The “Deep Web” and “Dark Web” both sound intimidating, but that doesn’t mean they’re the same thing. While they’re related, knowing the difference can keep you safe from dangerous places on the internet and make you a hit at parties.
The Internet Is Not the Web
Before we get to the distinction between “deep” and “dark”, another common conflation has to be cleared up first. We tend to use “internet” and “web” interchangeably, but they are very different.
The internet is the network infrastructure we use to communicate globally. That includes the network card in your computer, your router, the fiber line from your house, undersea cables, and all the other bits and bobs that shoot electrical (or optical) impulses all over the planet. You can also include Internet Protocol as a defining feature of the internet. It’s the language of the internet and describes exactly how information is encoded and routed over the internet.
The World Wide Web is a service that runs on internet infrastructure. Specifically, it’s the network of websites hosted on web servers, connected to the internet. The internet plays host to many other services, such as streaming video, FTP (file transfer protocol), email, etc.
The concept of the internet as a network that can host many different types of network applications is important to grasp if you want to understand the difference between deep, dark, and surface webs.
Life on the Surface Web
The surface web is the public face of the internet. When you go to a company’s website, you’re visiting the surface web. Definitions may vary a little, but the surface web is essentially all of the websites and resources connected to the internet that can be freely discovered and visited. The Google search engine, for example, “crawls” the web looking for websites that are open for anyone to visit. When you visit our website here at How-To-Geek, you’re on the surface web!
Rolling in the Deep Web
The “deep” web then, is all of the stuff connected to the internet but hidden away behind some form of security. When you log into your webmail service, you’re on the deep web. All the stuff you can see unless you log into Facebook? That’s the deep web too.
Rather than being some scary part of the internet. the deep web is the meat and bones of our daily internet experience. It’s the basement of the amusement park where all the real work happens so that you can have a good time.
Unsurprisingly then, most of the web is the deep web. At this point, there’s usually an analogy involving icebergs and how most of their bulk is under the water.
The Dark Web
This brings us to the dark web. The dark web is a part of the deep web, but only a very tiny part of it. These are websites and servers that have been deliberately hidden. The people running the site don’t want anyone to know who they are and they certainly don’t want just anyone visiting their sites.
This anonymity can be achieved in various ways, but most of the sites on the dark web are “onion” sites. They can only be accessed using Tor Browser, which gives users access to the Tor network. The Tor network was created to allow completely anonymous (with some additional precautions ) communication over the internet. When a user and a website send data to each other over Tor, the data packets are randomly routed through a massive network of volunteer computers. Each of these nodes only knows where the packet just came from and where it’s going next, as each layer of an encryption onion is stripped from the packet contents. It’s only when the packet reaches the final destination that the last layer of encryption is removed and the intended recipient gets the original data.
While the dark web isn’t illegal in most countries. it’s quickly been adopted by criminals to shuffle illegal content and communication around the world. In combination with the rise of cryptocurrencies, the dark web has enabled billions of dollars in illegal trade.
There are plenty of legitimate websites on the dark web too, but in general, most users should avoid it since it comes with serious cybersecurity risks and any site could be compromised tomorrow, even if it isn’t today.