Home » Jolly Roger’s Security Guide for Beginners » CLEARNET VS HIDDEN SERVICES – WHY YOU SHOULD BE CAREFUL
Click Here To Hide Tor


Some of you may have seen links to different websites on these forums. In fact my thread is full of them.

As you probably know by now, a hidden service is a website that uses a .onion address and a clearnet site uses the regular internet. You must be on TOR to access the onion network, whereas clearnet sites can be accessed from any browser. So why should you be careful when visiting clearnet sites?

When you see an article, link or video posted on the Silk Road forums, please note, that you should only be viewing those videos over TOR or possibly but as a last resort use a VPN and here is why. Let us use YouTube for example. YouTube is owned by Google, Google tracks everything. YouTube keeps track of which IP addresses search for what videos, and tons of meta data about it’s users.

When a link to a YouTube video is posted on the SR forums, we likely have to use our regular browsers to watch it because Tor browser is not good for watching flash videos. But the problem is, if a post on SR was written on January 10, 2014 recommending a video, and this video only has 500 views, perhaps this video has been up for a few months and did not end up being very popular. And then within the few days that this article was posted, 50 people viewing the Silk Road forum watch this video. The number of views just went up in a short period of time.

It is pretty easy to correlate that it is possible, that the people who watched that YouTube video, especially since it is not a popular video came from Silk Road, and if you made the mistake of using your real IP address, you have now been added to a list of people of interest. And if you do this multiple times with different YouTube videos, then they start to see a pattern and before you know it, they are confident that you are coming to watch these videos from Silk Road because every time a video is posted on Silk Road forums, your IP address comes up to watch this video.

But if you use a VPN, this makes things a little harder in that they are not as easily going to be able to link the video to you yet. But once they see a VPN address constantly popping up on those videos being linked from the forums, they might submit a court order to monitor the activities of the users of the VPN. HideMyAss was one of the most well known examples of VPNs being ordered to hand over information on their users.

The same thing goes with all clearnet sites. You never know who is monitoring their activity, and if it is an old article, more than a couple of years, then you can almost bet that the number of people viewing that article are down. So when somebody posts a clearnet link on the forums and people visit that link using an unprotected IP address, then the LE can start to correlate patterns against you. Of course, these articles and links are not as likely to be visited without TOR from the SR forums because you need TOR to view the forums, but especially things like YouTube videos since TOR does not work well with YouTube can be problematic.

So what can you do to protect yourself? Ask yourself first, do I really need to watch that YouTube video? Is it something important that I need to see? If it is, you might consider an option that I spoke about earlier called Tortilla, but it is only available to Windows users. I talk it about it at the following article.


You will run a Virtual Machine such as Debian, but do not connect to TOR using the Virtual Machine. The VM uses a bridged apapter and routes all traffic through Tortilla which routes all traffic through TOR on your Windows host OS without having to use the TOR browser on your VM. MAC users and Linux users may just want to view the YouTube video in a one time use proxy that does not keep any logs or maybe a public wifi network that has lots of users on it daily.

There is an infamous case of a murderer who called the sister of his victim from his victim’s cell phone. He would call from her Time Square in New York and taunt her and talk about how she was torturing her sister and the police put a trace on the phone. Unfortunately because Time Square is such a crowded place, even with all the cameras, they were unable to pinpoint exactly which person was making the call on that phone and they never ended up catching the guy. He ended up ditching the phone after he finally killed his victim. They knew he was a guy walking around Time Square on a cell phone but if you have ever been to Time Square, you know that there are millions of people doing the exact same thing, he just blended right in.

So you may want to use a public wifi in a crowded area that has many users all day long to watch a video and keep your IP address safe. If you cannot watch videos safely without identifying yourself, then do not watch them. It is as simple as this. Yes I know it is annoying that Tor does not work well with flash videos, but it is better than being thrown in jail where you will never be able to watch any YouTube videos.

The main reason I wrote this post was to remind you that correlating two users together on the internet is easier than you think. Once you start developing patterns and leaving your footprints behind, the LE have an unlimited storage space available to them to keep track of everything you do. Remember how Sabu got caught? He just logged onto IRC with his real IP address, one time. One time is all it takes for them to take you down. Always think before opening a link, what will this website identify about me?


  1. respect brah. good advice. i’m a noob, which is good. no patterns. taking it very slow learning everything I can, being super careful to not fall into traps others have. i’m ditching window for linux finally, once and for all, especially after seeing all the privacy traps built into windows 10. keep making anonymity possible.

  2. So, my question is opsec related but, not really about youtube…anyhow…So I used to have horrible posed when I was younger. Either I just didn’t care or just didn’t know better. Either way I’ve been to some pretty sketchy places on the ok www. So my question is this, is it ever too late to become anonymous. Or would I need to create another “me” in the idea of “me.02” had/has nothing to do with younger shitty posed me? That way in not setting off red flags? I know I’ve had to have done that in my ignorance of being an internet ninja?

    • Paystoboof

      Edit . in the sentence talking about .02 me,it should say shitty opsec me, not shitty posed me.

    • AnonAequitas

      -It’s never too late to practice good opsec, such as using VPNs*, TOR*, VMs (Whonix, etc.), Sandboxing technology (Sandboxie, app-armor, etc.), and SECURE OPERATING SYSTEMS (Qubes OS, Subgraph OS, Tails OS, etc.). As for separate “yous” or ‘identities, using them is standard OPSEC and there should be nothing to link them, I mean nothing, from passwords to connection times, right down to the vernacular.

      -You’ve got a few options in regards to your “shitty opsec” identity (ID1), either go from shit opsec (no vpns/tor, etc.) to full OPSEC (full tor/vpn/etc.), likely causing IRL flagging, thanks to XKeyscore & PRISM (#ThoughtCrime) or alternatively, you could continue to use ID1 as you were (no tor/vpn/etc.), while securely creating another Identity (ID2, MAX OPSEC) to use as your new, anonymous, primary online persona.
      -You could use ID1 for things such as facebook & other IRL stuff, as its essentially already tied to your IRL-ID (Google+NSA, nuff said) and use ID2 as your 1337 h4x0r anon persona.

      -It’s also good to have separate social media accounts (youtube, twitter, etc.) for each identity, although you may need to use tor->vpn/proxy if they block tor (A windows VM tunneled through tor is great for this).

      -It’d be even more of a tl;dr if I expounded upon the various things I’ve mentioned, which is why you need to google anything you’re unfamiliar with and LEARN! It’s especially important you look into the basic mechanics as well as the various pros & cons of the tools you use as well as the tools being used against you (XKeyscore, PRISM, etc.)! Just fucking Google this shit, don’t be a SKID…


  3. Feasible Deniability

    In layman’s terms can you explain to me the safest connection to use and how to get there. For investigation purposes I’m only trying to see if I can get info on a narcissistic father of three, who has left his wife of 35 years AND their youngest child, who has Autism which limits verbal communication to say the least. He encouraged his in-laws to build on to his house. When the father in law died, he kicked the mother in law out and sold the family home, leaving everyone out in the cold.
    The mother in law and his wife are to meek to try and get some kind of compensation or support and I just want to help them. Barring him, the family is very kind and loving and this has been a extreme surprise to them…and 2 days before Xmas. Plz help me help them!

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *