ProtonBlog(new window)

What is the dark web? The good and bad of the internet’s most private corner

Share this page

The dark web is much like the regular World Wide Web we’re all familiar with, except that the dark web provides much greater privacy.

The dark web has a reputation for being a place where you can find and contact drug dealers and hitmen. There’s truth to this, but the dark web also offers a welcome refuge from overbearing government surveillance and the ubiquitous corporate capitalism that tracks your every move online. 

The dark web isn’t called “dark” because it’s inherently bad; it’s called dark because it provides privacy (that can be used for good and ill). 

The extra privacy afforded by the dark web is undoubtedly abused by criminals to scam people, sell drugs, host illegal content, and more. The high-profile rise and fall of the Silk Road marketplace(new window) for illicit drugs is the best-known example of this.

But despite sensational media coverage(new window), many highly reputable websites have a dark web presence, including The New York Times(new window), The Guardian(new window), and even Facebook(new window). Indeed, Proton offers an onion dark web version of our website(new window) so that people in some of the most repressive parts of the world can access our services.

We explain what the dark web is, how you can access it, and what sites you might find useful on it. 

What is the dark web?

The internet can be divided into three parts:

1. The clear web

Also known as the “surface web”, the clear web is the World Wide Web(new window) we’re all familiar with. It’s a collection of websites connected to each other via hyperlinks that are easily searchable using search engines such as Google.

Learn more about search engines that respect your privacy(new window)

However, the clear web makes up only a small fraction of all content on the World Wide Web.

2. The deep web 

The deep web, also known as the “invisible web”, is often incorrectly conflated with the dark web. In reality, the deep web is all internet content that’s not indexed by search engines, the vast majority of which is innocuous content, such as financial databases, web archives, and any page that is password-protected (such as your medical records or bank account pages). 

An often-quoted paper from the University of Michigan(new window) states that “public information on the deep web is currently 400 to 550 times larger than the commonly defined World Wide Web”. However, this paper was published in 2001, meaning these figures should now be taken with a heavy pinch of salt. The point, however, stands — the deep web is much, much larger than the clear web.

The clear web vs. deep web vs. dark web

3. The dark web

The dark web, also called the “hidden web,” is a small portion of the deep web. It is made up of websites and other online resources that can only be accessed using special software, configurations, or authorization. 

Tor Onion Services(new window) are by far the most well-known and popular dark web. However, there are other dark webs. The best known are I2P(new window) and Freenet(new window), but there are also numerous smaller dark webs, such as GNUnet(new window), ZeroNet(new window), and dn42(new window)

How to access the dark web

To access the dark web, you need special tools that can vary depending on which dark web you want to use. 

Tor Onion Services

Tor is a tool specifically designed to provide a high level of true anonymity when using the clear web. When you connect to the internet through the Tor network, your connection is routed through at least three random nodes, with your data being re-encrypted each time it passes through a node.

How Tor works

The “entry node” can see your real IP address but has no access to the content of your data or what you do on the internet, while the “exit” node” onto the internet decrypts and encrypts your data (and can therefore see it) and can see which websites you visit. But it has no idea what your real IP address is. 

Although it remains probably the best way to achieve true anonymity on the regular internet, this system has a major weak point — the exit node. While it can’t know your real IP address, it can see your unencrypted data, which may reveal your true identity (although HTTPS(new window) still protects you). 

It also comes with some vulnerabilities. If a powerful adversary was able to take over a very large number of Tor nodes(new window),  they might be able to to deanonymize you by performing a timing attack (matching your connection time to the Tor network with known activity from a compromised Tor exit node). 

Another problem is that Tor makes the IP addresses of all public Tor exit nodes public(new window), making them very easy for governments to block.

Tor Onion Services was developed to overcome the exit node problem by removing the exit node. Onion Services are websites that exist within the Tor network and can only be accessed from the Tor network. Since these websites are themselves Tor nodes, there’s no need to use an exit node that could be blocked or monitored.


I2P(new window) is designed to improve upon Tor’s onion routing system with its garlic routing(new window) (a somewhat tongue-in-cheek name). One key difference between Tor and I2P is that I2P bundles its data packets together into “cloves” before sending them through its network as messages rather than sending them one by one as Tor does. 

Usually, each message contains one clove, but sometimes they contain two. This makes it harder for attackers to deanonymize you with timing attacks. 

Another important difference is that connections aren’t unidirectional. So (unlike Tor), outgoing and incoming traffic use different paths, making it much harder to trace a connection back to a user.

How I2Ps works

On a purely technical level, I2P offers some real security and privacy advantages over Tor. However, interest in I2P has waned badly in recent years (which itself impacts I2P’s security), so many I2P “eepsites” and forums are now abandoned.

Freenet (recently renamed Hyphanet) 

Strictly speaking, Freenet is a fully distributed, peer-to-peer anonymous publishing network that offers secure data storage. When you join the Freenet network, you agree to share a percentage of your local disk space. This space is securely encrypted, and other Freenet members download parts of files that are stored on it (in a way not dissimilar to BitTorrent(new window)). 

However, on top of this basic file-hosting framework, volunteers have developed applications that allow for websites, message boards, and more. A limitation of this system is that websites cannot be dynamic (so they’re always simple static HTML pages). 

An advantage is that web pages (and other data) can be available long after the original host has disappeared. However, if no one accesses data for a long time, it can disappear (this works much like BitTorrent, where files that aren’t actively seeded become de-indexed over time). 

Freenet bundles packets together and routes them through a varying number of nodes to confuse timing attacks. 

The network can be used in two “modes” — opennet and darknet. With opennet, you connect to random peers. With darknet, you only connect to trusted friends who you’ve previously exchanged public keys and node references with. It’s these darknets that makes Freenet uniquely secure, as it completely blocks outside access to data shared within a darknet group. 

Because of their closed nature, these darknets also make it impossible to know how many people actually use Freenet. 

How to access the dark web

Each dark web is mutually exclusive and requires its own tools to access. For example, you can’t use Tor Browser to access I2P eepsites. Since Tor Onion Services is by far the most popular (and therefore most generally useful) dark web, we’ll focus on that here.

The usual (and most official) way to access Tor Onion Services is by using Tor Browser for Windows, macOS, Linux, and Android(new window). This is a hardened version of Firefox that, by default, automatically routes all your connections through the Tor network. If you have an iPhone or iPad, you can install Onion Browser(new window), which while unofficial, is recommended by the Tor Project(new window)

The Tor browser establishing a Tor connection

For even greater security, you can use TAILS(new window). This is a Live Linux distribution that you boot directly from a USB stick so that it leaves no trace on the host computer. TAILS routes all connections (not just those from the browser) through the Tor network.

Once you’ve established a Tor connection, you can connect to onion dark websites. These are just like regular websites but use the special .onion domain name.

Proton VPN and Tor

With Proton VPN, you can route your connection through our VPN servers to the Tor network(new window). To do this, simply connect to one of our special Tor servers that can be identified by their onion icon.

Connect to the Tor network using Proton VPN

We offer this feature primarily as a convenient way to access onion sites using your regular browser, and it does offer some security advantages over using Tor Browser. Still, if security is important to you, we strongly recommend reading through the Tor Project’s official advice on using Tor and VPNs together(new window)

What’s on the dark web?

The illicit uses of the dark web are well documented: assassination services, ecommerce sites for buying guns and drugs, and so on (many of which are simply scams, anyway).

However, there are plenty of legitimate reasons to use the dark web. You can read ProPublica(new window) or The New York Times(new window), check your email in Proton Mail(new window), or browse your Facebook wall(new window). All of these mainstream websites offer dark web access because of the privacy and freedom of information advantages it offers.

See our pick of the best onion sites on the dark web(new window)

One of the biggest advantages of the dark webs is that it’s difficult to block. Common forms of censorship that rely on internet service providers blocking website IP addresses aren’t effective against dark webs. (As a result, some authoritarian governments have tried to block Tor itself(new window).)

For similar reasons, the dark web is more resistant to surveillance. Whistleblowers, journalists, and other professionals at risk of targeted surveillance use the dark web to communicate sensitive information. For example, whistleblower Edward Snowden used TAILS(new window) to help stay one step ahead of the NSA. 

Many organizations, including Human Rights Watch(new window) and the Electronic Frontier Foundation(new window), also support the use of and access to the dark web.

A major drawback of all dark webs is that they are very slow. With Tor, for example, your connection is routed through at least three random locations around the world (any of which might have very poor internet access), which necessarily slows your connection.

For day-to-day use, a VPN provides a high level of privacy while also having minimal effect on your internet experience. But when you need it, the dark web can be vitally important: When Turkey temporarily blocked Proton Mail for some users(new window), our onion site was one of the few ways people could access their emails.

So yes. Bad stuff happens on the dark web, but it’s also a vital privacy tool. As governments work to weaken encryption(new window) with backdoors and corporations gain greater access to everything we do(new window), privacy and security technologies like those used to create dark webs must be vigorously defended. And that starts with understanding them beyond sensational headlines.

Protect your privacy with Proton
Create a free account

Share this page

Douglas Crawford(new window)

Starting with ProPrivacy and now Proton, Douglas has worked for many years as a technology writer. During this time, he has established himself as a thought leader specializing in online privacy. He has been quoted by the BBC News, national newspapers such as The Independent, The Telegraph, and The Daily Mail, and by international technology publications such as Ars Technica, CNET, and LinuxInsider. Douglas was invited by the EFF to help host a livestream session in support of net neutrality. At Proton, Douglas continues to explore his passion for privacy and all things VPN.

Related articles

Even though the Snowden leaks came out 10 years ago, the United States never ended its unconstitutional surveillance program. It now has a chance to close the legal loopholes that allow warrantless spying on US citizens. But Congress needs to act bef
Over the past year, hackers have been using new and clever techniques to steal people’s online data. At Proton, we’ve been monitoring these evolving strategies and updating our defenses to stay ahead of the arms race.  Often, the attacks involve new
password fatigue
Most people in the digital age have dozens, if not hundreds, of passwords, and keeping track of them is tiring, to say the least. If you’re suffering from password fatigue, you’ll be happy to know there’s an easy fix. The short answer is that you sh
are password managers safe?
Password managers are a great way to generate secure passwords, keep them in encrypted storage together with your credit card details, and improve your online security across the board. But you might be worried about keeping so much sensitive data in
Most of us probably wouldn’t consent to sharing photos of our family and friends with random strangers on the internet. But that’s exactly what we do when we automatically sync our pictures to the non-private servers of Big Tech companies, which can
Google Drive is the world’s most popular cloud storage service by far, with over 3 billion people using Google Workspace (which includes Google Drive, Google Calendar, Gmail, and more). But this ubiquity has recently caused concern following several