The Silk Road, ever heard of it? It was a website hosted on The Onion Router (Tor) network. If I remember correctly it was also one of the FBIs largest busts. Boiled down it was a platform for buying and selling drugs anonymously, and it was a pretty intricate platform. I never visited it myself but I read research papers on it, and did use Tor at one point. Criminals using it for illicit activity is pretty disappointing because it can be an awesome tool. For example, during the Arab Spring Anonymous used it to help Tunisians coordinate their actions when their government tried to stop them.
I was part of the Operation Tunisia effort on the back end. Defacing a government website would not do a whole lot, and hacking remote printers was too much effort for me. Turning my PC into a Tor node and letting someone use my bandwidth however felt reasonable. I won’t lie it was pretty neat when I finally saw someone from Tunisia connect to my computer. Now this is where things get fun because the whole point of Tor is that it is supposed to hide your identity. Simultaneously, you may hear warnings nowadays not to use it because it is considered compromised by the FBI. I know I did back in 2014, and that was a few years after I stopped using the network.
Anyway, the way it works is that it bounces your connection around to random servers. Your packets are encrypted between bounces, and it’s a very tough encryption. In fact, the software was created by the US Navy or something. Anyway, Tor entry/exit points are unencrypted, and intermediate nodes can mess with your device. Basically the server hosting the website may not see who you are, but all the extra points along the way can see your identity. I brought this point up once in a paper on Tor and my professor wanted to speak to me. He gave me such a low grade on the paper I had to get a perfect score on the final project to get an A.
My understanding is that the original point of Tor’s design is that it makes ad-hoc networks easy to setup. An ad-hoc network is a network where devices communicate directly with one another, and send information along to the next device in the chain. Generally it is a bad network architecture, but in a pinch it can work well. That was anonymous’ plan to help Tunisians, with people like me on the backend running Tor servers so they could bypass any government firewalls.
I don’t use VPNs or proxies anymore because meta data is not encrypted, and providers typically maintain activity logs. What that means is that advertisers and the FBI can still track your activity, and all you’re doing with a VPN is fooling the server itself; It just makes traffic analysis more difficult for webadmins who do not use cookies to track traffic. I’m well aware this makes me a maverick in the field of cybersecurity and that’s fine with me.