The Dark Web is a granular term used for all the “hidden” public and private networks that are a part of the internet as a whole. Many of these dark webs are used for buying/selling merchandise on a platform called a marketplace. Each marketplace has many different vendors (stores) that are selling legal and illegal items. Remember, just because it is illegal in the USA doesn’t mean that it is illegal in another country. Usually these marketplaces have very dynamic and random URLs that do not give much information about their actual domain. This is to make it more difficult for investigators to figure out who is running that shop, in other words, it’s the shop’s way of securing themselves. Usually you can’t just search for these marketplaces. You will need to go to a site that then has the link to the marketplace but many times these links are outdated because of the URL of the market changing so much. These sites are called the Deep Web. Also, these marketplaces and the sites that host their links URLs’ are not indexed on the internet so search engines are unable to find them. To make some markets even more secure, they are not only accessed by the deep web links but you may need to contact an administrator of the market and ask for permission to access said market. This is a headache for end users but allows the market administrators to control every user that is able to access their market. Even some dark web markets can only be accessed through strict routing paths through the use of relays such as TOR.
Most vendors only accept certain virtual currency, mainly Bitcoins. Bitcoins are a virtual currency that is very secure in its anonymity and is a global currency that is not based on any one economy. Bitcoins do not have a central authority managing the currency. Instead, each transaction with bitcoins is validated by other users. This act is called bitcoin mining. With bitcoin mining, hashing algorithms are used and then solved by the miners which validates a transaction and then that transaction is updated in the block chain. The block chain is the information of every single bitcoin transaction. This is the security hole with bitcoins. Through the block chain, you may find a specific users’ purchases if you dig deep enough. This is a tedious and time consuming task but it can be done. The incentive of mining is not only to keep the bitcoin protocol functioning but you can earn bitcoins by being one of the first 100 miners to validate a transaction. This is how more bitcoins are provided as the bitcoin market grows. GUIMiner is a great mining application to use http://guiminer.org/. You may also purchase bitcoins from other users, vendors, and markets. Technically, you’re never in position of your bitcoins. They don’t “sit” in your bank, wallet, etc. The block chain is what keeps track of where every single fraction of a bitcoin is located and who owns it. To actually make a purchase or receive bitcoins you need a bitcoin wallet. A wallet provides a bitcoin sending address and a bitcoin receiving address. These are the addresses that you use to send and receive the coins from the block chain. Electrum is a good and popular wallet to use. https://electrum.org/#home
Almost all of the different markets and vendors will only communicate with each other and with customers using some form of PGP. PGP is a term used for any communication application that is for the purpose of private, encrypted conversations. Typically, before making any type of purchase, a customer must contact the vendor with a PGP application and discuss the purchase of said item(s). The text is encrypted using the other person’s public key and then sent to that person for them to decrypt the message with their private key and then respond in the same manner. Many vendors deny purchases for illegal items if they are unsure of whom you are. This is to protect themselves from being prosecuted for the sale of illegal items. A good PGP program to use is GPG4USB which can be downloaded from https://www.gpg4usb.org/.
Privacy and Security
Using a VPN service is a must when visiting the dark web. This will keep your ISP, government, hackers, and even the marketplace vendors from knowing exactly who you are and what you are doing on the web. You should exit your VPN network from another country that you do not reside in and also choose to use a VPN given IP address. But do not forget about DNS security, this could reveal your actual location and IP address. On top of VPN service, another good choice to use with the VPN is routing your communications through TOR. This will randomize and cover your trail even though the VPN is encrypting all the traffic. To take it one step further, you can add a high anonymity proxy server to TOR for one extra step of covering your trail. So basically you will go through your VPN’s network and exit into another region with a different IP address, then use the TOR relay network to randomize your communications further and then hit a proxy server which then will reach out to the web server. This is a very secure method but can make traffic extremely slow.