While Tor remains something of an internet boogeyman—a misunderstood service most people think is only useful for hiring hitmen or buying drugs using cryptocurrencies—we found that many Tor sites (called onions) lie somewhere between tame and useless. New research suggests what the few extant onions that remain are headed towards extinction.
The draw of Tor is its purported ability to keep users anonymous through the “onion routing” that gives Tor its name. It was developed by the U.S. Office of Naval Research and Defense Advanced Research Projects Agency after all. To vastly simplify, onion routing works like money laundering, where data from a user is passed through many routers, making it difficult to tell where requests are coming from.
A report yesterday by Onionscan—a series of probes into the health of the Tor network—queried a database of 30,000 Tor sites, doing so over several days as onions tend to have much less reliable uptime than websites on the “clearnet” you’re reading this on now. The report found about 4,400 were online—just under 15 percent. It’s impossible to claim these findings are ironclad, but they’re at least indicative of a larger downward trend.
Why is Tor shrinking in the first place? Adoption has always been slow due to users’ perception of dark web criminality and because Tor has a slightly higher learning curve than, say, Chrome. But the recent reduction in onions can be pegged to the disappearance of two major services: the site hosting service Freedom Hosting II and the email client SIGAINT.
If maintaining anonymity using Tor is hard for some, hosting a proper site on the dark web is beyond most peoples’ technical abilities. “The skills required to run a Tor hidden service make offloading that work to a 3rd party tempting,” the report cautions. “However as seen with Freedom Hosting, and the other leaks we have demonstrated, this relationships (sic) creates additional security risks - and may in the end completely compromise any anonymity or privacy.” Amid allegations of hosting child pornography, FH2 was hacked in late January. When the service shuttered, 10,000 sites went down with it.
SIGAINT was among the most popular dark web email services. After months of spotty availability, it went offline in mid-February and hasn’t returned, rendering all correspondence conducted through the client irretrievable. Encrypted clearnet alternatives like Protonmail have since eclipsed SIGAINT. The loss of SIGAINT doesn’t have as pronounced of an effect as FH2's shuttering, it does further erode trust in Tor as a viable network.
So Tor’s star is fading—to say nothing of its less popular competitors like I2p or Freenet. Sites are too easy to connect to each other, uptime is not guaranteed, and relatively crucial services go dark without warning. Not all hope is lost for privacy wonks, whistleblowers, or amateur drug dealers though. With the vacuum created by FH2, Onionscan will begin work on a user-friendly dark net tool “that can be used by anyone that will host a hidden service securely, privately and anonymously.” We wish them luck.