It's that time of the show. Now this week's topic I've been wanting to record for quite some time, however, my listener base to a certain level if you weren't able to comprehend. So if you haven't listened to the earlier episodes, go back and listen to the one about the progression. Web three Dotto and one about the data brokers. And so that way you understand some of the terminology adoptions. But if you haven't listened to those shows, that's okay, you can still follow along. This week's podcast is titled down to the dark web. So hop on to my boat. And let's set sail to a place that was developed by the US government to communicate with spies and dissidents in countries where their communications could be monitored. That later turned into an open source project that's used by journalist and citizens of countries that are in denied areas. And also that could be used by drug dealers, people that sell stolen information like identity information, and other goods and services thick, the to have a level of anonymity, because they are highly illegal. So now that I got your attention, please, anything that you hear during this podcast is not information that you should use to then go out and start transacting business on the dark web, you're going to hear in the podcast, that even though there's tons of software that help you get onto the dark web, and that there's various websites that you can buy things with, that you will not normally be able to buy legally, please, this is not advice of how to do this. This is just me introducing you to the dark web, and the other 90% of the internet that's not indexed by search engines. Now usually I talk about cruising the highways and the byways of cyberspace. But this week, we're going to use a different analogy. This week, we will be sailing the Digital Ocean. And the reason why I like to call it the Digital Ocean is because of the way that I need to describe where the dark web lives. Now, when you think about the internet, as we've talked about in previous podcast, think of it as just a way to make connections between your computer and another computer. And so the internet could be pipes of which information flows. That's why they call it the Digital Highway or the information superhighway. But this week, let's think of it as an ocean. And the reason why is is that the internet that you normally go to when we say go to a new site, or go to say Facebook or something like that, those are what they call clear net sites, clear net sites or surface web is just what it sounds like it's on the surface. This is the part of the internet that is accessible without having to login. So the information you can get without entering in your username and password. Below that is where most of the data lives. As a matter of fact, the internet that's indexed by search engines is only about 5% of the internet. So when people say, go to Google and Google this or Google that or go to Bing, or any of your, your search engines, those search engines, for all intents and purposes can only crawl websites and index websites that are able to be accessed without entering in a username or password. That's only about 5%. A lot of folks don't realize that but that's just a very, very small part. So I talked about the digital ocean. So if we're sailing through the Digital Ocean, then what's below the water. This is where the internet is not index. And so we have probably about 90% of the internet could be considered dark or part of the dark net. Now you all to do math you You understand I said 5% is the surface web, and 90% could be considered dark? Well, there's about 5% of that, it's kind of in the middle. And that information is kind of like databases and stuff where it could be indexed, but the index er has to get inside the site. So these are sites that are normally behind things that we call a paywall. Now, you've probably ran into paywalls, before where either you Google something, and you click on the link. And before you can read the article, it asks you to log in or pay a lot of this is like news sites, and other sites like that. Now, before we get too deep into this topic, I just want to clear up something that is kind of a pet peeve of mine. When people hear dark web, they immediately think drugs and all this elect activity. But the dark web is simply defined as something that's not accessible without logging in. So technically, if you all are working from home remotely, as we all started doing during COVID, you know that you brought your laptop home. And when you needed to access company resources, you would get on a VPN. And that VPN was behind a username and password. And VPN stands for Virtual Private Network. And so in a sense, if your company has resources that you can only access via a VPN, then technically, that is part of the 90%, of the internet, of which we call dark. But for the rest of the podcast here today, whenever I refer to the dark net, I want to refer you to the one that is the granddaddy of them all. And that is Tor. Tor is the onion router system that I spoke about earlier, that was developed by the US government, there was two different government entities that were involved. One was the Navy research labs are Naval Research Labs. And the other one was DARPA, of which we've talked about before, and that's where the internet was born was out of DARPA. As I mentioned, it was developed so us spies and other foreign assets could communicate anonymously, encrypted, thus protecting them and the US secrets. However, it wasn't fully realized. And so instead of keeping it in one of these black projects, they decided to open source it, and they open sourced it under the Tor Project. And we will hear in a few minutes, why they called it the onion router network. So how do you get on this onion router network? Well, first you have to download purpose built software. Remember, this is the dark web. So that means that it is behind some sort of mechanism that is not accessible by the clear net. So you have to download the software. And then you have to configure the software to access the Tor network. So Tor is short for the onion router network. So we call it Tor, you configure your software to access the Tor network. Now, if you're accessing this from a mobile phone, it's very, very simple. If you're just wanting to browse it, you can find tons of browsers that are in the App Store or the Google store that you download, and boom, you're on the Tor network. When you launch this Tor software, it goes through a mechanism called bootstrapping. Now you got to remember, it's on the surface. So our analogy of the Digital Ocean, we're kind of cruising on the surface. But if we want to get below the surface, we have to have a mechanism to get us below that or for all my friends that are matrix fans, you know, you have to get jacked into the matrix. So when it is launched, it calls out to a clear net site that downloads a list of IP addresses that are gateways into there and they call these gateways guards. So if your ISP is monitoring your connection and These guards are freely available out on the clear net. Now there are some guards that are private guards that they don't advertise themselves. And so they deliver that IP address via out of band communications. But for all intents and purposes, it downloads a list of guards, and then it starts to connect to one of those. So, once your computer is connected to a guard node, it then needs to create what they call a virtual circuit. And a virtual circuit consists of at least three relay nodes. This is the onion part of Tor. So the clear net, you go into a guard node, then when you try to access your first server, on the Tor network, it goes through at least three other ones. And so the analogy of the onion that the computer communications or packet is in the center, as it Trans versus through each relay node, one layer is peeled off, and it goes to the next and it goes to the next. Now all of this is encrypted. So even the operator of the guard node, all they can tell is the clear net IP address that you came from. But when it starts to relay the packets, it doesn't have the ability to see what's inside that packet. And each one is stripped off like the onion peels, and in the very center is the information that is being retrieved, or sent. So why all this is very technical, just know that it's extremely simple. In this day and age, all you need to do is get out your iPhone, or your Android phone or tablet. Or you can download a special browser for any of your operating systems. And all of this happens behind the scenes, all of this guard node, finding it and all of that it just magically happens. We've talked a lot about how you access the Tor network. But we haven't talked about how you host services on the Tor network. And whenever I mean by services, this isn't the typical service that's available on the Tor network meaning higher and a hacker hiring a hitman buying drugs. No, we're talking about services, as in a web server and a chat server. Now that is very much completely different than turning on a website on the clear net. On the clear net, it's pretty straightforward. You can go to any of the website providers, and with little skill whatsoever, something like Wix or GoDaddy, you just go there and you type in the domain name that you would like to have. So Globalbob show.com, the registrar comes back and says that name is available, and you pay for that name. And then if you do it through, say, Wix or GoDaddy or any of the sites, they will automatically set you up a little virtual server, that you can then upload web pages, if that's what you do, or you can use their online editor. So they've really taken a lot of the technical parts out, it's very straightforward on the clear net. Now on Tor, which is part of the Dark Net, it's a lot more technical. And I'm not going to go real deep down into how you get your website on there. But what I want to do is talk about the domain name part, because on the tour or dark net, you don't have domains like global Bob show.com. No, it's much more difficult. What you have to do on the dark net is get a node on there. So say your Linux box or Windows box or your Mac OSX box, you get it on there, and then it will create you an onion address. Now the onion address is like the domain name. It's just a random letters and numbers. Now there's some onion sites that can take like the first part and get it where it's somewhat human readable. But for all intents and purposes, it's something very obscure that is probably nearly impossible to remember. So the Globalbob show this is not my onion address may be br or 5493 8x, z 283 s h 592 dot onion write something very obscure. Now, once the service is on the dark net, that service is also anonymous. So when people visit the dark net version of the global Bob Show, they don't know where my server is geographically located in the world. Well, we're here in a few minutes how the government and hackers are somewhat able to figure this out, but not directly. So it's not like the clear net, where if you don't want to have any traffic from Russia, you just firewall off the Russian IP addresses or Russian domains. It doesn't work like that on the dark net, or Tor. It is basically like a double blind system, the people that visit your site, you don't have any information about where they're physically located. And conversely, they don't know where your server is located. Now, once you're on Tor, you can get to clear net IP addresses, you can get to say facebook.com. But there's also really a Facebook onion site as well. So let me give you a different one, say somebody that doesn't have an onion site. So if you wanted to go to let's say apple.com, or amazon.com, and you are on Tor, you can go to those websites, no problem, what will happen is that your traffic will be encrypted to that guard node, that entry node, go through at least two other relay nodes, and then go out what they call an exit node. And the exit node is somebody that has decided to donate their internet traffic for Tor traffic, to be able to reach clear net sites. So if you go to these sites, you will probably see the language will be different, just because when you go to sites, a lot of times they see the IP address that you're coming from. And if you're coming from, say France, it will automatically turn it all into French. So what I want you to know is that there is a way to go from the clear net into Tor and through the Tor network and out an exit node. But the one thing that you have to be careful of is that these exit nodes are very easy to identify. And also you have to trust that exit node not to be sniffing your traffic because once it makes it to an exit node, all of the onion encryption is pulled off, and it enters into the clear net or the regular internet. And that's one reason why people use Tor. If you're in a country, say like Russia, where they're blocking us websites, then folks in Russia, they don't care anything about the hidden services that are on Tor, right. They're not trying to go to sites and stuff on the onion router network, all they're wanting to do is just get unfiltered internet. And so that's a very good application for Tor. So we've talked about how you can get on Tor. And we've talked about how the domain names are very cryptic type letters and numbers. And like I said, some people use Tor to get to the clear net, where their countries are blocking, right? We see a lot of this. I mean, here in America. There's not a lot of sites that are blocked. And so a lot of folks that get on tour, they'll be in countries where they have, say the Great Firewall of China, or other countries in the Middle East. They'll use Tor to try to get an exit node in America so they can get to sites that aren't blocked or or filtered. But back to the hidden services. So with these cryptic domains, how do you find where to go? Right? Because when you launch that browser on your device, and it connects up, it's bootstrapped. And it's on Tor. But how do you find where to go? Well, Google doesn't search the Tor network and everything is not centralized, right? So when any of my friends and family have created a website, and they register that domain, say Globalbob show.com, you'll instantly start getting your inbox flooded by people wanting to sell you things. That's because they see the newly registered website that is in that country. And they download it and they see who it is. And it may say Brian Varner, and here's my email address, and they start sending me information. Well, that's also how the search engines pick this up. The search engines say, hey, look, there's a new web site, let's go index it and put it into Google or Bing. On the dark net, it's not the same, because when you create a service on the onion router network, and you're going to host a server, no one knows about it. But there are some sites that are trying to say, index, the dark web. And there's two ways that the sites find out about it. One is that the creator gets their dot onion domain. And they will go to say, onion wiki, or Tor wiki, which is very much known, right? That link, you can go out on the clear net and look for the wiki for Tor, and people will post their link under there, and then the search engines will crawl it. And there's crazy search engines called light candle, there's one called torch and haystack, all these ones you've probably never heard of. But there's also one that I want to point you to that if you do decide to start doing some research and getting on the Tor network, it's called Duck Duck go that I feel like is one of the more safe search engines because they have both a Tor presence and a clear net presence. So if you're going to get on the Tor network and start searching, you kind of want to find the Duck Duck, go dot onion domain and use that as your search engine. One thing to keep in mind is that since the Tor network is a collection of servers, talking about the hidden network, part of it not go into the clear net, since it's a collection of servers that are ran by those that cannot put their data or don't want to put their data on traditional web server hosting providers that these services pop up and go down all the time. So when you're using a Tor wiki, or you're using DuckDuckGo, or any of the collection of search engines, you click on the link, one, it may take a while to load, because these servers may be running in somebody's house that doesn't have very good internet, or like I mentioned, you're having to go through various relays to get there. So the speeds may be slow, as well. But a lot of times, you'll find that you click on a link and it just sits there and it takes tons and tons and tons of time. And it may never load. So the experience is not like on the clear net, given the diversity of where these servers are located. Like I said, a great many of them may be located just at somebody's house. And they only have very limited internet. One research project in particular, that I was very heavily involved in consisted of using smartphones that had a modified operating system that would allow it to serve up websites on Tor. And what was really cool about this is, is that we could put whatever content we wanted on the cell phones and then publish the onion domain. And so if a person was accessing this content, or communicating with this phone, it was actually being served off of the cellular networks here in the US. And that was a pretty fun project and we got a lot of good results out of it. And what we were trying to do in this project was show that just how hard it would be to take down a website. If it were being ran on a device that could always be moving around so it can move around from cell tower to cell tower or if it would find internet Through Wi Fi, it could then get on the Tor network. So what I want you to leave here with is understanding that if you're not going to have the same experience as you do when you're not on the onion router network, that also includes using the onion router network to go to the clear net. So why go through all of this, I've given you a lot of technical aspects of the onion router network. I've also talked about how it's got very slow speed, there's not popular search engines that can index it, like it does in the clear net. And also somewhat cumbersome to set up if you want to host a website or say a chat server on it. Well, we got to go back to the beginning, we talked about that this was used by the US government or developed by the US government, so they could communicate with spies and foreign assets. Well, what you want in the spy world is kind of a double blind system, since nobody trusts anybody. So the Tor network allows for an anonymous user to connect to an anonymous server or service. Now, we know that once you take away the anonymity of someone, they kind of change their attitude. But if you can do things completely anonymous, that's kind of where you see what that person's all about. Case in point, you don't go to just some random place and say, I'd like to buy drugs in the physical world. But if someone can search the dark web, thinking that they're completely anonymous, can connect with a drug dealer, and they don't know each other. Well, that's where you may want to do that. And, but that's not to me, the power of Tor, the power of Tor is allowing the free flow of information out of countries, and even inside of some countries, where there's a high likelihood that there could be major repercussions. So inside of the United States, people may use Tor, if they're whistleblowers, they don't want to email, say, their company, HR department from their company email address, because they're afraid of retaliation. Also, they may not want to do it from their personal email address. So whistleblowers could use the Tor network to create a email address on the clear net, where their IP address is anonymized and stuff like that. Also, one of the major ones that we're seeing right now is getting information out of countries that try to block that information. So we're seeing and Russia, once they went into Ukraine, one of the first things they did was started blocking us news sources. They felt like the Russians felt like that if they blocked the US news sources and say Western news sources, which is, you know, everybody outside of Russia, then they can control the narrative. So the Russians are using Tor to get out of Russia, and into the Western news sources so they can get the real story of what's going on. One of the neat things that I'm seeing that was kind of unrealized by me, because I always think about Tor giving you access to denied information. But with the Ukraine, Russian war, I'm seeing through the various channels that I'm in, that people are using Tor to get inside of Russia. So Russia knows that Western activist or hackers that are not affiliated with those countries, governments, they want to attack Russian websites, they want to take down various servers and services on the clear net. However, Russia is blocking those IP addresses from coming into their country. So one of the cool things I'm seeing is, is that hackers are launching attacks through the Tor network and through an exit node inside of Russia, which is really, really cool. Also, you're seeing the information As we talked about coming out of Russia to get to those Western websites, and so while Tor gets a bad name as a place where you can get anything that your heart desires. Now we're seeing that it's actually being used for what it wasn't originally intended for. It's being used. So the Russian people can get information. That's true. And it's not propaganda from their government. So they're going from Russia. And out. Now we're seeing that Tor is not being used to go to various sites that are blocked, it's being used to get into countries. So they can wreak havoc on those countries services that are being blocked by their firewall. So all of this together is really neat that we've had this technology that was developed by the US government that was then open sourced, and yes, it can be used for illegal activity. But now we're seeing it make its way into the headlines for legitimate use, are I? Well, I appreciate you sailing the open seas of the Digital Ocean and for riding along, we're coming up on time. So I want to leave you with this one. Please do not download Tor and think that this is your gateway to communications and the buy and sell of stuff that you would normally not engage in on the regular internet. I'm telling you take it from information that I know you will get caught. You see it all the time, that the FBI and Interpol and all the other organizations, they have ways to de anonymize you. Now I'm not going to go into all the details of it. But if you get on their radar, chances are you will get caught. We've even seen some of the largest websites on the Tor network get seized by the FBI, and their operators spending many many many years in jail. Moreover, I've given talks on this before and I may do a podcast on it, you can not have anonymous and non anonymous activities on the same cell phone, iPad, Windows box Mac box laptop. So if you want to be completely anonymous, I mean one of the first steps you have to do is use a device that is never used for anything other than that. And like I said, this is just the tip of the iceberg. I may do a whole podcast on actually really going dark. So please do not use this for anything other than getting on the Tor network to do some exploration to take a look around. Don't use this as your guaranteed way of not getting caught by activities that you would not do in the normal world. Alright, so now that that disclaimers out there. Want to say thank you very much for everybody who tuned in. This is the girl boss show where are the crossroads, technology, and politics. I do this show weekly for you all. So if there's anything you would like for me to cover, please send me an email Globalbob show@gmail.com on Twitter, at global show. Also we have our Facebook group called Global show. Feel free to drop me a line or if you'd like for me to dive in deeper on any of these topics. We can definitely set up a phone call. And with that, I'd like to thank everybody for tuning in. If you find value in this, please share this podcast or the website to them. With that, I'll see you all later