***BIG LEGAL DISCLAIMER DON’T SUE ME*** None of this is advice or charter to break the law of your respective country. This is all information you can get from Google searches, and my purpose here is academic and informative, not instructive for illicit purposes. Got it? Good.

To recognize one of my favorite shows, Mr.Robot, coming to an end soon I want to talk about one of the most taboo topics on the Internet:

The Dark Web.

The underbelly of the Internet.

The Mos Eisley of the www.

Ok, maybe that last one is hyperbole of my design, but you’ve probably heard something about the dark web.

Mind you, the “dark web” is not the “deep web”. The deep web, i.e., 96% of the total internet and everything Google hasn’t indexed, lives behind passwords and encryption.

Go to www.readysetcrypto.tempurl.host? That’s the surface level clearnet.

Log into your bank account? That’s the deep web. Google can’t touch that information, nor should anyone else but you. But, it’s still part of the internet, albeit with one point of entry via your password, so we say it’s part of the “deep web”.

But again, this is very different from the “dark web”, which we’ll discuss now.

Note: This is all very useful information even if you don’t want to surf with the Internet’s worst. The privacy and security methods we discuss here are very applicable if you want to keep everyone from snooping on your sensitive work or following your Bitcoin trail.

Ok, so, the dark web.

The boring explanation is that the dark web is the World Wide Web content that exists on darknets — overlay networks that use the Internet but require specific software, configurations, or authorization to access. As you can tell, that’s similar, in principle, to our bank login example.

The major difference is that to effectively use the dark web it’s more about knowing the “website” address more than a password. So, it’s a secret club of sorts and that lets it exist outside the normal bounds of what is seen, and bought, on the surface web.

You’ve heard the stories probably. Places that let you order anything from drugs to stolen credit cards to trade secrets to rocket launchers.

The Internet’s own Black Market, in a sense.

But how does this work? And what role does crypto play? After all, Bitcoin was bolstered by the Silk Road underground marketplace. After all, today’s Dark Web markets are far bigger and more sophisticated than the Silk Road was, and crypto is the beating heart of this underground economy.

The first thing to learn is that everything Dark Web revolves around OpSec, or the need to conceal and protect one’s anonymity and security.  This isn’t just to hypothetically throw off the scent of law enforcement — dangerous people use the dark web and are looking for easy targets. Start browsing without proper protections in place and you’ll stand out like a torch in the darkness.

So, let’s first talk about the most important tool to access the Dark Web — Tor.  

What is Tor?

You can’t access the Dark Web using a normal web browser like Firefox or Chrome.

Instead, you need special software to access .onion links — which is what the Tor browser is built to do.

(The Brave browser actually has a built-in Tor browser! . . . But I still recommend following my guide if you want to stay safe on the dark web).

The Tor network not only allows you to browse normal, clearnet sites (like reddit.com) but also onion-sites (also called hidden services). These are special websites which allow the visitor and the operator of that special website (the hidden service) to stay anonymous. So, nobody knows the identity of each other.

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints.

Since this process wraps your message under layers of encryption which have to be peeled off at each different hop just like an onion — that’s why it’s called an onion router (and why we use .onion instead of .com).

Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it’s going.

Speaking of data packets and packet protection, you do not need to use a VPN when using Tor — Tor is essentially a VPN unto itself.

Using VPNs to “improve” Tor’s anonymity, i.e., “You know, more hops must be better, right?”, is just incorrect and misunderstands what VPNs do — if anything VPNs make the situation worse as they basically introduce either a permanent entry guard (if the VPN is set up before Tor) or a permanent exit node (if the VPN is accessed through Tor).

So, instead of a VPN, how will we ensure full anonymity?

After all, Tor is just a browser — a very secure and well-encrypted browser, yes, but a mainstream Operating System, such as Windows, is simply not a secure solution for isolation and protection.

Instead, we’ll use a Linux distribution as our OS named Tails.

What is Tails?

Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

• use the Internet anonymously and circumvent censorship (because all connections to the Internet are forced to go through the Tor network)
• leave no trace on the computer you are using unless you ask it explicitly
• use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging

As you can see, it is a pretty useful operating system for doing things that you do not want others to find out about or to simply stay safe.

Here is the default desktop of Tails. Pretty neat isn’t it?

Note: you cannot run Tails and another OS like Windows or OS X at the same time since they are both operating systems and your computer can only run one at a time.

Using Tails on a computer doesn’t alter or depend on the operating system installed on it. So, you can use it in the same way on your computer, a friend’s computer, or one at your local library. After shutting down Tails, the computer will start again with its usual operating system.

Tails is configured with special care to not use the computer’s hard-disks, even if there is some swap space on them. The only storage space used by Tails is in RAM, which is automatically erased when the computer shuts down.

So, you won’t leave any trace on the computer either of the Tails system itself or what you used it for.

That’s why we call Tails “amnesic”. This allows you to work with sensitive documents on any computer and protects you from data recovery after shutdown. Of course, you can still explicitly save specific documents to another USB stick or external hard-disk and take them away for future use.

But, if you’re afraid of having your personal / work computer become “corrupted”, don’t be.

You can use Tails on your normal computer and do not have to buy a burner laptop.

‘Ok, great’, you say, but you live at a college or will have to use your own WiFi. What then?

Should you be concerned that you’ll stand out to your ISP / authorities as a suspicious IP that clearly is up to no good?

Well, if you use Tails (or Tor in general) on your own WiFi, your ISP will only know that you are using Tor but not what you are doing exactly. Not grounds for having the door broken down in most countries, but I can understand that’s not ideal (please check if your country explicitly has banned the use of tor).

Thankfully, if you do not want your ISP to know that you are using tor you can tell Tor to use bridges on the Tails greeting screen (select “Yes” for the more options question and after pressing forward select the “My computer’s Internet connection is censored, filtered or proxied” option).

That will obfuscate the fact that you are using Tor from your ISP although it is not necessary as long as you are not living under an oppressive regime which blocks Tor and/or makes the use of it illegal. If that is not the case, please do not use bridges as it would take away resources from people who actually need them.

So only reason for using another WiFi than your own is that an attacker would not get your real IP address in case of a de-anonymization attack — instead they would only score the IP address provided by the network you are using (e.g. the starbucks WiFi).

However, these attacks are unrealistic and the risks that this method brings along to you (e.g. someone shoulder-surfing or a camera recording your face and/or screen) make it not worth it for staying “anonymous”.

Therefore, using your own WiFi along with following all the other tips here is a much better solution.

Here’s some other tips for staying safe on the dark web (and the surface web too):

• Every time you start the Tor browser, you have to set the security slider to high. This disables JavaScript (a programming language that websites can use to de-anonymize you) by default and enables some more security features.
• If you use clearnet websites that require JavaScript (like reddit.com), change the NoScript appearance so you can easily allow and disallow the scripts that you need as described previously.
• If a dark web site ever asks you to enable JavaScript, leave immediately.
• When shutting Tails down, it is best to wait until your computer is shut down completely before removing the USB stick. Tails will tell you that you can remove your USB stick now and shortly after that the computer shuts down completely.
• Is it okay to leave Tails logged in? No, you should shut it down when you are not using it anymore for a longer period of time (e.g. 10 minutes). Yes, it is a pain in the butt to restart your computer every time, but it is good security practice. Otherwise anyone could just visit you and would have all the unencrypted information they need even though you used Tails.
• Is it okay to resize the TorBrowser window? Changing the default size of the TorBrowser window should generally be avoided because it makes it a lot easier to track you across different sites. Although it is usually only an issue if you also have enabled JavaScript (which you should never do when browsing DNMs), it can also be done using only CSS (a style sheet language that you cannot disable like JavaScript). Here is an example how that is possible with CSS. It is not too alarming, however, so just make sure you set the security slider to high every time you start TorBrowser, and do not change the default size of the TorBrowser window.

• Never run Tails in a virtual machine (VM). That practice is discouraged by the Tails developers. Only use Tails as a standalone operating system, e.g., on an USB stick.

So, now that we have a secure environment using Tails and a secure browser using Tor, how do we securely send and receive Bitcoins?

Sending bitcoins

So, in general the path to send your bitcoins as securely as possible is: Bitcoin exchange -> normal wallet (e.g. Electrum on windows) -> Electrum on Tails -> Recipient.

Let’s first address a normal wallet (likely on your personal computer).

Now, I’m going to say something that goes against everything I’ve ever said regarding OpSec in crypto:

If your intention is full anonymity do not use Electrum wallets with two-factor authentication (2FA).

You may think that 2FA for markets is good (which it is) so it must be good for Electrum on Tails too. No.

It requires you to bring your smartphone into your activities — as well as installing google apps on it which is the last thing you want for an anonymous wallet.

Plus, your wallet will be secure enough if you keep your seed secure (e.g. written down on a piece of paper in a secret location and stored in a .txt file in your persistence directory, more on that later) and use KeePassX for your wallet password.

Fortunately Tails already comes with a wallet (Electrum) installed, so everything you have to do is regarding the setup process.

But . . . why do we do this?

Well, Electrum has a list of several servers which it will ask in order to get the balance of the addresses that belong to your wallet. An attacker could easily set up such a server to collect information about when what IP address asks for the balance of what Bitcoin addresses. So, Electrum is not anonymous.

To counteract this, your normal wallet and the Electrum wallet on Tails have to be different wallets. So, you have to do the setup process twice: once for your normal wallet and once for your Electrum wallet on Tails.

A couple more tips:

• SAVE YOUR ELECTRUM SEED. Write it down on a sheet of paper, in a text file and/or remember it. Just make sure that you still have access to it if you lose your Tails USB stick. Then you will always be able to recover all your bitcoins.
• Use a new Bitcoin address for every transaction. You have many different ones to choose from under the “Addresses” tab and you should use them because it does not cost anything to use or create new addresses. It further strengthens your OpSec, so do not use one Bitcoin address twice.
• Bitcoin tumblers exist, such as Tumblebit and CoinJoin, which aim to hide the origin of your Bitcoin. If you bought them using your bank account your identity is tied to those Bitcoins you bought as there is a record of you buying them with your name on it. Tumblers fix that by providing a service to mix potentially identifiable or ‘tainted’ cryptocurrency funds with others, so as to obscure the trail back to the fund’s original source. However, some tumblers participate in illegal money laundering so do not use them to avoid legal issues.