WEBVTT 00:01.280 --> 00:05.030 In this video, we're going to be talking about the brave browser and the darknet. 00:05.450 --> 00:10.850 So the darknet is essentially the UN indexed part of the Internet. 00:11.300 --> 00:18.980 And you're probably going to hear a lot of scary stories about the dark web, the Darknet, things like 00:18.980 --> 00:25.640 media news stories talking about, well, there's a lot of illicit trade, there's sex trafficking drugs 00:25.640 --> 00:28.610 you could hire hit men on on the dark web. 00:29.620 --> 00:31.750 And there's a lot of criminal activity there. 00:32.480 --> 00:38.870 And while there is a lot of criminal activity on the dark Web, because it is essentially the indexed 00:38.870 --> 00:40.220 part of the Internet. 00:41.920 --> 00:47.080 It's also, well, really just an index part of the Internet. 00:47.080 --> 00:54.430 So if I pull up Google or Yahoo or Bing or whatever, Yandex, I'm not going to be able to browse these 00:54.430 --> 00:55.780 dark Web websites. 00:55.780 --> 01:00.610 Typically, it's not going to be able to see it because it's, well, not indexed. 01:01.990 --> 01:08.110 And while there is a lot of illicit activity on the dark web, there is a lot of illicit activity on 01:08.110 --> 01:14.140 the clear web, which are things that Google and Yahoo and Bing and whatnot will be able to index also. 01:15.490 --> 01:18.040 Now, the dark web isn't all bad stuff. 01:18.040 --> 01:22.840 There are legitimate websites on the dark web, things like Facebook's on there. 01:22.990 --> 01:27.640 A lot of news stations are on there also and what not. 01:28.700 --> 01:34.100 It's really, again, just parts of the Internet that are not indexed. 01:35.440 --> 01:43.120 However, if we're doing an investigation and we need to be able to look at these different websites 01:43.120 --> 01:46.720 on the dark Web, we're going to need something like the Tor browser. 01:47.410 --> 01:54.340 Or we're going to need something that's able to access the Tor network or the these onion routers. 01:54.460 --> 01:56.410 And we'll talk about that in a moment. 01:57.770 --> 02:00.470 Now the easiest way is to grab the Tor browser. 02:01.290 --> 02:05.480 And if we go to Tor project at Org, it'll take us here and we could download this. 02:05.490 --> 02:05.790 Now. 02:05.790 --> 02:07.170 The Tor browser is really cool. 02:07.170 --> 02:10.080 It's a browser built on Firefox. 02:10.080 --> 02:17.070 You can download it for Windows for Linux for OS x on Android phones. 02:17.580 --> 02:20.460 And the great thing about it is it's designed for privacy. 02:20.460 --> 02:22.620 It's designed to block trackers. 02:23.310 --> 02:28.990 It'll block third party trackers and isolate them so ads can't follow you. 02:29.010 --> 02:33.810 Cookies automatically clear when you're done browsing and your browsing history goes away when you're 02:33.810 --> 02:34.380 done. 02:35.490 --> 02:37.740 It's great to defend against surveillance. 02:37.740 --> 02:41.280 Resist fingerprinting, multi layer encryption. 02:42.080 --> 02:45.890 And typically we'll allow you to browse sites that you normally wouldn't be able to. 02:45.920 --> 02:53.570 If your say in a country that's that has heavy censorship, tor browser works really well. 02:54.440 --> 03:04.010 Now it's also widely used by journalists, by security professionals, privacy advocates and whatnot, 03:04.010 --> 03:11.600 not just criminals, because again, you have that pretty incredible amount of security browsing Internet 03:11.600 --> 03:13.970 with Tor and the Onion Network. 03:15.630 --> 03:20.100 Now, if you're trying to download this at work, you're probably going to have a problem because again, 03:20.100 --> 03:28.020 because this allows for anonymous browsing work networks will typically block the Tor browser. 03:28.500 --> 03:32.520 School networks will typically block the Tor browser and what not. 03:33.580 --> 03:36.460 And this isn't just because they can't snoop on you. 03:36.760 --> 03:41.980 It's also because for legal reasons, that they have to be able to comply, that they're able they're 03:41.980 --> 03:46.180 doing their due diligence to protect people from certain websites and whatnot. 03:47.270 --> 03:48.560 And protect the network. 03:48.560 --> 03:50.330 So they're going to try to block this. 03:50.390 --> 03:54.300 So if you're trying to download this app at work and you're not able to. 03:54.320 --> 03:57.050 That's usually what the issue is. 03:57.050 --> 04:01.850 You're probably going to have to wait till you get home or go on to a public network that doesn't block 04:01.850 --> 04:03.140 it to download it. 04:05.310 --> 04:10.500 Now, this is an example from the EFF on how Tor works. 04:11.560 --> 04:17.500 Now, typically, if you excuse me, if you're going to the Internet, it goes from your computer to 04:17.500 --> 04:20.050 your ISP to wherever you're going. 04:20.260 --> 04:22.060 And that's a pretty straight path. 04:23.160 --> 04:29.250 And if someone's going to trace back, it's not going to be very difficult to be able to fingerprint 04:29.250 --> 04:31.860 your browser, be able to view your activities. 04:31.860 --> 04:37.830 They can probably figure out information about your computer, your browsing history, since all that 04:37.830 --> 04:43.980 typically isn't blown out unless you configure a browser and lock it down, which a lot of people unfortunately 04:43.980 --> 04:44.520 don't. 04:45.000 --> 04:47.850 And also, it is a very straight path. 04:47.880 --> 04:51.270 It's not a multilayer path to get there. 04:52.610 --> 04:55.280 However, if you're using the Tor browser. 04:56.160 --> 05:03.750 In this example, Ellis has a Tor client and it picks a random path that is going to be encrypted. 05:04.740 --> 05:07.590 So in this path, it takes a pretty straight path. 05:08.250 --> 05:10.920 So we have all these different computers here. 05:10.950 --> 05:15.930 These are these represent onion gateways, essentially. 05:15.930 --> 05:24.120 These are computers that are in servers that are running a protocol that allows the Tor browser to see 05:24.120 --> 05:25.770 it in and use it. 05:25.770 --> 05:26.490 So. 05:27.400 --> 05:33.910 In this example, Alice's connection goes from this this router to this router to this router, and 05:33.910 --> 05:40.270 then finally to Bob, which she's trying to get to that website or server, and then it takes a path 05:40.270 --> 05:40.930 back. 05:42.080 --> 05:44.870 Now if someone is trying to. 05:46.200 --> 05:47.240 Trace you back. 05:47.280 --> 05:48.870 Trace back to you. 05:49.760 --> 05:52.170 Well, then they're going to be able to hop back here. 05:52.190 --> 05:54.290 They're going to see this this router here. 05:54.620 --> 05:55.910 And that's not going to be you. 05:55.910 --> 05:57.680 It's going to be pretty far away. 05:57.920 --> 05:59.660 And then the traffic is going to be encrypted. 05:59.710 --> 06:05.570 They would actually have to be able to trace it all the way back through these various onion routers 06:05.570 --> 06:09.200 back to you again, over a encrypted channel. 06:09.200 --> 06:11.090 So it's going to be really difficult. 06:11.960 --> 06:16.340 And again, this is really why the Tor browser is really great. 06:16.970 --> 06:20.270 Now, of course you could use things like a VPN to encrypt your traffic. 06:20.270 --> 06:26.180 However, Tor browser adds an extra layer of security by hopping through all these random paths to get 06:26.180 --> 06:27.410 to where it's going. 06:29.640 --> 06:31.410 Now the. 06:32.050 --> 06:39.040 The Onion Network, the the dark Web websites, you'll be able to identify it by a dot onion extension. 06:39.040 --> 06:42.490 It's not going to be a dot com or dot org or whatnot. 06:42.490 --> 06:45.430 It will be a dot onion address. 06:45.700 --> 06:50.110 Now, these addresses are not going to work in a standard browser. 06:50.290 --> 06:53.740 It needs to be able to go through the onion router. 06:53.740 --> 06:54.370 So. 06:55.830 --> 07:01.050 On this page here I have a brave browser which essentially chrome or chromium. 07:01.140 --> 07:03.330 The page can't be displayed. 07:03.930 --> 07:07.020 However, if I pull up a tor browser here. 07:08.480 --> 07:15.800 And once it's connected here, I can simply paste the URL in here and it comes right up. 07:16.390 --> 07:22.180 Now the Tor browser will typically operate slower because again, we are taking that random connected 07:22.180 --> 07:23.950 path to where we're going. 07:24.190 --> 07:29.260 So do expect the Tor browser to be slower when you're when you're accessing. 07:29.650 --> 07:34.270 The other thing is since we're since we're using a. 07:35.320 --> 07:40.960 Oh, taking a random path where we're being dropped out of a random server, essentially. 07:42.430 --> 07:45.970 The language is probably going to be different from what you're used to. 07:47.400 --> 07:49.290 So if I pull up Google here. 07:50.700 --> 07:52.350 This comes up in English. 07:52.350 --> 07:58.470 Sometimes it might come in German and my command Dutch, it might come out in Italian or whatnot. 07:59.380 --> 08:03.760 Again, it's going to be randomized for what country? 08:03.760 --> 08:07.630 The route, the the exit node is essentially. 08:08.510 --> 08:10.700 And so don't be too thrown off by that. 08:10.700 --> 08:17.870 If you pull up a if you pull up Google or Bing or DuckDuckGo or whatever, and it's in a different language, 08:17.900 --> 08:25.520 it's probably because the exit node is going to is in a different country again, which is good because. 08:26.930 --> 08:27.590 It. 08:27.590 --> 08:32.120 If someone's going to try to try to come back and try to identify you. 08:32.930 --> 08:36.230 It's going to initially look like you're not like you're in a different country. 08:36.260 --> 08:39.190 Kind of like how a VPN will make it look like you're in a different country. 08:39.200 --> 08:42.470 However, using Tor, it's all randomized. 08:43.360 --> 08:45.520 So this is the Tor browser. 08:45.520 --> 08:47.440 Again, it's it's really useful. 08:47.440 --> 08:49.110 It's a fantastic browser. 08:49.120 --> 08:53.710 It is going to be slower when you're browsing the Internet because of the extra layer of security. 08:55.640 --> 09:00.230 Certain websites may be a little bit of a pain when you're trying to log into it. 09:00.260 --> 09:04.370 You probably have to go through a bunch of captions and and. 09:05.260 --> 09:11.650 Improve that you're not a bot because all that traffic is encrypted in it really doesn't like it, however. 09:12.520 --> 09:20.110 If you're doing investigations and Tor browser is a fantastic way to go because again, it's very secure. 09:20.110 --> 09:27.790 It's it's encrypted traffic, It's randomizing the path that it's taking to get to where you're going. 09:27.790 --> 09:33.580 And if you're going to do a dark web investigation, you absolutely need to use a Tor browser or something 09:33.580 --> 09:35.110 that goes through the on your network. 09:36.070 --> 09:43.120 The alternative is if we use something like the brave browser, which I like, I use a brave browser 09:43.120 --> 09:48.430 as a kind of a daily driver, because it's it's pretty secure. 09:48.430 --> 09:49.870 It's based on chromium. 09:50.020 --> 09:57.100 But if I go over here on this little sidebar here, I can click on here and I could do a new private 09:57.100 --> 09:58.660 window with Tor. 09:59.800 --> 10:00.430 K. 10:01.440 --> 10:03.990 And I'm just going to block the diagnostic here. 10:05.040 --> 10:08.520 And what you want to do is you want to look here or tour connected successfully. 10:08.520 --> 10:12.420 You want to wait for this thing to actually connect to the Tor network before you do anything. 10:12.750 --> 10:18.390 Now, before I kind of get to that one website here, that onion link, but now that I've connected 10:18.390 --> 10:21.210 here, it should actually come up here. 10:21.210 --> 10:24.240 So let's give this a second, see if it actually comes up. 10:26.090 --> 10:27.620 And I can see it spinning there. 10:28.990 --> 10:29.880 And here we go. 10:29.890 --> 10:36.820 It actually pulled up the website here and let me type in Google dot com. 10:38.370 --> 10:40.380 And see what this does here. 10:41.540 --> 10:41.990 Okay. 10:41.990 --> 10:43.460 And that comes up in English. 10:43.460 --> 10:45.250 So all that's good. 10:45.260 --> 10:47.630 So all this is working properly. 10:48.450 --> 10:50.790 Again, I have the Tor browser here. 10:51.670 --> 10:55.990 Or actually have the brave browser here running over Tor. 10:56.440 --> 10:58.930 And I'm able to look into all this different stuff here. 10:59.000 --> 11:01.450 I wouldn't I'm not able to normally. 11:01.990 --> 11:09.280 Again, if I pull up a page here and I try this on the regular browser section, it's blocked, it doesn't 11:09.280 --> 11:09.610 work. 11:09.610 --> 11:13.030 I can also pull up things like Firefox here. 11:15.650 --> 11:16.610 Click that in here. 11:16.610 --> 11:19.160 And it's also likewise going to have problems. 11:19.160 --> 11:21.980 It won't be able to resolve that Onion address. 11:22.910 --> 11:29.750 Now, if you want to install Brave on your Linux machine, it is fairly easy. 11:29.750 --> 11:33.440 You could actually go go over and you could type in. 11:33.670 --> 11:35.060 Now let me get out of here. 11:41.310 --> 11:43.560 Okay, We close out here. 11:47.460 --> 11:53.970 There are tutorials on how to install Brave for Linux and if you're going to install it for the Trace 11:53.970 --> 11:54.690 Labs. 11:54.720 --> 11:58.080 Trace Labs is a Debian based system. 11:58.080 --> 12:03.330 Here you can go to brave dot com and then if you click on Linux it'll actually give you information 12:03.330 --> 12:09.240 here you can and it you could simply just copy and paste these commands in here to install the brave 12:09.240 --> 12:10.020 browser. 12:10.470 --> 12:17.940 So again, this was about Tor and the dark dark web essentially, again, the index part of the internet. 12:18.060 --> 12:19.380 Thank you for watching. 12:19.380 --> 12:20.640 I'll see you next video.