Clear Web, Deep Web and Dark Web

An Introduction

All of you might have heard about the Internet and WWW, but today we’re about to examine the other side of the internet or how much do we know about the internet? Yes, as we always say there are two sides to a coin, there exists a dark side for the internet too.

Before going too deep into the WWW, we’ll see how to distinguish between the Clear, Deep and Dark webs. The illustration below can put some light on the things we are discussing here, ##

  • Clear Web: This is the most common one. It’s the Internet we use on a daily basis either on mobiles or on Desktops/Laptops to check emails, to read news, to access Facebook, twitter, Instagram etc and for online shopping, booking tickets which we browse regularly.
  • Deep Web: It is the part or a subset of the Internet that isn’t necessarily malicious, but is simply too large and/or obscure to be indexed due to the limitations of crawling and indexing software (like Google/Bing/Baidu).  This means that you have to visit those places directly instead of being able to search for them. So there aren’t directions to get there, but they’re waiting if you have an address.
  • Dark Web: The Dark Web (also called Darknet) is the ill-famed subset of the Deep Web that is not only not indexed, but also is used by those who are purposely trying to control access because they have a strong desire for privacy, or because what they’re doing is illegal. The Dark Web often sits on top of additional sub-networks, such as Tor, I2P, and Freenet, and is often associated with a criminal activity of various degrees, including buying and selling drugs, pornography, gambling, etc. Though the deep web makes up 95% of all the internet the dark web only consist of about .03%. But that small section has millions of monthly users. The dark web is usually what people actually mean when they refer to the deep web. Although both are technically correct it is important to keep it separated so there is a standardised phrase.

Deep Web & Dark Web

Computer scientist Mike Bergman is credited with coining these term in 2000. The Dark web is a small part of the Deep Web which is not indexed by search engines. Sometimes the term “deep web” is mistakenly used to refer specifically to the dark web. Most of the web’s information is buried far down  on  sites, and standard search engines do not find it. Traditional  search  engines like Google,Bing etc cannot see or retrieve content in the deep web. The  portion of  the web that is indexed by standard search engines is known  as the  surface web or clear net or clear web. As of 2001, the deep web was several orders of  magnitude larger than the surface  web.

Methods   which prevent web pages from being indexed by traditional search   engines may be categorized as one or more of the following: **
  • Dynamic content:  dynamic pages  which are returned in response to a submitted query or  accessed only  through a form, especially if open-domain input elements  (such as text  fields) are used; such fields are hard to navigate  without domain  knowledge.
  • Unlinked content: pages which  are not linked to by other pages, which may prevent web crawling  programs from accessing the content. This content is referred to as  pages without backlinks (also known as in links). Also, search engines do  not always detect all backlinks from searched web pages.
  • Private Web: sites that require registration and login (password-protected resources).
  • Contextual Web:   pages with content varying for different access contexts (e.g., ranges   of client IP addresses or previous navigation sequence).
  • Limited access content:  sites that limit access to their pages in a technical way (e.g., using  the Robots Exclusion Standard or CAPTCHAs, or no-store directive which  prohibit search engines from browsing them and creating cached copies).
  • Scripted content:  pages that are only accessible through links produced by JavaScript as  well as content dynamically downloaded from Web servers via Flash or  Ajax solutions.
  • Non-HTML/text content: textual content encoded in multimedia (image or video) files or specific file formats not handled by search engines.
  • Software:  certain content is intentionally hidden from the regular internet,  accessible only with special software, such as Tor, I2P, or other  darknet software. For example, Tor allows users to access websites using  the .onion host suffix anonymously, hiding their IP address.
  • Web archives:  Web archival services such as the Wayback Machine  enable users to see  archived versions of web pages across time,  including websites which  have become inaccessible, and are not indexed  by search engines such as  Google.

How to access

Now we will discuss the most important part, Ho does we access the Deep web and Dark Web?
If you have an email id, a facebook account, a twitter account or collectively saying any of these social media accounts or if you are a person using internet banking  you are accessing the Deep web on a daily basis.
Wondering how.!! The databases which store your user information and other details about your account reside in the deep web.
So, now the sole enigma is on the access to Dark Web.
You cannot simply access the dark web from a normal web browser like Chrome, you can only access the dark web through a dark web browser. The most famous of these deep web browsers is called Tor and this is the one we recommend you get if you’re looking to get onto the deep web.

Tor

Tor is free software for enabling anonymous communication. The name is derived from an acronym for the original software project name “The Onion Router”. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”. Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.
It was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson and computer scientists Michael G. Reed and David Goldschlag, with the purpose of protecting U.S. intelligence communications online. Onion routing was further developed by DARPA in 1997
Downloads of Tor soared in August by almost 100% as the general population became more and more concerned about their privacy amid revelations about US and UK intelligence agencies monitoring web traffic. In short, more and more people are turning to the deep web to get their internet fix and protect their information.
This is because when you’re using Tor – or any other deep web browser – you are truly anonymous and your location cannot be picked up and neither can your browsing habits. Essentially nothing you do in the deep web can be monitored and as such the deep web is becoming a more attractive option for all internet users – those who know about it at least.

.onion

.onion is a special-use top level domain suffix designating an anonymous hidden service reachable via the Tor network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed, Internet programs such as web browsers can access sites with .onion addresses by sending the request through the network of Tor servers. The purpose of using such a system is to make both the information provider and the person accessing the information more difficult to trace, whether by one another, by an intermediate network host, or by an outsider. Addresses in the .onion TLD are generally opaque, non-mnemonic, 16-character alpha-semi-numeric hashes which are automatically generated based on a public key when a hidden service is configured. These 16-character hashes can be made up of any letter of the alphabet, and decimal digits from 2 to 7, thus representing an 80-bit number in base32. The “onion” name refers to onion routing, the technique used by Tor to achieve a degree of anonymity.
Apologies for deviating from the topic of accessing the Dark Web, Without a mention about TOR and .onion we cannot jump to access the Dark Web.

Steps to accessing the Dark Web

The method mentioned below is the simplest way to access Dark Web. There are other methods and TOR specific OS to access the contents of Dark Web
Download and install TOR Browser Bundle from the TOR project site.
TOR Browser Bundle is a browser configured to browse using the TOR relay network.  The browser component is actually built using the Firefox codebase, so if you have used Firefox you will find it pretty familiar.  It comes properly configured and won’t install any malware or cruft on your computer, as it is written and maintained by freedom fighters, not some large corporation.
https://www.torproject.org/projects/torbrowser.html.en 
Once you install it, fire up your tor browser and you are good to go into the Dark Web.
You can browse on to the Dark Web sites using this browser by passing the links in the address bar of the browser. The following link will give you a good start. Don’t forget to go through the links “The Matrix” and “How to Exit the Matrix” in this link. Also, I personally recommend using Linux or any other Non-Windows for playing with TOR and Dark Web. Please check this link for taking some security measures Do’s and Dont’s

http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page

Search Engines TOR specific:

More onion URLs are found in the  Hidden Wiki

## – This illustration is just for demonstration purpose

** – This content is as is fromWikipedia

Disclaimer:

This is a personal blog. All content provided on this blog is for informational purposes only. They are collated from different sources and some are my own.The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site.

The owner of THIS BLOG will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information 
Data courtesy : Rational WikiPopular Science, Wired.com, TORProject, Hacked

Your Facebook Account – Tips for a secure profile

 

Security and privacy are not interchangeable, and we must have both in order to protect our data. So what’s the difference between the two? It’s an important one.

Information security is commonly referred to as the confidentiality, availability, and integrity of data. In other words, it is all of the practices and processes that are in place to ensure data isn’t being used or accessed by unauthorized individuals or parties

Information privacy is suitably defined as the appropriate use of data. When companies and merchants use data or information that is provided or entrusted to them, the data should be used according to the agreed purposes

Ultimately, security and privacy must go hand-in-hand. So talking about Facebook data you’re sharing on your page, either it’s a post, a photo or a status update, you should be well aware of the magnitude of its reach.

Sharing information on your Facebook timeline may seem harmless but sometimes it can turn into a nightmare and/or can be objectionable to you friends and family.

Never accept a friend request from someone you don’t know, even if they know a friend of yours. Don’t share information that you don’t want to become public. Providing too much information in your profile can leave you exposed to people who want to steal your identity or other sensitive information.

There are a lot of ways to protect your privacy on Facebook and a lot of people are not aware that most information is available for everyone. After a brief research, I did on how to set your settings to the highest security level (Actually, I did this when one of my facebook friends posted some X-rated content on my timeline 🙂 ) I thought of sharing it.

So, here you go –

Who views your facebook posts?.

Log into Facebook. Go to Settings, Privacy.

There you have three subjects: ‘Who can see my stuff?’, ‘Who can contact me?’, and ‘Who can look me up?’.

To maximize the security on your page, choose ‘Only me’ or ‘Only friends’. This prevents other people from seeing stuff that you post.

Under ‘Who can look me up?’, Facebook will ask, “Do you want other search engines to link to your timeline?” Do not let other search engines link to your timeline.

What about the privacy of your Timeline and Tags?

When you post pictures on your timeline you can change the settings on who can see, comment or add things to it. You can also determine who is allowed to post stuff on your timeline.

Log into Facebook. Go to Settings, Timeline and Tagging.

There you have three subjects: ‘Who can add things to my timeline?’, ‘Who can see things on my timeline?’, and ‘How can I manage tags people add, and tagging suggestions?’.

The best thing to do is to make this available to just you or your friends only. Don’t have friends of friends put stuff or comments on your pictures and keep this as private as you can.

When you’re “tagged” in a post, it means that someone has created a link to your profile. You can turn on Tag Review to review tags friends add to your content before they appear on Facebook. In the ‘How can I manage tags people add and tagging suggestions?’ section, click edit and click the disabled button and change its setting to enabled.

How safe is your profile picture?

A new update to Facebook allows you to change the size of your profile picture. It also allows you to make the picture private and unclickable.

Through Photoshop, Microsoft paint or any other photo editing software, you can change the size to 180 x 180 pixels. This will make it a square image and smaller. Save this and use this one as your profile picture on Facebook.

Then, click on your profile picture. You will see a new edit button.

Click on the ‘Public’ dropdown menu and select ‘Only Me’.

Disclaimer: I have not tried the above one but came to know from reliable sources that it works 🙂

Alright so now your photos and your status updates etc. are “Friends Only” which of course they always should be, all of the time.

But there are other things that shouldn’t be visible to the public as well. There are few things that many people still make public on their Facebook (and other social media) accounts, but they really should be private, or better yet, not on there at all.

Did you shared your D.O.B?

Okay, so you have to tell Facebook how old you are so they know you’re old enough to use the site. But make sure this information is set to Friends Only. Not only that, but we also recommend keeping your birth year set to Only Me. After all, your friends don’t really need to know how old you’re getting!

Your DOB is an essential and integral part of your personal information, and contributes to the “security questions” to many online and offline accounts, including your bank! Thus keeping this information away from strangers is important.

The privacy settings for your Date of Birth can be found in your About section under Contact & Basic Info.

How many friends are there in your list & who are they?

Did you know that if you have a public friends list then you are a prime target for a Facebook cloning scam? These scammers clone your account by creating a new account with your profile picture and Facebook account name. They then go to your friend’s list and start requesting friendships to your contacts, trying to lure them into believing it’s you!

To hide your friend’s list, go to your profile and click Friends. Click the Edit Privacy option and select Only Me.

Do you have your correct Address in your profile?

Okay, we know your address isn’t set to public. You’re not that naïve.

But we thought we’d include it here, mainly because it really shouldn’t be on Facebook AT ALL, and we know many people do include it.

So we hope the reasons for not having your address public are self-evident, but even having it as Friends Only or Only Me are not a good enough justification. Despite Facebook having a place to add your address, there really is no good reason why they need it. If a scammer compromises a friends account, or your account, they could obtain your address and that is the last thing you want a scammer knowing.

And how about your place of work?

Facebook and the professional lives of its users are becoming increasingly intertwined, and [in many cases] this really isn’t a good thing. The number of people getting fired from their jobs because of what they post on Facebook is forever increasing, and the last thing you want is for some ill-thought out post getting reported to your place of work.

The business world is slowly getting a handle on how to mediate social media, and as a result increasing number of employers are forcing their employees to sign contracts that include social media policies that include not posting things that will reflect poorly on them.

Whilst some people are always going to post regrettable content on Facebook, you can try and contain the damage it does by ensuring that people who see it don’t know where you work. Possibly.

It’s time to get over the illusion that just because you use Facebook for your own personal reasons, it cannot impact your professional life. Things that people say over a keyboard via their personal social media accounts are getting them into trouble, and it’s happening more frequently than ever before.

Therefore, either don’t include your workplace on Facebook at all, or if you do, keep it Friends Only.

Huh.. What do you know about facebook tracking?

On your settings page, click Ads and where it says Ads based on my use of websites and apps, select Off.

This prevents Facebook serving you ads based on websites that you have visited outside of Facebook – for example through third party tracking cookies. However you should be aware that Facebook still may track you even though this setting is off, it just prevents them from showing you adverts related to your activity.

What the heck is facebook app?

Facebook Apps that friends install can access information about you. To stop this happening go to your Settings page and click Apps. Select Apps Others Use and ensure all the checkboxes are deselected.

How many times and from where you accessed facebook? a.k.a Stale Sessions

Every time you login to Facebook and don’t log out, the session remains open. Most Facebook users will have a number of sessions open at one time. For example for their mobile phone, tablet and computer and possibly after logging in from a friends or family members computer.

A session will have the approximate location recorded next to it, often in the nearest city or location of your nearest ISP point. We recommend checking your open sessions and closing any that are suspicious (I recommend whichever is backdated)– i.e. nowhere near a location where you’ve logged in. This prevents that device from auto-logging you back into Facebook.

To do this, go to your Settings page and click Security and select Where You’re Logged In and review the open sessions. Hover the mouse over the location and it will show you the IP from which you logged in.

Few more recommendations before conclusion:-

Regularly check installed application by selecting the Apps option in your privacy settings. Make sure you remove untrusted apps.

Be aware that both your profile picture and cover photos are public and this cannot be changed. Do not make any of these photos something you don’t want people seeing.

Regularly check your activity log for public photos that you are tagged in, and untag photos you do not wish to be tagged in.

Suggest to your friends to tighten their privacy settings as well, especially if they regularly upload photos with you in them!

And finally, the most important part of the article, and advice we certainly recommend…

Facebook is a social networking site, designed for sharing. It can be argued that social media privacy is an oxymoron – for this reason never post or upload information onto the site that you cannot risk falling into the wrong hands. 

Always remember: Think before you post. Stay safe. Happy Posting..!!!!

Disclaimer:

This is a personal blog. All content provided on this blog is for informational purposes only. They are collated from different sources and some are my own.The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site.

The owner of THIS BLOG will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information 

Data courtesy : military sitesthatsnonsense.com and Wiki