also analyzed 22 emails we received from eight racial justice groups over 10 days starting on June 19 and found Gmail sent nine in 10 to the promotions tab. The groups were: The Bail Project, Black Lives Matter, Color of Change, Justice for George NYC, NAACP, NAACP Legal Defense and Education Fund, Reclaim the Block, and the Youth Justice Coalition.
Emails treated like marketing included:
In fact, Gmail categorized all 18 emails sent by Color of Change, a nonprofit that advocates for Black equality, as promotions.
People across the country are looking to racial justice groups like Color of Change to keep them informed and provide opportunities to create change, said Evan Feeney, the groups campaign director. That Google is treating these messages the same as a coupon from a store that you signed up for their mailing list that one time is absurd.
Gmails categorization of racial justice emails mirrors an investigation published by The Markup in February that found Gmail sent about half of all political emails to the promotions tab. Since May 25, Gmail sent both political emails and racial justice emails to promotions about 70percent of the time.
Gmail is the most popular free email program in the world, with an estimated 43percent of the market, according to the email marketing firm Litmus. Gmail claims to have 1.5billion active email addresses, so its choices have an outsized effect on which messages reach people.
In an email, Google spokesperson Brooks Hocog declined to comment but pointed to one of the statements the company sent to The Markup for the story published earlier this year.
In addition to user input, machine learning, to a lesser extent, is also used to classify emails, the statement said. Types of email that might make it into the Promotions tab include calls-to-action, marketing newsletters and offers or coupons. This approach applies to all emails that fit the promotion classification, regardless of industry, affiliation, etc.
By default, Gmail places email in three inbox tabs: primary, which is visible when a user signs in, social, for messages from social networks, and promotions. It also sends some messages to spam. Google, which owns Gmail, says many factors influence how emails are sorted, including how users interact with them individually and in the aggregate.
Some email marketers say they have reliable methods to influence inbox placement in the same way SEO experts say they can boost a websites ranking in Googles search engine. But while some may be able to avoid having email sent to spam, avoiding promotions is tougher, said Laura Atkins, co-founder of the email deliverability consulting firm Word to the Wise.
We at least know what makes the mail go into the spam folder, she said. We have no idea what makes mail go into promotions.
Users can influence the Gmail algorithm by moving individual emails into the primary tab, but its unclear how many times that move has to be repeated before Gmail consistently delivers emails from that sender to the primary inbox, Atkins said.
Gmail says users can set up filters to override the algorithm and direct messages from specific senders to their own primary inbox. They can also disable the tabs. Google declined to say how many users keep them enabled. A 2016 survey by an email deliverability firm showed about 34percent of respondents said they use the tabs.
In order to see how Gmail would categorize emails without any explicit user feedback, we created the test account last year with a new phone number using the anonymizing Tor browser. The email data is exported with Googles automated tools. We kept the test account segregated in a dedicated browser to avoid sending signals to the email sorting algorithm based on web browsing or by association with other accounts, and we did not open or click on any of the emails.
We found Gmails choices were not always consistent. A signup confirmation email from Justice for George NYC went to the primary inbox in our main test inbox, but in a second test inbox it went to the promotions tab. (We did not respond to the signup confirmation email, so did not receive additional emails.)
A representative from Justice for George said in an email that Gmail addresses account for 85 percent of its mailing list and said its incredibly inaccurate to categorize the groups emails, which provide opportunities for New Yorkers to engage in anti-racism advocacy, as marketing.
The percentage of emails from political causes and candidates sent to the primary inbox has remained consistently below 9percent, both in our earlier analysis and in our analysis of racial justice emails.
A coalition of advocacy groups, including Color of Change, approached Google in 2018 about the way their emails were being categorized after they noticed a drop in petition signatures and noticed the percentage of emails winding up in the promotions tab had increased. Google granted them a series of phone calls, but nothing changed, several members of the coalition said. Google would not discuss its interactions with those groups with The Markup.
Among the nonprofits whose emails we signed up to receive is the Youth Justice Coalition, which advocates against inequality in the criminal justice system. The Los Angelesbased nonprofit sent us an email asking recipients to testify at a government hearing to reform the 911 system. Gmail sent it to the promotions tab.
I definitely see this as concerning and problematic, said Emilio Zapien, the groups media and communications coordinator. The dissemination of information is vital to all the organizing work that we do.
He said the group has shifted its focus to social media since he noticed a couple of years ago that its emails were going to the promotions tab.
I opened up my email inbox this morning and saw that [an email] was in promotions and it didnt even pop up in my primary email section, he added, and it just makes me wonder, how many people is this affecting the flow of information for?
This article was originally published on The Markupby Adrianne Jeffries and Leon Yin and was republished under the Creative Commons Attribution-NonCommercial-NoDerivatives license.
Read next: Large doses of vitamin D may protect you from COVID-19 but it's also toxic
Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.
See the original post here:
To Gmail, Black Lives Matter emails are 'promotions' - The Next Web
Posted: at 9:41 am
The Dark Web mightsound like an internet urban legend, but its a real place. A part of the internet that really is shrouded in metaphorical darkness. Isnt that counter-intuitive? If the sites on the Dark Web are hidden, how do people find them? Can the Dark Web even be searched?
The answer to that question is actually a little complicated and requires some explaining about how all of this works, but as you might imagine, there are ways of finding Dark Web sites. There must be some way of finding the sites, or they would be pointless, right?
Public websites are not hard to find. First of all, websites are registered with domain authorities just like putting your phone number in a registry. Search engines such as Google catalog and cache all of these public sites and their contents. If you dont register a URL (universal resource locator), people will have a hard time finding your web server.
The Dark Web cant be crawled in this way. So you cant automatically accumulate the addresses of each Dark Web site. Given that the Dark Web works so differently from the surface web, can there even be such a thing as a Dark Web Search engine?
Its also important to understand that there is a difference between the Dark Web and the Deep Web. The Deep Web is simply all the online content that is not indexed by mainstream search engines. Its the stuff that a standard web crawl cant get to, and it includes anything behind a paywall or password. This means all of your emails and the contents of your cloud drive are a part of the Deep Web thank goodness for that! After all, you wouldnt want your private data to be searchable by just anyone on the Web!
Then there are other things connected to the internet that search engines also dont index, but arent exactly hidden. For example, an internet-connected camera or other smart device has a public-facing IP address. So if you typed its IP into your browser, youd have access to it assuming that you knew the username and password.
In fact, Shodan is a special search engine that crawls the internet looking for such devices specifically. If any of those are not properly protected, one can then find and access them, which could create a pretty dangerous situation.
The Dark Web is different. The entire network is encrypted, usually as part of the Tor network. Its designed to hide the location and identity of any sites that run through it. Anyone who has the specific address of a Dark Web site can get to its front page. However, there is no way to crawl the encrypted addresses of Dark Web sites.
If an owner of a Dark Web site wants people to visit, they will usually advertise the site somewhere on the surface web. So youll often see an anonymous posting somewhere like Reddit. Once a few people have visited the site and have taken notice of it, then it will be recorded somewhere on the surface web.
One this happens, all you have to do is use a surface web search engine like Google or Bing to search for the right keyword, and you will find the Dark Web address.
If a Dark Web site doesnt want to be known, theres not much anyone can do. Such sites most likely exist, and only people who are personally invited and keep it secret, know of its existence. As it stands, theres no practical way of discovering these sites.
Since some Dark Web sites put their addresses in the open on the surface web, its natural that some people are going to collect them all, and thats when you have the beginnings of a Dark Web search engine.
As we explained above, you cant really build a traditional search engine for the Dark Web. Instead, you either just have a long list of sites that may be out of date or make it a bit smarter and set up some searchable database.
You can check out our article on Dark Web search engines to see a more extensive list, but for starters, go have a look at DuckDuckGo and Ahmia. They are common and safe ways to see what sorts of sites are on the Dark Web.
While the Dark Web includes any website thats hidden from the surface Web by sophisticated encryption, the vast majority of Dark Web sites exist on the Tor network a highly-encrypted anonymous network.
Tor addresses are called onion links. If you download the special Tor browser, all you have to do is paste that onion link into the address bar, and then the site will load just like any other.
However, we strongly recommend that you dont try browsing the Dark Web without the additional protection of a VPN. While Tor itself encrypts everything, a VPN will hide the fact that youre connecting to Tor in the first place.
Posted: June 17, 2020 at 1:56 am
Tor Browser is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Download Tor desktop app to experience real private browsing without tracking, surveillance, or censorship. It also enables software developers to create new communication tools with built-in privacy features. Tor Browser for PC provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Features and Highlights
BLOCK TRACKERSTor Browser isolates each website you visit so third-party trackers and ads can't follow you. Any cookies automatically clear when you're done browsing. So will your browsing history.
DEFEND AGAINST SURVEILLANCEThe app prevents someone watching your connection from knowing what websites you visit. All anyone monitoring your browsing habits can see is that you're using Tor.
RESIST FINGERPRINTINGThe browser aims to make all users look the same, making it difficult for you to be fingerprinted based on your browser and device information.
MULTI-LAYERED ENCRYPTIONYour traffic is relayed and encrypted three times as it passes over the Tor network. The network is comprised of thousands of volunteer-run servers known as Tor relays.
BROWSE FREELYWith Tor Browser, you are free to access sites your home network may have blocked.
Also Available: Download Tor Browser for Mac
Here is the original post:
Tor Browser Download (2020 Latest) for Windows 10, 8, 7
Posted: at 1:55 am
Need to hire an assassin, buy some contraband, view illegal porn, or just bypass government, corporate, or identity thief snooping? Tor is your answer. Tor, which stands for "The Onion Router" is not a product, but a protocol that lets you hide your Web browsing as though it were obscured by the many layers of an onion. The most common way to view the so-called Dark Web that comprises Tor sites is by using the Tor Browser, a modded version of Mozilla Firefox. Using this Web browser also hides your location, IP address, and other identifying data from regular websites. Accessing Tor has long been beyond the ability of the average user. Tor Browser manages to simplify the process of protecting your identity onlinebut at the price of performance.
What Is Tor?If you're thinking that Tor comes from a sketchy group of hackers, know that its core technology was developed by the U.S. Naval Research Lab and D.A.R.P.A.. The Tor Project non-profit receives sizeable donations from various federal entities such as The National Science Foundation. The Tor Project has a page listing many examples of legitimate types of Tor users, such as political dissidents in countries with tight control over the Internet and individuals concerned about personal privacy.
Tor won't encrypt your datafor that, you'll need a Virtual Private Network (VPN). Instead, Tor routes your Internet traffic through a series of intermediary nodes. This makes it very difficult for government snoops or aggressive advertisers to track you online. Using Tor affords far more privacy than other browsers' private (or Incognito) modes, since it obscures your IP address so that you can't be tracked with it. Standard browsers' private browsing modes discard your cached pages and browsing history after your browsing session. Even Firefox's new, enhanced private browsing mode doesn't hide your identifiable IP address from the sites you visit, though it does prevent them tracking you based on cookies.
Starting UpConnecting to the Tor network entails more than just installing a browser and firing up websites. You need to install support code, but luckily, the free Tor Browser bundle streamlines the process. Installers are available for Windows, Mac, and Linux. Tor Project recommends installing the browser on a USB drive for more anonymity and portability; the drive needs to have 80MB free space.
We tested a standard Windows installer, with choices to create desktop icons and run the browser immediately. The browser itself is a heavily modified version of Firefox 38.5 (as of this writing), and includes several security plug-ins as well as security tweaks such as not caching any website data. For a full rundown of the PCMag Editors' Choice browser's many features, read our full review of Firefox.
Before merrily browsing along anonymously, you need to inform Tor about your Web connection. If your Internet connection is censored, you configure one way, if not, you can connect directly to the network. Since we live in a free society and work for benevolent corporate overlords, we connected directly for testing. After connecting to the Tor relay system (a dialog with a progress bar appears at this stage), the browser launches, and you see the Tor project's page.
InterfaceThe browser's home page includes a plea for financial support to the project, a search box using the anonymized Disconnect.me search, and a Test Tor Network Settings link. Hitting the latter loads a page that indicates whether you're successfully anonymized. We recommend taking this step. The page even shows your apparent IP addressapparent because it's by no means your actual IP address. We verified this by opening Microsoft Edge and checking our actual IP address on Web search sites. The two addresses couldn't have been more different, because the Tor Browser reports the IP address of a Tor node.
The browser interface is identical with Firefox, except with some necessary add-ons installed. NoScript, a commonly used Firefox add-on, is preinstalled and can be used to block most non-HTML content on the Web. The green onion button to the left of the address bar is the Torbutton add-on. It lets you see your Tor network settings, but also the circuit you're using: Our circuit started in Germany and passed through two different addresses in the Netherlands before reaching the good old Internet. If that doesn't suit you, you can request a new circuit, either for the current session or for the current site. This was one of our favorite features.
Everything you do in the browser is tested for anonymity: When we tried full-screening the browser window, a message told us that that could provide sites a way to track us, and recommended leaving the window at the default size. And the project's site specifically states that using Tor alone doesn't guarantee anonymity, but rather that you have to abide by safe browsing guidelines: don't use BitTorrent, don't install additional browser add-ons, don't open documents or media while online. The recommendation to only visit secure HTTPS sites is optionally enforced by a plug-in called HTTPS Everywhere.
Even if you follow these recommendations, though, someone could detect the simple fact that you're using Tor, unless you set it up to use a Tor bridge relay. Those are not listed in the Tor directory, so hackers (and governments) would have more trouble finding them.
One thing we noticed while browsing the standard Web through Tor was the need to enter a CAPTCHA to access many sites. This is because your cloaked URL looks suspicious to website security services such as CloudFlare, used by millions of sites to protect themselves. It's just one more price you pay for anonymity.
We also had trouble finding the correct version of websites we wished to visit. Directing the Tor Browser to PCMag.com, for example, took us to the Netherlands localization of our website. We could not find any way to direct us back to the main URL, which lets you access the U.S. site.
The Dark WebYou can use Tor to anonymize browsing to standard websites, of course, but there's a whole hidden network of sites that don't appear on the standard Web at all, and are only visible if you're using a Tor connection. You can read all about it in our feature, Inside the Dark Web. If you use a standard search engine, even one anonymized by Disconnect.me, you just see standard websites. By the way, you may improve your privacy by switching to an anonymous search provider such as DuckDuckGo or Startpage.com. DuckDuckGo even offers a hidden search version, and Sinbad Search is only available through Tor. Ahmia is another search engine, on the open Web, for finding hidden Tor sites, with the twist of only showing sites that are on the up-and-up.
Tor hidden sites have URLs that end in .onion, preceded by 16 alphanumeric characters. You can find directories of these hidden sites with categories resembling the good old days of Yahoo. There's even a Tor Links Directory page (on the regular Web) that's a directory of these directories. There are many chat and message boards, but you even find directories of things like lossless audio files, video game hacks, and financial services such as anonymous bitcoin, and even a Tor version of Facebook. Many onion sites are very slow or completely downkeep in mind that they're not run by deep-pocketed Web companies. Very often we clicked an onion link only to be greeted with an "Unable to Connect" error. Sinbad helpfully displays a red "Offline on last crawl" bullet to let you know that a site is probably nonfunctional.
Speed and CompatibilityWebpage loading time under Tor is typically far slower than browsing with a standard Internet connection. It's really not possible to state definitively by how much your browsing will be slowed down if you use Tor, because it depends on the particular relay servers your traffic is being routed through. And this can change every time for every browsing session. As a very rough rule of thumb, however, PCMag.com took 11.3 seconds to load in Firefox and 28.7 seconds in the Tor Browser, at the same time, over the same FiOS connection on the open Web. Your mileage, of course, will vary.
Keep in mind, though, that the Tor Browser is based on the Firefox Extended Support Release versions, which updates less frequently so that large organizations have time to maintain their custom code. That means you don't get quite the latest in Firefox performance and features, but security updates are delivered at the same time as new main versions.
There's a similar story when it comes to standards compatibility: On the HTML5Test.com site, which quantifies the number of new Web standards supported by a browser, the Tor Browser gets a score of 412, compared with 468 for the latest Firefox version. You may run into incompatible sites, though. For example, none of the Internet speed connection test sites performed correctly in the Tor Browser.
Tor, Browser of ThunderWith the near complete lack of privacy on today's Web, Tor is becoming more and more necessary. It lets you browse the Web knowing that all those tracking services aren't watching your every move. Most of us have experienced how an ad follows you from site to site, just because you clicked on, or searched for a product or service once. All that goes away.
Of course, you pay a price of extra setup and slower performance with the Tor Browser, but it's less onerous than you may think. And the included support for fine-grain privacy and security protection is excellent. If you take your online privacy seriously, you owe it to yourself to check out the Tor Browser. For standard, full-speed Web browsing, however, check out PCMag Editors' Choice Web browser, Firefox.
See the rest here:
Tor Browser Review | PCMag
Posted: at 1:55 am
Peeling back the layers of the onion
The Tor anonymity network receives no small amount of attention from the mainstream press not least for its purported association with cybercrime and darknet drug dealings.
But what is Tor? And how secure is it? The Daily Swigasked several security and privacy experts to answer all of your questions, and many more.
Tor is an internet communication method for enabling online anonymity. The same term is commonly used to refer to both the anonymity network and the open source software that supports it.
The Tor name derives from The Onion Router the name of a pioneering privacy project run by the US Naval Research Lab.
Tor directs internet traffic through a network of thousands of relays, many of which are set up and maintained by volunteers.
Messages are encapsulated in layers of encryption, comparable to the layers of an onion. Inside the Tor network are sites, or hidden services.
Tor facilitates anonymized browsing by allowing traffic to pass onto or through the network through nodes that only know the immediately preceding and following node in a relay.
The source and destination of messages is obscured by encryption.
Tor directs internet traffic through a network of thousands of relays
The easiest way to access the Tor network is through the Tor Browser. The Tor Browser is automatically connected to the Tor network and will place all your requests through it, while ensuring anonymity.
The Tor Browser bundle is developed by the Tor Project, a non-profit organisation that carries out research as well as maintaining the software used by the Tor anonymity network.
The Tor Browser is currently available for Windows, Linux, and macOS. Theres also a version of Tor Browser for Android but not, as yet, an official version for iOS.
The Tor Browser is just a web browser, and you can still view the surface internet or clear web using the software.
However, the Tor Browser offers an extra level of privacy for normal web use or as a way to bypass government surveillance and censorship.
Some sites on the so-called dark web can only be accessed using Tor.
Vince Warrington, managing director of Protective Intelligence, explained: The dark web primarily those sites that can only be accessed via Tor is still generally the host to the illegal and illicit.
Whilst there are some legitimate sites (for example, the BBC now has a version of the BBC News website) our research indicates that over 95% of sites contain illegal or illicit material, he added.
While most people are only familiar with Tors use for illegal activities such as accessing online markets that sell drugs many other users access the Tor network.
Tor uses vary from bypassing censorship and avoiding online spying and profiling, to disguising the origin of traffic and hiding sensitive communications.
Tor offers anonymity, but only up to a point.
Those using the technology, and looking to keep their identity secret, also need to apply best practices in operational security (OpSec).
Charity Wright, a cyber threat intelligence advisor at IntSights and former NSA Chinese espionage expert, explained: Tor is a browser that can anonymize your network connection and your IP address that you are logging on from.
However, once you venture into illicit spaces, it is important to use pseudonyms and to hide your real name and never reveal your true location, nationality, or identifying pieces of information.
Any small clue can be used for people to find out who you are. Even more, federal agencies and law enforcement will use every detail about an online persona to find a wanted suspect, she added.
Tor is easily accessible via the Tor Browser
Tor is aimed at providing anonymous communication, but there have been numerous examples of people whose identities have been unmasked despite using Tor.
For example, The FBI recently closed a criminal case against the owner of Freedom Hosting, a dark web service that ran on the Tor network.
In addition, several research projects have shown varying levels of successful attacks that either attempted to eavesdrop on Tor-encrypted traffic or identify users.
Read more of the latest privacy news from The Daily Swig
Protective Intelligences Warrington commented: Its a myth to think that using Tor (even with a VPN) gives you total anonymity. With the tools we are using nowadays we can slowly strip back the layers of anonymity to find out who is behind the computer.
By using specialist software combined with open source intelligence basically searching the surface, deep, and dark web for small snippets of information we can build up a picture of a Tor user who is involved in illegal activity.
The era where Tor was a thorn in the side of law enforcement seems to be coming to an end.
Warrington explained: In the UK, the police and intelligence agencies have access to these tools, and the only limitation on identifying users of the dark web is resources. Theres simply not enough police dedicated to these kinds of investigations.
Tor has its limitations. Maintaining online anonymity is much more far reaching an exercise than simply using Tor.
Israel Barak, chief information security officer at Cybereason, told The Daily Swig: Tor, at its core, only gives you network level anonymity. It won't help you with applications on your computer that retain your identity and provide your identity to the internet service providers.
As an example, when an individual connects to Gmail, the computer or device you are using saves your identity, so you don't have to log on in the future.
Tor will not protect your anonymity from this, he warned.
INSIGHT How to become a CISO Your guide to climbing to the top of the enterprise security ladder
While the Tor network is designed to keep browsing habits away from service providers or webpage trackers, the most privacy-conscious users can go even further.
Boris Cipot, senior security engineer at Synopsys, added: To achieve the highest level of anonymity, one would need to get rid of any installation of OS or software with tracking, thus allowing the user to enter the Tor network with a clean slate.
This can be achieved with the use of Tails or Qubes OS, which run from a USB stick. They run fully in memory, so it is safe to use on existing hardware, but once activated, there is no trace of you.
The Tails operating system can be combined with Tor to help improve users anonymity online
Using Tor to browse the web involves accepting trade-offs.
The Tor Browser gives a user considerable anonymity advantages over other web browsers, such as Edge, Firefox, and Chrome.
While standard browsers can leak data that goes a long way to identifying the user even in private mode Tor was designed with anonymity in mind.
RELATED Firefox and Chrome yet to fix privacy issue that leaks user searches to ISPs
Tor does, however, saddle the user some significant limitations when browsing the internet.
For starters, browsing with Tor can be very slow, and so many people are unlikely to want to swap out their current browser.
Sluggish traffic speeds arise because data packets take a circuitous route through Tor, bouncing between various volunteers computers to reach their destinations.
Network latency is always going to be a problem in this scenario even if youre fortunate enough to avoid bottlenecks.
Tor also makes websites look like they were built 20 years ago, as much of the presentation and customization content of websites is stripped away by Tor, since these technologies can be used to identify the computer thats being used.
Opinions among experts are split over whether or not Tor has done much to directly affect browser development, but at a minimum the technology has done a great deal to raise awareness about privacy.
Chad Anderson, senior security researcher at DomainTools, commented: I dont know how much we can attribute back to modern browser improvements due to Tor, but I think privacy issues have certainly become more focused.
The browser shift to DNS-over-HTTPS, commonly called DoH, is a boost for user privacy and where DNS didnt work over Tor before, and in fact was an attack vector for de-anonymizing users, DoH fixes that, he added.
RECOMMENDED A guide to DNS-over-HTTPS how a new web protocol aims to protect your privacy online
Anderson continued: It used to be you could listen to traffic on a Tor exit node but now that SSL is near ubiquitous thanks to free certificates [from the likes of Lets Encrypt] thats less of an issue.
Arthur Edelstein, senior product manager for Firefox Privacy and Security, gave The Daily Swig a list of projects involving collaborations between Mozilla and Tor:
Current examples of Tors development projects include proof-of-concept work on human-memorable names, a collaboration with SecureDrop, the open source whistleblowing system based on Tor, among other examples.
Tor Project representative Al Smith told The Daily Swig: Currently, we only partnered with Freedom of the Press Foundation (FPF), but we want to continue expanding the proof-of-concept with other media and public health organizations in the future.
The Tor Project was recently obliged to lay off a third of its core staff in response to the coronavirus pandemic. The Daily Swig asked how the non-profit has sought to minimize the effect of this on development pipelines.
A representative of the Tor Project responded: Because we are now a smaller organization, we are creating more projects where different teams (e.g., Browser, Network, UX, Community, Anti-Censorship) come together and work on the same issue, instead of working in isolated groups on disparate pieces of work.
This is the approach we took to improve onion services for the Tor Browser 9.5 release, they added.
Despite the many and varied caveats about Tor the security experts we spoke to raised, none made any suggestion that the technology was unsafe.
In a typical response, Charles Ragland, a security engineer at threat intel agency Digital Shadows, explained: Generally speaking, as long as security updates are in place, and users are following privacy and anonymity best practices, yes, Tor is safe to use.
INTERVIEW Shodan founder John Matherly on IoT security, dual-purpose hacking tools, and information overload
Posted: at 1:55 am
Kurtis Minder, co-founder and CEO of GroupSense, explains why the coronavirus has been big business for bad actors.
Dan Patterson, a Senior Producer for CBS News and CNET, interviewed GroupSense co-founder and CEO Kurtis Minder about what people should be aware of when it comes to coronavirus-related scams. The following is an edited transcript of the interview.
Dan Patterson: Kurtis Minder works for GroupSense, and they have been tracking some of the most outrageous coronavirus scams. Kurtis, what are you seeing right now that people need to pay attention to?
Kurtis Minder: Well, as you know, the stimulus money was allocated and when the bad guys saw it, they wanted to take advantage. What we noticed on the dark net was almost immediately a series of schemes and fraud schemes perpetrated toward the banks, the small business administration, and the other agencies that were affected by the stimulus money.
You see a combination of insiders who have access to some of the bank's internal processes. You see people who say, 'hey, look, I'm a middle manager at a bank at a nationwide bank who has access to approving these types of loans. If you send in certain types of applications, they actually provide the templates. We can get you approved with the SBA loans.'
SEE: Coronavirus: Critical IT policies and tools every business needs(TechRepublic Premium)
What they're using as seed data for these particular loan applications is stolen private information, PII data, of individuals on the dark net. They're kind of combining both the insider threats with the stolen PII data, combining that to make an effective fraud scheme against the government.
They wasted no time--it was almost immediate when we started seeing these pop up. In addition to the fraud schemes, we're also seeing people basically selling fraud kits to help people put in certain applications with certain agencies and things like this. We're just tracking which ones seemed to be more realistic and effective versus which ones are kind of pie in the sky stuff, but there's some real threats.
It spells out everything from the internal process of the organization that the scheme would be propagated against, including all of the necessary forms and then usually supplies the data associated with those forms. They would help you actually assume an identity. They package that all together into a nice package so that the actual person who buys the fraud kit doesn't actually have to be a sophisticated hacker. It could be a pretty normal person who knows how to use the Tor browser to get on the dark net. It's sort of dumbing down the sophistication of the folks who can take advantage of the scheme.
The most effective solution against fraud is having some awareness of where the seed data from the fraud is coming from. What enables fraud is information. Having an understanding of the fraud schemes that are being perpetrated, how they're being perpetrated, and working those into the anti-fraud process on the bank side and on the agency side is really the best way to combat that.
As you know, the folks who are perpetrating this on the dark net are largely anonymous, so it's pretty hard to attribute those to an individual. Law enforcement, I believe, is aware--there's not a whole lot they can do about it at the moment, so it's really about the anti-fraud programs.
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays
GroupSense co-founder and CEO, Kurtis Minder.
Read the original here:
Exposing the dark web coronavirus scammers - TechRepublic
Posted: June 7, 2020 at 9:43 am
Curious to know which of your favorites websites also run on the dark web?
On Tuesday, the nonprofit behind the Tor Browser released an update that promises to help mainstream websites better promote their alternative .onion addresses to the public.
For the first time, Tor Browser users on desktop will be able to opt-in for using onion sites automatically whenever the website makes them available, the Tor Project said in a blog post.
The new feature arrives in version 9.5, which is now available for download. Users will be able to take advantage of the change when they visit a traditional website that also runs a .onion address. When this occurs, the Tor browser will activate an icon in the HTTP web address bar that says .onion available, which you can click on to be redirected to the alternative site.
In addition, the browser will show a pop-up that says: Theres a more private and secure version of this site available over the Tor network via onion services. Itll then take you to the browsers settings, where you can choose whether to always opt into visiting the websites .onion address automatically, or do so selectively.
The change promises to help users take full advantage of Tors anonymity-protecting technologies, which can prevent ISPs and government authorities from surveilling your internet activities. Currently, you can use the Tor Browser to visit any mainstream website. In return, the software will encrypt and ferry your internet connection through a collection of volunteer-operated servers, scrambling your digital tracks.(On the downside, website load times can take longer.)
The setup can prevent snoopers from gathering a full picture of your internet activities. However, using the Tor Browser to visit the open internet can still leak some metadata of your website lookups to ISPs across the globe. So for more complete internet anonymity, its best to use Tor to visit a websites dedicated .onion address, which can't be accessed with a normal browser.
These onion services have been designed to operate outside the normal internet. Instead, a .onion address will leverage the Tor network to reside inside the dark web, never exposing your computers metadata to the open internet.
The New York Times, the BBC, and Pornhub, among many others, all offer Tor mirror sites as a workaround to bypass government surveillance and censorship in foreign countries. However, the drawback with onion services is how they use random characters as web addresses, making them hard to remember. (For instance, Pornhub's Tor mirror site is located at http://pornhubthbh7ap3u.onion/.)
The new feature from Tor Browser should help fix this, but itll be up to website publishers to trigger the notification icon when users visit their sites on the open internet. Currently, the Tor Projects own website and the investigative news organization ProPublica have activated the feature.
Tor Browser 9.5 arrives with the option to automatically switch to more secure Onion versions of sites – BetaNews
Posted: at 9:43 am
Increasing numbers of internet users are becoming aware of the privacy and security implications of being online, and it is for this reason that secure browsers such as Tor are growing in popularity. Now, with the release of Tor Browser 9.5, the browser features an option that can automatically switch to the secure .onion version of a site if one is available.
In short this means that sites are able to actively promote the fact that they have a secure .onion site available. Publishers now can advertise their onion service to Tor users by adding an HTTP header, so if someone visits the regular version of a website, a notification will appear informing them of the more secure option.
Site owners just need to add the Onion-Location header to pages. Visitors will be offered to the chance to opt-in to upgrade to the onion service on their first use. While this is an extremely important change in Tor 9.5, it is far from the only thing that's new in this version of the browser.
There are also changes to Onion Authentication which allow it to manage authentication keys and tokens via about:preferences#privacy in the Onion Services Authentication section. Like other browser, Tor has improved its URL bar security notifications so users are made aware of when they are visiting secure sites, unsecure sites, or those which contain mixed content.
Error messages have also been improved so in the event that a .onion site is inaccessible, it is no longer the case that a standard Firefox (the browser on which Tor is based) error message is displayed. Instead, Tor now shows a simple diagram to illustrate where along the line the problem exists.
This particular build of the browser also marks the start of experimenting with ideas that will hopefully lead to .onion addresses that are easier to remember. The team behind the browser says: "we partnered with Freedom of the Press Foundation (FPF) and the Electronic Frontier Foundation's HTTPS Everywhere to develop the first proof-of-concept human-memorable names for SecureDrop onion services addresses".
Posted: at 9:43 am
Sites that carry the most traffic in the world like Google, YouTube, Facebook are already known to us all. But did you know that this is just a drop in the ocean on the internet? There are many websites that are very popular but are hidden away and you cannot find them by searching your popular search engines. That space is where the Dark Web and the Deep Web exist.
- Advertisement -
To understand the Dark Web or Darknet, we need to first attempt to define it more. Its is composed of many websites on an encrypted network with hidden IP addresses all of which gives users strong anonymity protection. In simple terms, no one can see what you are doing while you are there.
When one opens up a website, they strive to ensure that the site is indexed by search engines like Google, Bing or Yandex, but for the dark web, you can only access them with special anonymity browsers, which include Freenet, I2P, and The Onion Router also known as TOR browser.
These two are always confused. The Deep Web is all the sites on the web that cant be reached with a search engine. Although this includes sites on the Dark Web, it also includes sites that serve more mundane functions, such as business intranets, webmail platforms, databases, online banking platforms, and services that usually require a password or other means of authentication.
These are found and accessed directly with a URL or IP address and are hidden behind firewalls, paywalls, and HTML forms. Because all these other pages are included in the Deep Web, the Deep Web is actually far more vast than the regular internet (also known as the Clear Web).
Users of the Dark Web are assured of full anonymity but this also yields a great breeding ground for illegal activities. They use this space to buy or sell illegal goods such as stolen data, unprescribed drugs, or dangerous weapons.
The Dark Web can also be used for legitimate reasons. We have seen whistleblowers, activists, journalists, and others who need to share sensitive information, especially on political figures. This has made it popular as a lot in exposing information that would have not been known to the public for fear of political persecution or retribution by their government or other powerful actors.
In some countries, security and intelligence agencies also use it to monitor terror groups and track cybercriminals. In what may come as a surprise to many, corporate IT departments frequently crawl the Dark Web in search of stolen data and compromised accounts, and individuals may use it to look for signs of identity theft.
- Advertisement -
One of the most defining era of the Dark web was during the times of WikiLeaks the website that publishes classified official materials which also has a home on the Dark Web. Big companies like Facebook also maintain some form of presence there in order to make itself accessible in countries where it is censored by the government.
There are many ways to access the Dark web, but the most popular one is Tor browser. It used a highly secured network of volunteer relays around the world through which users internet connections pass through.
You will need to download and install the Tor browser bundle. Tor URLs end in the domain.onion and not domain.com. Website addresses here are not simple to memorize and they often change their URLs in order to evade detection and DDoS attacks.
When youre on the Dark Web, ISPs and by extension, the government might not be able to view your activity, but they will know you are on the Tor Network. This alone is enough to raise eyebrows in some countries.
It is very paramount that you access the Dark Web while using a VPN before going through the Tor Network. With this method, your ISP only sees the encrypted VPN traffic, and wont know youre on the Tor network.
We recommend you use a trusted VPN provider, one that doesnt track your activities when you log on. Finally, always connect to your VPN first before opening the Tor browser.
If you want to remain totally secure on the Dark Web, you should take the following extra security measures including:
- Advertisement -
Posted: at 9:43 am
In January 2020, several European news outlets, including The Daily Telegraph, reported that a famous set of antique jewellery were offered for ransom on the dark web. The diamond studded pieces worth almost a billion dollars were looted from a museum in Dresden in 2019. It was reported that Israeli investigators were offered a few of the pieces as a ransom. The messages on the dark web also claimed that it would be futile to try to identify and locate them. The ransom was also to be paid off in Bitcoin, a digital currency.
Imagine a standard business scenario. A business based on sales of a product or service needs a market, a set of products, a marketing campaign. Add to that the corollary mechanisms of customer support, complaints handling and the mechanism becomes a full-fledged commerce. Products, prices, market forces, supply, demand, buyers, sellers and so on.
The dark trade
If a product is not a legal product but still sought after by people in the market, buying would also be as illegal as selling. So neither the seller nor the buyer want to be visible to the outside world. They want to be anonymous, at least to produce, sell, buy and consume illicit products. Suddenly the whole market ecosystem for such products goes underground or anonymous. No mass marketing, no billboards, no well-known addresses, no public phone numbers. Still the market continues to operate and business thrives. While ensuring anonymity and hiding the activity, the buyers continue buying, sellers continue selling, dodging the authorities and thriving in darkness. The normal society cannot see. It is dark from their perspective.
The dark network
The Internet also functions like a normal social mechanism. Activities happen. Correspondences take place. Business and commerce is carried out. People can search things. People can publish things that can be searched by others. That is the normal, visible Internet. Like the hidden world of illegal trade, there is also a hidden Internet, though not fully illegitimate. On the illegitimate side, people access, buy and sell drugs, weapons, child pornography and many other illegal stuff using the platform of this hidden Internet. People with radical and extreme agenda use it to recruit cadets and lure victims.
As it is not seen by the normal populace, it is aptly called the dark net, the dark web etc. The dark net uses all the technologies of the normal Internet combined with specific practices, tools and technologies to make the content and transactions not visible to the normal audience. Like the illegal physical market, the people transacting on the dark web need to be specifically aware of the products, services and the places to conduct transactions. You have to belong to the underworld to access it. Or you have to be drawn into it, by those already inside it.
However, the dark net that is used for illegal activity and trade is only a small fraction of the so-called deep web which is much larger than the visible Internet. Only a small portion of the activities performed in this hidden network is illegal.
How to access it?
As is obvious, the dark net is not accessible through standard means. The sites cannot be browsed with normal, day-to-day Internet browsers. Specially designed browser software is needed to access the darknet. On top of that, the user needs to specifically know what he or she is accessing. In the normal scheme of things, Internet surfing usually starts with a search engine. Just type in the things you want to search into the search box and the rest is done by the engine. You are guided to the site containing information about the searched topic. But the dark net is different. Its contents cannot be searched using standard search engines. Search engines cannot crawl and index their contents. Special tools such as the TOR (The Onion Router) browser are used to browse the darknet. These browsers are designed to anonymize the Internet surfer and make access possible to the underworld of the Internet.
The TOR project has the word Onion in it to reflect the many layers that it has to traverse to achieve anonymity. The client computer using the TOR browser thus cannot access the information source directly. It goes through a multiple layer of servers or devices before reaching the actual source of data. This multilayer abstraction is intended to ensure the anonymity of the user so that neither the content source nor the user can be traced using standard Internet tools.
Why is it dark?
The normal or clear net is made visible to the world by various technologies. The foremost is the ability of search engines such as Google to search and index the web pages. Another technology powering the clear net is the domain name system or the DNS. It translates the common internet addresses such as abc.com to the actual address used by computers, aka the IP address. However, most of the dark net sites are visible only through IP addresses. So they cannot be accessed through common domain names. That makes it so much more difficult to remember, manage and keep track of these addresses. Since the access modality and the general structure is not visible through usual means, it is referred to as dark. Its name dark is further accentuated by the illegal and dark activities performed with the help of the platform.
Once you get the means and the knowhow to enter the dark net though, it might be as luminous as any other Internet content. If one gets exposure inadvertently or is drawn into it, the dark net may truly have a very dark side indeed.
Why is it used for crime?
The first aim of a criminal is not to get caught. For that, they want as little of the trail of their activity to be maintained as possible. Since the dark net has some provisions to help enhance anonymity, criminals love it. Because of the increased difficulty to trace an event back to the person, the illegal activities are hard to track and control. That is perhaps the main driver of high use of dark net for criminal activity and for spreading illegal material. Commercial transactions dealing in arms, drugs, child pornography or weapons can be easily performed with reduced risk of prosecution. Moreover, the financial transactions are performed using digital currency or shady bank accounts which are difficult to locate and trace back to a person.
Apart from trade, activities such as propaganda spreading, recruiting radicals for extremism etc. are also performed using network platforms provided by the dark web. German data security firm GDATA lists some of the things traded on the darknet. They include items ranging from forged credit card numbers to arms and ammunition, contract killers to counterfeit IDs and university degrees, computer viruses and malware to deadly poison, marijuana to even Uranium. The actual gamut of items traded over the dark net would obviously be much wider and more sinister.
Is it only illegal?
No. The darknet was originally not intended for illegal activity. In the late 1990s, the encrypted and hidden communication channel was envisaged to protect the sensitive communication of spies. While full realization of the dream was not achieved, the concept soon bifurcated into a network of activists for human rights and political dissent.
Apart from the various distinct uses of its own, the dark web or the deep web also has a major role in keeping the normal Internet operational. Every legitimate website or network service has a hidden mechanism that need not and should to be exposed. These include the mechanism to manage the content, network and infrastructure of the normal network. Such privileged and internal activities are restricted to the hidden network. This same hidden network and related technologies evolved into the dark web. In terms of the resources, content volume and physical infrastructure, the hidden network is much larger than the visible network.
Moreover, the darknet is also useful for perfectly logical and positive activities. For example, an investigative journalist might want to use the dark web to covertly plan her research and sting operations. The platform can also be used for citizen activism against an authoritarian regime. This group of users, though having legitimate intentions, usually resort to the dark net to ensure anonymity and escape persecution, censorship and threat from authorities or society.
Darknet or dark web or deep web is a network similar to the visible Internet. The differentiator is the visibility of the network resources and the anonymity of the involved parties. It is a legal and legitimate network infrastructure that enables the visible network to function properly. It also enables a lot of online activity that cannot be performed in the open Internet because of the need of secrecy, anonymity or even persecution and fear from others. This ability to ensure anonymity is also being used for illegal activities. Still its good uses and importance for overall cyberspace is far greater compared to the bad uses. The dark nature has some benefits that are being used for good causes as well. Dark web is both the bedrock of cyberspace with positive and critical use as well as an underworld of the Internet having negative uses.