Hardware hacking transforms from mysterious craft to accessible art form in this captivating conversation with Dennis Pelton, whose electronic creations blend security education with playful innovation. At the center of our discussion is Dennis's remarkable business card—a seemingly ordinary rectangle concealing a microchip with his encrypted resume, challenging potential employers to demonstrate their technical prowess before accessing his credentials. "You are exactly the type of person that I want to work with," reads the message that awaits successful hackers, "the type of person who has the drive and motivation to do all of this just for the sheer fun of it."<br><br>What began as pandemic self-education has evolved into a passion for creating electronic puzzles that serve as both teaching tools and community builders. Dennis walks us through his growing collection of custom conference badges, including his star-shaped Wild West Hackfest creation that broadcasts its own Wi-Fi network for practicing hacking techniques, and his upcoming "Egru Vash" badge for B-Sides Tampa featuring LED eyes that visually indicate deauthentication attacks. For DEF CON, he's preparing electronic "fox hunt" transmitters to hide throughout the venue and oversized ESP8266 development boards designed specifically for younger attendees.<br><br>The conversation reveals a maker whose motivation extends beyond technical achievement to community building and knowledge sharing. Dennis prices his creations affordably—frequently giving many away—because his true reward comes from watching others engage with hardware hacking concepts. His future projects include potential workshops at maker spaces, hardware hacking villages at conferences, and even a cheeky experiment involving hidden "rubber ducky" USB devices at DEF CON to test security awareness. Connect with Dennis on Twitter and Mastodon as C0LDBRU to follow his latest creations and perhaps snag one of his unique badges at an upcoming security conference.
Eric Brown (00:05.048)
You’re listening to The Audit, presented by IT Audit Labs.
you
Mandi Rae (00:15.662)
Welcome to the audit by IT Audit Labs. Joining me today is Bill Harris from IT Audit Labs, and we’re going to discuss all things darknet. Thanks for joining today, Bill. Thank you.
Bill Harris (00:29:00)
So today I’m going to walk through what the darknet is and why it’s here. There’s a lot of information about the darknet on YouTube. And I think you’ll find that
Some of it’s true, but it’s not really as bad as it’s cracked up to be. I’ll talk about where the dark net is, where you can go to get access to it. I’ll also discuss the legalities of the dark net, both in the United States as well as other countries. And then finally we’ll wrap up with a demonstration in which I will take you to the dark net and we’ll poke around some websites and see what’s really out there. So first up.
It’s important to understand that the dark net is not its own physical network. It’s actually an overlay on top of the Internet, as you know, and that you travel every day. But it can be accessed only with very specific software and authorizations. At the end of this presentation, I’ll take you through that. I’ll show you how to get the software and how to maneuver around the software to get access to the dark net.
I’ll also use the terms dark net and dark web a little interchangeably, but they’re really two different things. To employ an analogy, dark net is to the dark web as the internet is to the worldwide web. There are different ways to navigate dark net as opposed to simply going to the web portion of it. We’ll talk a little bit about those as well and how they’re different.
And finally, it’s important to understand the purposes for which the dark net was created. So the dark net was created by the US Navy in an effort to help foreign agents evade notice for national security reasons. It gave them a method for communicating back to the United States without being caught. And even today, the United States government has sites
Bill Harris (02:41.0)
on the dark web and they help support its ongoing life. So when we talk about the dark web, it’s usually done in the context of the rest of the internet. And what we see most often is this example of a glacier where you have the surface web at the very top. And this is the web that you can get to without logging into anything.
It’s not behind any paywalls. And this is where a lot of information exists, but not even most of it. So here at the Surface Web, you’ll find things like your public Facebook profiles, maybe public Instagram accounts. You’ll find the front pages of your favorite news sites, shopping sites, whether it’s Amazon or whether it’s the mom and pop shop up the street from you.
.
Bill Harris (03:38.304)
A level below that is the deep web. Now this isn’t a bad place to be in the deep web is called such because most of this information exists behind paywalls because for good reason it needs to be private. So in this area you’ll find paid subscriptions to say news or anything else that you’ve got a subscription for.
that provides information over the internet. You’ll also find your financial records out there, your medical records, other account information. There’s just a ton of information on the deep web. And by virtue of it being accessible only to authorized users, it remains hidden from the large majority of those on the internet. And then a layer below that is the dark web. This is what we’ll talk about mostly today.
And at the dark web, you’ll find similar information, but for the purposes of those who want to remain anonymous. So here you’ll find social media accounts from Facebook and Twitter. Facebook and Twitter both have dark web pages that we can go and take a look at. New sites like ProPublica and BBC and others have sites on the dark web for
anonymous journalism for the safety of their journalists and for getting information into other countries that might not be available from the surface websites because of country firewalls like the Chinese firewall that keeps people from seeing that type of information. As I mentioned earlier, you also find government sites, most notably from the CIA, and we’ll visit that site at the end of this presentation. You’ll find information drops out there where people can secure information.
to journalists without it being intercepted or noticed. You’ll also find account information that you wouldn’t want to be out there. So, yep, your passwords, your user accounts are on the dark web. You can rest assured of that. But they’re also on the deep web. People can log into the deep web and if they have a subscription, they can get access to your information, but they can also do that on the dark web if they wanted to do so more anonymously.
Bill Harris (06:03.798)
And then finally, yes, you will find black markets on the dark web. you know, these are the ones that you’ve seen on the news. There are black markets for drugs or black markets for hiring hackers to break into someone’s account. That’s the kind of stuff you might hear about most. But it’s not necessarily the majority of the dark web. So really.
The whole purpose behind the dark web beyond what the US Navy had envisioned it to be is really a place for political dissidents to exist and to get their views known. It’s a place for journalists, but it’s also a place for criminals. It’s a place for whistleblowers and human rights advocates. So it’s really a place for anyone who values anonymity.
whether for legitimate or illicit reasons. How do you get there? So the most common way to get to the dark web is via the onion router. So the also called Tor, the onion router is called such because it envisions the encryption technique like an onion, where you’re peeling away layers to get to the message, to get to the very thing in the middle.
And we’ll talk more about that on the next slide to see how that’s done. There are other methods to get to the dark web. Freenet is one of them. And that’s a newer method that exists next to the Tor browser that gets you a web-based experience. And then there’s also peer-to-peer methods to get to dark net. So this is a less of a web interface, but more of a peer-to-peer
where you can share information with other people on the dark web in a manner that conceals the anonymity of the sender and the receiver. As mentioned earlier, it’s important to understand that the dark net is not a physical construct unto itself. It is a logical layer that sits over top of the internet. So every day, every hour,
Bill Harris (08:21.976)
billions of bits are traveling across the Internet, but they’re doing so on the dark web. And that just means that it’s being encrypted several times end to end. And here’s how that works. So there are really two ways that you can use the dark web. The first way is to
Access the dark web from your location using that secured software such as a Tor browser. And you access the normal web as we know it. So you’re on your Tor browser and you want to go out to your favorite news site. Your favorite news site won’t know who you are, but everyone knows who they are. They’re not anonymous, but you are. The second way to access the dark web is
to access it from your Tor browser, but to go to a site that is also on the dark web. Now, no one knows who you are, and no one knows who they are. So both the sender and the receiver, or the person hosting the information, are anonymous. Either way, along this path, the Tor browser, or whatever client you’re using to communicate,
is encrypting the data again and again. So in the graphic here to the right of this slide, you’ll see that when it leaves one person, it goes through a level of encryption to the next person, or in this case, the computer. And then it gets re-encrypted and sent to another computer, who then re-encrypts it and sends it to another computer. And then that computer will then finally send it to its destination.
So along the way, every computer in that path knows only two things. They know where the data just came from and they know where it’s headed next. They do not know where they are in that process and they don’t know what happened before the point before or after them. And in that manner, the data remains encrypted and you remain anonymous. So.
Bill Harris (10:45.25)
The reason we know this continues to work is because the Tor browser is open source and it’s community supported. So anyone can go and take a look at the source code of the Tor browser, which by the way is based on Firefox because Firefox is a browser that is predominantly known for retaining some amount of anonymity for its users. So it was
a reasonably good selection given the choices that they had to choose from. Anyone can take a look at that source code and just confirm that there’s nothing amiss with it. Nothing’s been tampered with.
When you download Tor Browser, you can also download it securely by comparing its digital signature to what you would expect that digital signature to be, which is just a further verification that the browser you’re using is authentic and hasn’t been tampered with. There’s a ton of effort that goes into this software to ensure your safety on the dark net.
But as we’ll see, there’s more that you should do if you’re really interested in being safe.
Bill Harris (12:04.792)
So let’s talk about legality then. The dark net and by extension, the dark web, gets a little bit of a bad reputation for being the home to black markets and other places you wouldn’t want to be.
That’s mostly in the United States and in democratic countries. But there’s a bigger problem, and that is that in countries where they try to limit the information that’s available to their population, they may block tour altogether. And we see this in places like China, Belarus, Russia, Egypt.
Tor has methods to circumvent this and Tor has a concept within it that can be enabled and they’re called bridges. And the bridge is really just the first hop. It’s the first relay. That bridge is called the bridge because it’s not published. It’s not made public. So if they don’t know that that computer that you’re first hopping to is part of the Tor network,
they can’t really block it. That’s the concept. However, in recent years, some of these countries like China and Iran have begun to figure out ways around this. They’ve begun to figure out ways to block even those first relays known as Tor bridges. And now there’s another method to get around that. So it’s this cat and mouse game between the users of Tor and the countries
that don’t want it used because they don’t want their population to have access to the freedom of the dark web. So by extension, governments try to de-anonymize the Tor users by inserting their own nodes along the path. And this is an interesting attack. Anyone can host a node
Bill Harris (14:19.05)
on the dark web. But once you get enough nodes into that path, you could begin to de-anonymize the users. So if a country, say, were to insert, say, 2,000 nodes into the dark net, which has only about 7,000 nodes available to it, there’s a really good chance that that country could control all the nodes within your data path.
And from there, they can start to figure out what type of traffic you’re sending. And then you could become the anonymized tour has begun to react to that type of attack by studying the nodes and ejecting them from their network. This actually happened a few years ago where a thousand nodes eventually showed up trickling up month after month until they reached that number. And then the tour community realized that.
this doesn’t look right. So they began to push those nodes out of the network and now they have protocols in place to ensure that that doesn’t happen again. Now, interestingly, the U.S. government is one of these entities, we suspect, that does this type of behavior. But at the same time, the U.S. government continues to support Tor and the darknet. But that’s because they want other
They want the population in other countries to have access to secure information. But they also want to retain control over their own population in terms of ensuring that this is not a rampant place to go commit crimes. So if you’re on the dark net, there are a few do’s and don’ts to follow. The first one is ensure that your core browser or whatever.
client application you’re using is configured properly. If you’re really interested in remaining anonymous, then there are certain configurations that you’ll need to make to your core browser to do that. And I’ll show you a couple of those in the demonstration. Do expect slow throughput. Because of the way the dark web works, it’s encrypting your information over and over again.
Bill Harris (16:42.968)
sending it from relay to relay to relay, you can imagine that slows traffic down, especially when all the traffic on the dark web is traversing about 7,000 relays. That’s not a lot for this planet. So throughput remains very slow, not quite modem slow, not like 288 modem slow, but a lot slower than what you’ll see on the surface net.
It is also considered very poor etiquette to stream video on Tor for this reason. You can stream video, but it’s just not a nice thing to do. If you can even get the throughput to do it because you’re robbing that throughput from other people who need it for, you know, for less strenuous requirements. And lastly, if you’re on the dark net, make good choices. Know the sites you’re visiting.
Don’t let your curiosity get the best of you. And just know why you’re there. So at this point, what I’d like to do is take you into Tor Browser. And show you what the dark net actually looks like and will visit a few sites. So here I’m on a Windows virtual machine. And when you download Tor Browser, you can just do a search for it and it just downloads like any other software application and.
you click Setup and it gets installed on your desktop. You just double click on it. The first screen you’ll get is this one. Here it’s asking if you want to configure the connection or if you just want to go ahead and connect. Now, if you’re coming from the United States or most of Europe or most other countries in the world, Connect is a fine choice. You can just go ahead and Connect. If you’re coming from some other countries who may not appreciate you connecting over the darknet,
then you would go into configure connection and you begin to configure those bridges that I spoke about. In this example, it won’t be necessary. We’ll just go ahead and click on connect. It will take a few moments, but you’ll come up. This will be your flash screen. Notice that the search functionality is provided by DuckDuckGo, which is a more anonymous search capability than say Google.
Bill Harris (19:08.044)
DuckDuckGo doesn’t collect any information about you. And so it was a logical choice. So anything that you type in the search bar will remain anonymous. It doesn’t go off anyone’s database anywhere. So I’ve saved a few bookmarks, but before we go there, if you wanted to see what sites are available on the dark web, you could do that pretty easily by just typing in, say, the hidden wiki. And you’ll see that DuckDuckGo will go out and search for it.
and it’ll bring back some responses. Now, the hidden wiki is a list of darknet sites and their topics. This is by no means an exhaustive list. And you won’t find some of the more illicit sites on here. Over the last few years, I understand the hidden wiki has cleaned things up quite a bit. And so, while this isn’t completely family-friendly,
It won’t get you into too much trouble. But still, please be careful what you click on. You’ll see that each of these sites is organized by category. And some of these are very legitimate. Here’s the CIA site that I spoke of earlier. We’ll go to CIA. Now let’s take a look and see how quickly this does or does not come up. Note that the, we’re gonna, if you get this type of a message,
What the dark web is telling you, what Tor is telling you here is that the site is trying to load a script that could be used to uncover your identity. This is a JavaScript. You can load it anonymously by telling it, no, you won’t allow that script, or you can load it normally, which will load the script and maybe give you a better viewing experience. In this case, I’ll just tell it to continue to preserve my anonymity. So this will bring up the CIA site.
Notice how slowly this is going. This is one of the downsides of dark web. Because it’s dark web, it is also susceptible to a lot of distributed denial of service attacks. People love to attack the dark web. Usually they’ll attack a particular site, but sometimes they just like to attack the network itself. And that just bogs everything down and makes it run super slowly. So in the time that it took me to say all of that, CIA site is still loading.
Bill Harris (21:33.006)
So we’re going to come back to this in just a moment. While that’s doing its thing and sharpening up that image, let us take a look at some of the other bookmarks that I have here. So I mentioned Facebook earlier. So yes, Facebook maintains a dark website for those who might want to post a profile, but it’ll be anonymous, which is possible if they wanted to just get something out there, but not have it tied to their real identity. So here, while the Facebook site loads,
The CIA site is up and you can see you can just click through this like any other site. Notice the address. It ends in a dot onion address. Now if I were to take this address. Copy it to the clipboard and we’re going to say let’s go bring up. Edge. And I’m going to put this into edge. You’ll see edge has no idea what to do with that site, right? Because.
Edge is accessing the Internet. It does no concept of the dark net, so you can’t take a dot on the address and put it into Edge or Chrome or regular Firefox or Opera or anything. It’s just got to go through the Tor browser or an equivalent. Also, let’s take a look at the relays. So here’s how I’m getting to CIA site. This browser at the top of the list. My first hop is to Germany.
This first relay is also called a guard relay. The guard relay is just the first relay in the list. And then from there, I’m going to Poland, then I’m going to Finland. Every time I jump from one country to another, it gets re-encrypted. I’m going through more relays and then I’m finally hitting this CIA site. Note that it doesn’t have to be within two different countries. Sometimes these relays may go
Germany and then to a different place in Germany and then go someplace else. It’s just a different relay, but sometimes the relays can be in the same country. If I wanted to change my relay, you can do that. And the reason for changing all the, rather if I wanted to change the circuit, you can do that. And the reason for changing the circuit is because maybe this one’s just really slow. So if you click on new circuit for the site, you’ll watch. And now it’s routing me through Germany.
Bill Harris (23:59.084)
and then through another place in Germany and then through Russia and then through more relays. So here I am a Facebook. You’ll see it looks like a regular Facebook page. And if I go over to my normal browser and I bring up Facebook over here, it loads a whole lot faster, but it’s the same site, same page. It’s just one is anonymous and one is not. So I mentioned earlier that one of the use cases for the dark web is news.
So let’s take a look at the ProPublica site, which might be down now, but this was also showing up on, I think it might’ve been on the hidden Wiki too, so let’s go see if they’ve got a better address for it. Yeah, here we go. So ProPublica is an investigative journalist site, and they’ve got a dark net presence out there because they…
They want to ensure that everyone can get to their information, especially those who may live in countries who prohibit the sharing of free information. So the folks in those countries can access this anonymously in that case. But as I mentioned earlier, there are things that you should do if you wanted to remain truly anonymous on the dark web. And chief among these is to ensure that you understand your security level.
So if you’re in Tor Browser, you want to click the little shield icon to the right of the address bar and understand what security level you are using. This one is set to standard because I’m not trying to be anonymous right now. I’m just running a quick demonstration and I’ve got nothing to do on a dark web for which I would want to be anonymous. But if you do have a good reason for being anonymous or maybe you’re just a fan of anonymity,
You can go down this list. The reason that you would not run everything at safest is because if you just run, if you use the Tor Browser at its safest setting all the time, you’re going to break a lot of functionality that you’ve come to expect from websites. A lot of scripts won’t load. A lot of images may not load. So you won’t have the same experience. So for that reason,
Bill Harris (26:23.412)
A lot of folks who use Tor Browser will run it and it’s standard configuration. They’ll prevent such scripts from loading and the reason that scripts are dangerous is because a script can be written to report the true IP address of your machine, which is a way that they would bypass the Tor Browser. So they’re not breaking the encryption in that place. In that case, they are actually just bypassing the security of the browser and getting your information another way.
running it at its safest setting, we’ll generally avoid that. So that’s a quick look at the dark web and what you can find out there. And I think if you do a little bit of digging, you’ll see for what it is and what it is. The dark web is a place where you can find some things that are pretty dark, but you can also find a lot of good. It was created for a good purpose and there are
A lot of places out there that provide a lot of benefit to the world, you should check out if you have a chance. Hope you’ve enjoyed it. Mandy, back to you. Well, thank you so much, Bill, for this demonstration. I know I always hear dark net, dark web, and think of nefarious activity and threat actors, but having a better understanding of the origin and original intention definitely helps.
me see where there can be both positive and negative effects from it. A well-designed framework will reduce organizational risk and improve overall security posture. Contact IT audit labs and have us lead your team in outlining a strategic approach to remediate organizational risk.