OnionCity

Discussion in 'privacy technology' started by mirimir, Feb 12, 2015.

  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    http://onion.city/

    They say that HTTPS is coming :)

    Edit: Without HTTPS, your ISP (or VPN provider) can see what you're browsing :eek:
     
    Last edited: Feb 12, 2015
  2. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    Wow, very convenient! Thanks for informing us!
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Thanks :)

    I should have emphasized the fine print, though. I will now.
     
  4. Rules

    Rules Registered Member

    Joined:
    Mar 3, 2009
    Posts:
    532
    Location:
    Europa
    Thanks for the tips mirimir, nice found.

    Rules.
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
  6. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    Does Onion City have a .onion address? This is an excellent link. I do not like it as a clearnet search engine.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    It uses Google as search backend, and restricts results to *.onion. When you hit a search result, it loads the hidden service through a Tor2web gateway.

    Giving it an .onion address would be pointless, I think.
     
  8. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    You know there are lots of onion site Admin's that don't want clearnet users anywhere near their pages. They are on onion for a reason.

    Warning on onion city's page: when you click on their security tab it basically tells you that if you want privacy you should go to TOR, in so many words. I know this may come out wrong but "clearnet" users wandering into onionland is like a lamb going into a wolves den. There is a learning curve in the deep web and if you hang out there without the learning you will likely regret venturing in.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    True enough. But more fine print tells you that OnionCity is censored.

    Many in the Tor community want to make onionland safe for lambs :)
     
  10. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Safe for lambs? Good luck unless the censoring is so severe it means you really can't "use" the deep web.

    I am staying tuned and will "enjoy the movie"!!
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    They can do that because they integrate Google search with Tor2Web. I haven't tested it enough to see how they handle onion links in onion sites.

    But for now, without HTTPS, they could indeed be leading users into danger :eek:

    :)
     
  12. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    On this topic Mirimir I must disagree with you. I am a user of TOR and find the tor2web gatways dangerous. Aaron Swartz did great work through the EFF. I admire the man and would ordinarily never question what he provided to the world while he was alive. I question abandoning the protection the TOR client provides. The average person does not use vpn's. The average person is going to click that link and be taken to a hidden service. Ones ISP does not need that type of information about your browsing habbits. This next part is partially my bias I admit. I don't like hidden service addresses advertised in an above ground search engine. The Tor Project has been thrust into the public eye way to much as it is.

    Also, I just went back over the Onion City page and they feel it necessary to add a security disclaimer that I feel is warranted to repeat here.

    Security
    1. OnionCity allows regular Internet users to access onionsites. Unfortunately, this requires sacrificing most of Tor's privacy protections.
    2. OnionCity provides much less security, anonymity, and confidentiality than using the Tor Browser Bundle (TBB). If convenience is not the deciding factor, you should always choose the TBB over OnionCity.
    3. Although publishers remain anonymous, when you use OnionCity your internet service provider can see what content you are accessing.
    4. OnionCity trades privacy for speed and convenience. Do not use OnionCity if others discovering which onionsites you visit would be legally perilous.
    Palancar is right. Most users of hidden services are wolves. Someone using a tor2web gateway generally does not know what they are getting into.

    BTW, if you cannot tell by my Avatar I am a card carrying member of the EFF.
     
    Last edited: Feb 13, 2015
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Virgil Griffith explained on tor-talk that the OnionCity includes lists of onion-tor2web links. I presume that they're generated by standard onion crawlers. Then they let Google crawl and index, and provide Google Custom Search. It's equivalent to doing a Google search with "site:eek:nion.city". See https://lists.torproject.org/pipermail/tor-talk/2015-February/036895.html

    For some privacy, one can instead use https://startpage.com/ with "site:eek:nion.city", and then view using the Ixquick Proxy.
     
  14. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
  15. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    IMO, this is the case of sacrificing security for convenience. If ever one needs security anywhere it is in the dark-net. Abandon security for convenience and wander into the dark-net amidst pedophiles, drug dealers, addicts, scammers, thieves, murder for hire and all sorts of criminality I have failed to mention, is akin to counting $5,000 in currency on a park bench in Central Park at night. Sure you can do it, it isn't exactly smart.
     
    Last edited: Feb 13, 2015
  16. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    @RollingThunder

    I hear you. I posted about this to raise discussion, not so much to recommend use.

    I would hope that OnionCity is based on safe lists of onion sites. But of course, that wouldn't prevent users from visiting evil sites. I haven't seen much Rickrolling on onion sites, for what it's worth.

    But again, many in the Tor community want to clean up onionland, or at least to dilute out the filth.
     
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
  18. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    Hmmm, this could be usable in the right circumstance. I run the tor browser. I went to the links provided and get a 404. Peaking my interest I went to nzbindex.nl and kickass.to to try to d/l via usenet or torrents. I received not one usenet hit. Kickass has it but with only 1 seeder. Useless. Maybe this is a case for binsearch.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    I tend to distrust out-of-nowhere stuff. At least they didn't name it Toros ;)
     
  20. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
  21. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    Memex is a SAS product, and far more GCHQ than NSA (if there's any difference).

    If I were betting, I'd bet on Google. The NSA did ;)
     
  22. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    Mirimir, you are going to have to forgive me. What is an SAS product? Also are you saying that the brits developed Memex and is in use more in Europe then the US? Details please.
     
  23. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    http://en.wikipedia.org/wiki/SAS_Institute
    http://en.wikipedia.org/wiki/Memex_Technology_Limited
    http://www.memex.com/

    Click on the Enquiries button, and you get:
    http://www.sas.com/en_us/contact/form/register.html
     
  24. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    I still think Onioncity is very useful. I don't go to so-called dark web, well, once I explored using Grams upon TBB, but most of those nasty sites require registration to see actual contents. I know some legitimate sites which are .onion site, but the problem is, unlike maybe most of you, internet via Tor for everyday browsing is just a pain for me. VPN is still viable option and I'm searching about paid solution, but no Tor for me except when I need true anonymity. So I only install Tor in virtualized environment when needed, but Onion city and Tor2Web will eliminate those needs including testing IP leak etc. But do you guys think it is dangerous even when I visit only a few legitimate .onion websites very rarely? I appreciate all those discussion as I'm not familiar with Tor and related stuff, I even didn't know Tor2Web. Thanks!
     
  25. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    The danger with OnionCity and Tor2Web generally is that there is no Tor anonymity for you, only for the site that you're visiting. So yes, you can visit onion websites. But you're not really using Tor to do it. It's just as if those sites were available on the regular Internet, and you were directly browsing them.