oxeo0/darknet-lantern
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/darknet-lantern.git synced 2025-05-16 20:26:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

updated the readme (WIP still)

Browse source
This commit is contained in:
nihilist 2025-01-21 13:29:26 +01:00
parent 696a03b1b1
commit e2dbe8374a
1 changed files with 30 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

63
README.md
View file

@ -23,6 +23,7 @@ TODO:
-release it officially
```
Feel free to join our Darknet Exploration SimpleX chatroom to talk about the project [here](https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FDkWtBNDdIPVjaap5trLwtmBBEUjyqxSZ%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAcQLIsWEJ0xCv9sMSYVQV_sfMTkK_pisAtN55jgH08T8%253D%26srv%3Dt3srl5etd5y7nfvamlkdsjmm2okfu7db2jp4crxvf3tkwo42odme3kid.onion&data=%7B%22groupLinkId%22%3A%22iK4_U76rW6AdmZZfgVDDVQ%3D%3D%22%7D)
# What is the Darknet Lantern Project ?
@ -41,6 +42,35 @@ The Darknet Lantern Project includes a Webring, as otherwise the Darknet Lantern
The more people join the Darknet Lantern Webring, the more visibility Darknet websites will be able to have over time, just like how it would be on the clearnet, while keeping the decentralisation and censorship-resistance intact.
All you need is to run your own Darknet Lantern instance, and to join the Webring as a new participant.
## What is the default trust model ?
When spinning up your own Darknet Lantern instance, you are automatically creating your instance folder in www/participants/yourinstancehostname.onion/ and in there you'll find a copy of the blank verified.csv, unverified.csv, and webring-participants.csv files, along with the default banner.png file.
By default, as they are in the templates/ directory, the verified.csv and unverified.csv files are empty as you shouldn't trust random links that other people are trusting, you should verify them yourself one by one, to make sure that they aren't malicious.
That is why by default, when you first setup your own lantern instance, you are not listing anything, nor trusting any links, nor trusting any webring participants. This is a safety measure by default to avoid vectors of abuse.
If you choose to do so, you can trust another webring participant, which means that in turn you'll automatically trust the links that they are trusting. But be warned that this is potentially dangerous in case if it turns out that they start to trust malicious links later down the line.
## What is the lifecycle of a Lantern instance ?
At first, you have an empty Lantern, no links listed, no links trusted, no webring participants trusted either.
If you want to go your own way to explore the darknet yourself, you can start to list links yourself, into the unverified.csv file, and later on once you browse them enough to verify their authenticity, you may choose to trust them, to move them from unverified.csv to verified.csv
If you want to avoid doing the same work that other webring participants may have already done, you may choose to synchronize with their lists of links, and to add the links that you didn't list yet into your own unverified.csv file. That way you'll be able to start exploring the Darknet starting from where others left off.
After a while of adding new links and verifying them, you may choose to trust another webring participant's list of links, to automatically add their verified links into your own verified.csv file. However as stated above be warned that this is risky due to the fact that you may inadvertently trust malicious links because of that other peer.
## What if there are malicious Lantern Instances ?
As stated above, it is possible that there will be malicious Lantern instances, meaning that you may have malicious peers that start to list some extremely illegal websites into their verified.csv file. This is why by default you are not trusting any Lantern webring participant, nor any links.
This is also the reason why there is a blacklist.csv file. That way, if there are any malicious keywords or links to be found, they will be immediately deleted. I for instance, refuse to list any porn sites or list any instance that lists porn websites, and i encourage you to do the same (hence the blacklist.csv file containing those words by default), as those can link to some extremely illegal content that you definitely don't want to get associated with.
Using the blacklist.csv file you can list blacklisted words, links and even links to blacklisted webring participants, that will automatically be removed if encountered by the python scripts.
## How can I setup my own Darknet Lantern ?
We'll first cover how you can run your own Darknet Lantern instance, In short you'll need the latest debian (which is debian 12 currently), Tor, php8.2-fpm, python and a few python libraries that you'll install via the apt package manager.
@ -299,39 +329,6 @@ It may take a few minutes depending on the size of your list of links to check a
*/3 0 * * * python3 /srv/darknet-lantern/scripts/uptimechecker.py
```
## can I do the initial setup ?
As detailed above, this project aims to gain traction over time as more and more people join the webring, so that a decentralized, peer to peer, anonymous search engine can be formed accross multiple communities, to speed up the exploration of the Darknet at large.
## What is the default trust model ?
When spinning up your own Darknet Lantern instance, you are automatically creating your instance folder in www/participants/yourinstancehostname.onion/ and in there you'll find a copy of the blank verified.csv, unverified.csv, and webring-participants.csv files, along with the default banner.png file.
By default, as they are in the templates/ directory, the verified.csv and unverified.csv files are empty as you shouldn't trust random links that other people are trusting, you should verify them yourself one by one, to make sure that they aren't malicious.
That is why by default, when you first setup your own lantern instance, you are not listing anything, nor trusting any links, nor trusting any webring participants. This is a safety measure by default to avoid vectors of abuse.
If you choose to do so, you can trust another webring participant, which means that in turn you'll automatically trust the links that they are trusting. But be warned that this is potentially dangerous in case if it turns out that they start to trust malicious links later down the line.
## What is the lifecycle of a Lantern instance ?
At first, you have an empty Lantern, no links listed, no links trusted, no webring participants trusted either.
If you want to go your own way to explore the darknet yourself, you can start to list links yourself, into the unverified.csv file, and later on once you browse them enough to verify their authenticity, you may choose to trust them, to move them from unverified.csv to verified.csv
If you want to avoid doing the same work that other webring participants may have already done, you may choose to synchronize with their lists of links, and to add the links that you didn't list yet into your own unverified.csv file. That way you'll be able to start exploring the Darknet starting from where others left off.
After a while of adding new links and verifying them, you may choose to trust another webring participant's list of links, to automatically add their verified links into your own verified.csv file. However as stated above be warned that this is risky due to the fact that you may inadvertently trust malicious links because of that other peer.
## What if there are malicious Lantern Instances ?
As stated above, it is possible that there will be malicious Lantern instances, meaning that you may have malicious peers that start to list some extremely illegal websites into their verified.csv file. This is why by default you are not trusting any Lantern webring participant, nor any links.
This is also the reason why there is a blacklist.csv file. That way, if there are any malicious keywords or links to be found, they will be immediately deleted. I for instance, refuse to list any porn sites or list any instance that lists porn websites, and i encourage you to do the same (hence the blacklist.csv file containing those words by default), as those can link to some extremely illegal content that you definitely don't want to get associated with.
Using the blacklist.csv file you can list blacklisted words, links and even links to blacklisted webring participants, that will automatically be removed if encountered by the python scripts.
## When should I mark websites as sensitive ?
In order to avoid putting all eggs in one basket, i recommend marking websites that are related to Drugs (as this is the most popular sensitive darknet topic) as sensitive whenever you add them into your unverified.csv file, that way you can give your audience a safe browsing searching experience, and an opt-in sensitive browsing search experience (with ample disclaimers/warnings) if they choose to do so.