How to stay safe while gathering open source intelligence on the dark web?

The Tor browser comes with a range of encryption and privacy features. However, given the nature of the Dark Web, many users choose additional security measures to protect their identity.

1. Use Tor in conjunction with a VPN

Accessing the dark web is not illegal. That is, Tor server nodes are public and well mapped. Therefore, your Internet service provider will know if you are using an onion router - potentially attracting unwanted attention from law enforcement. Therefore, it always makes sense to use Tor to protect your identity through a VPN service.

2. Verify links

Because criminal activity accounts for a large portion of dark web traffic, many Onion sites are fake or have some other dubious motive. Verify any Onion link with a trusted friend or colleague before clicking on it. If this is not possible, try verifying the link through multiple sources.

3. Check your organization's policies and procedures

Many organizations prohibit employees from conducting open source intelligence on the dark web. Be sure to check your company's policies before starting any dark web investigation.

4. Check URLs carefully

Onion URLs consist of long, complex strings. An incorrectly entered letter or number may take you to an illegal or dangerous site. Always double-check the URLs entered into the search bar, and it makes sense to save the correct address on your file system or other research tools for easy access later.

5. Disable Javascript

Suspicious web pages can use Javascript to insert malicious code into your browser. Some cookies also use javascript to monitor users, potentially revealing your identity to adversaries. For these reasons, be sure to disable javascript on your browser.

6. Avoid downloading files

The anonymity of the dark web makes it difficult to verify anyone's identity. This is why it is important to avoid downloading any files you may encounter.

7. Close all applications

Make sure to close all applications, such as streaming services, banking applications, etc., before starting a new session. Also make sure to cover your webcam with tape and deactivate all listening devices on your system.

8. Use a privacy-conscious operating system

Consider using a privacy-conscious operating system such as TAILS (The Amnesic Incognito Live System). These can further prevent online surveillance and tracking.

9. Never give out personal information

Never disclose personal information about yourself or your organization. In addition, never reuse a username or avatar that may associate your dark web account with an online service you use elsewhere.