This page highlights news reports, articles, podcasts, academic citations and other mentions of OnionScan and/or other projects.

News Articles

​A Tool to Check If Your Dark Web Site Really Is Anonymous - Sites on the so-called dark web are designed to protect the anonymity of both their visitors and owners. But plenty of administrators make mistakes in setting them up, sometimes leading to the server's real IP address being leaked, or they might leave identifying metadata in files uploaded to the site.

OnionScan, escanea la Dark Web en busca de fallos de anonimato - OnionScan es un programa que busca vulnerabilidades en webs anónimas por las que se podría filtrar información. Funciona de manera similar a las herramientas corrientes, pero enfocada al anonimato

OnionScan, le traqueur de connexions non anonymisées - La chercheuse en sécurité informatique Sarah Jamie Lewis a élaboré un logiciel, baptisé OnionScan, capable de remonter les vulnérabilités et bugs qui pourraient mettre à mal les connexions anonymes via le système TOR.

Dark Web Drug Dealers are Making Sloppy Mistakes - Staying anonymous on the so-called dark web can be really hard. Despite the protections offered by the anonymizing network Tor, site owners can still inadvertently leak details about themselves.

These Maps Show What the Dark Web Looks Like - What does the dark web actually look like? Well, new research maps out the relationships between a load of Tor hidden services, and shows that many dark web sites, rather than being isolated entities, are perhaps more intimately intertwined than commonly thought.

La Dark Web al descubierto: OnionScan dibuja un 'mapa' de la red Tor - OnionScan es una herramienta de escaneo de nodos de Tor creada por la investigadora Sarah Jamie Lewis, que elabora un informe de estado de la red anónima periódicamente. En el último por fin podemos saber cómo es

The Dark Web - Just How Dark is It? - These days, most of us are well aware of how readily we can be tracked online...

ИССЛЕДОВАТЕЛИ ПЫТАЮТСЯ ПОСТРОИТЬ КАРТУ ДАРКНЕТА - Исследователь в области информационной безопасности Сара Джейми Льюис (Sarah Jamie Lewis) обнародовала интересный отчет. Фактически Льюис занимается построением карты даркнета через проект OnionScan. Задача проекта: выявить взаимосвязи между скрытыми сервисами Tor и оценить примерный размер даркнета. Данный отчет стал уже третьим за время существования OnionScan, и он демонстрирует, что связей в даркнете гораздо больше, чем принято считать.

Hacker Mass-Scans Dark Web Sites for Vulnerabilities, Dumps Results - In April, an independent researcher launched a tool called OnionScan, which probes dark web sites for various vulnerabilities and other issues. Now, another researcher has described how to deploy that tool en masse using Python, in order to more efficiently scan sites. (Sarah's Note - The article isn't directly about me, but I am quoted talking about the ethics of onion data dumps.)

Politico Morning CyberSecurity Briefing 29/07/2016 - A brief callout " You should go ahead and consider many dark web sites compromised, writes Sarah Jamie Lewis."

Simple mistake exposes businessman’s secret Dark Web drug store - "Luckily, Sarah Jamie Lewis is on hand to dig them out of their self-made holes. Lewis is a Dark Web crusader on a mission to make the internet’s anonymous annex live up to its billing.

She scours the Dark Web with her OnionScan tool searching for those signs, welcome mats and keys."

Errori, malware e infiltrati: così si indaga sul Dark Web - "Gli errori di configurazione dei siti e più in generale dei “servizi nascosti” del Dark Web non sono rari. Per la ricercatrice Sarah Jamie Lewis, che da tempo scandaglia le darknet, interesserebbero il 6 per cento di questi siti. Ma si possono ottenere altre informazioni dal 25 per cento degli stessi. "

Dark net markets moving to adopt bug bounty programs - "OnionScan, software launched in April that scans Tor hidden services for security issues, has put the exclamation mark on the security woes that plague the dark net’s persistent black markets. According to Sarah Jamie Lewis, the anonymity and privacy researcher behind OnionScan, told CyberScoop things haven’t improved much in the last year."

An Anonymous group just took down a fifth of the dark web - "According to dark web researcher Sarah Jamie Lewis, Freedom Hosting II is smaller than its predecessor. An earlier report on the service found that it made up roughly 20 percent of dark web sites, including a number of bitcoin escrow services..."

‘Dark Web’ Sites Hit in Cyberattack - "Friday’s attack knocked about a fifth of the Dark Web offline, according to Sarah Jamie Lewis who is now an independent researcher and operates the privacy-focused website"

La investigadora que encuentra y analiza los lugares más oscuros de Internet - "Sarah Jamie Lewis ha creado una herramienta de código abierto que busca encontrar vulnerabilidades en la web oscura"

The law isn’t ready for the internet of sexual assault - Privacy researcher Sarah Jamie Lewis believes that the ability to collect and track data is even more pernicious. She said data stored by quantified sex devices -- such as the quantified cock ring Lovely -- could be enough to identify individuals.

Where Domestic Violence and Cybersecurity Intersect - “I think there is a tendency for people who work in the privacy space to—it’s stereotyping in some ways, but—they tend to be middle-class, they tend to be white, they tend to be male. They tend to live in certain [affluent] parts of the United States. This all colors a certain perception they have of the world,” Sarah Jamie Lewis, a privacy and anonymity researcher who works with LGBTQ communities and domestic violence survivors, told Rewire.

Nearly Half of the Most Popular Websites Use the Same Software to Track You Around the Internet - When you surf around on the internet, you're not the only one collecting information. While you check out various web pages, web trackers gather data about you, often without your consent.

We Anonymously Controlled a Dildo Through the Tor Network - Sex toy makers are increasingly connecting their products to the internet, but privacy is often an afterthought. One researcher showed that an alternative is possible.

Citations / References

Honey Onions: a Framework for Characterizing and Identifying Misbehaving Tor HSDirs - "Tools such as onionscan [18] look for such characteristics to ensure attackers cannot easily exploit and deanonymize hidden services, because of an oversight in the configuration of the services"

.onion - Wikipedia - "As of August 2016, 13 onion domains are https signed across 7 different organisations via DigiCert.[18]" - Referencing the July 2016 OnionScan report

Podcast Mentions

Risky Business #417 - OnionScan #3 gets a small mention during the news segment of the show.

That’s MY Facebook account/No it isn’t/Yes it IS! [Chet Chat Podcast 245] - Zepto is the new kid on the ransomware block, “OnionScan” checks how private the Dark Web really is, socially engineering Facebook support, and another Celebgate hacker pleads guilty.