Tor is perhaps the most popular and secure option available for anonymous internet connectivity.
What Is Tor and How does It Work?
The Tor network, often referred to as just “Tor,” is a volunteer-run system that helps make internet use more anonymous.
When a user is connected to Tor (often through the Tor browser), their outgoing internet traffic is rerouted through a random series of at least three nodes (called relays) before reaching its destination (the website the user wants to visit). Your computer is connected to an entry node, and the final node traffic passes through is the exit node, after which it reaches its destination (the website you want to visit). Incoming traffic is rerouted in a similar manner.
Aside from passing through several nodes, the traffic is encrypted, multiple times in fact. It loses a level of encryption at each node, but is never fully decrypted until it leaves the exit node for its destination.
Each node has an identifying IP address, which is also encrypted. The only IP address visible to the destination website is that of the final node, known as the exit node.
In total, the Tor network is currently made up of about 7,000 relays (nodes) and 800 bridges. Bridges are similar to relays, but they are not listed in the Tor directory. These are typically used by anyone who is unable to access the it by regular means, for example, if it has been blocked. They may also be used is a website or app blocks traffic from a detected Tor node.
What Is the History of It?
Tor is based on the principle of “onion routing” which was developed by Paul Syverson, Michael G. Reed and David Goldschlag at the United States Naval Research Laboratory in the 1990’s. The alpha version of it, named “The Onion Routing Project” or simply TOR Project, was developed by Roger Dingledine and Nick Mathewson. It was launched on September 20, 2002. Further development was carried under the financial roof of the Electronic Frontier Foundation (EFF).
The Tor Project Inc. is a non-profit organization that currently maintains Tor and is responsible for its development. The United States Government mainly funds it, and further aid is provided by Swedish Government and different NGOs & individual sponsors.
Is It Safe?
Various claims have been made to compromise its anonymity and security from time to time. The most famous one was the Bad Apple Attack in which the researchers claimed to have identified around 10k IP addresses of active BitTorrent users who were connected via Tor.
The Heartbleed bug was behind another major compromise in April 2014 which halted the Tor network for several days.
Traffic Fingerprinting is a method used to analyze web traffic by analyzing the patterns, responses, and packets in a particular direction. This technique can be used to attack the this network by making the attacker’s computer act as the guard. The main vulnerability was found at its exit points where the level of security is very low as compared to the rest of the network.
Tor Alternatives
Hornet is a new anonymity network that provides higher network speeds compared to it. I2P and Freenet are other anonymity networks which can act as its alternatives. Also, Tails and Subgraph OS are Linux-based distributions with built-in Tor support.
Should I Use Tor?
It has proved to be an excellent medium for safe, secure and anonymous web presence available to a user at no cost. The developers of this network didn’t intend it to become a hotbed of illegal activities, but evil-minded people have leveraged it for their benefits. The Tor project has led to an optimistic approach towards censorship and surveillance-free internet.
You can use it if you want to conceal your identity on the web or access some website that blocked in your region. But refrain yourself from doing anything that’s above the law because nothing is fool-proof and they can still catch you. Also, accessing your social media accounts over it can expose your identity.
Does It hide IP address?
While connected to this network, activity will never be traceable back to your IP address. Similarly, your Internet Service Provider (ISP) won’t be able to view information about the contents of your traffic, including which website you’re visiting.
Your ISP will see that you’re connected to a Tor entry node, and the website you’re visiting will simply see the IP address of the its exit node.
How to Use It: getting started
The simplest way to use it is through the Tor browser. This is a Firefox-based application which can be downloaded and installed on your computer.
Versions are available for MacOS, Windows, and Linux. Once you’ve downloaded and installed, you’ll be able to access clearnet and .onion sites through the browser.
In some cases, use of this browser may be blocked. As mentioned earlier, using a bridge should overcome this issue. In the past, this was fairly complex, but is a lot easier in the latest version. You’ll need to first locate a bridge and then configure it with this browser.
Does It really make you anonymous?
It’s very difficult, if not impossible, to become truly anonymous online. But Tor can certainly help you get there. All of your traffic arriving at its destination will appear to come from a Tor exit node. So will have the IP address of that node assigned to it. Because the traffic has passed through several additional nodes while encrypted, it can’t be traced back to you.
However, one of the issues lies in trusting the operator of the exit node. If you’re visiting an unencrypted (non-HTTPS) website, it’s possible the node operator can track your activity and view your information. They could collect data such as which webpages you’re viewing, your login information, the content of your messages or posts, and the searches you perform. Although, there’s no way to trace that information back to you or even back to the entry node.
It’s worth noting that using the this browser only protects traffic going through that connection. And it won’t anonymize other apps on your computer (although many can be configured to the Tor network via other means). Also, your ISP can still see that you’re using Tor. For improved privacy, you can use a VPN alongside this browser.
What Is the Darknet and How Is Tor Related to It?
If you’re familiar with the term, the “clear net”, you’ll know that it refers to the portion of the internet that can be freely accessed, that is without Tor or an alternate browser. On the other side you have the deep web. This includes content that isn’t indexed by search engines, including outdated content, private files, and web pages that have barred search engines from crawling them.
Also within the deep web is the darknet. This content can usually only be accessed using special tools like Tor. The darknet houses some legitimate websites. But it is better known for being a place rife with illicit activity.
You can access the clear net with it, but you can also access darknet websites, specifically .onion sites. These are sites which only people using this browser can access, and have .onion as part of their URL. They are also referred to as “Tor hidden services.”
They’re not indexed by search engines and can be difficult to find if you don’t know where to look. Tor protects the anonymity of the operators of .onion sites. So it would be difficult to find out who is running them. Of course, the combination of both operator and user anonymity is what makes the darknet ideal for criminal activity.
That being said, there are plenty of legitimate websites that have .onion versions. For example, VPNs are geared toward privacy-conscious users and some offer .onion versions of their site, ExpressVPN being one example. You can even set up a .onion site of your own through the Tor browser.
Downsides of Using This Browser
It is popular with many users. There are currently around 2 million users connecting to relays at a given time.
But it does have its downsides. Here are the main cons of using it:
- Slow speeds
- Detectable by ISPs
- Blocked by network administrators
- Vulnerable to attacks
Let’s look at each of these in a bit more detail.
Slow Speeds
The major downside to using Tor is that its slow. Traffic isn’t going directly to its destination. So this will slow things down. Plus, the speed of traffic flowing between the nodes could be slower than your regular internet connection, further dampening the overall speed.
What’s more, the number of volunteer nodes available is very small compared to the amount of traffic flowing through the network. The resulting congestion will slow down traffic. Especially during peak periods.
Due to these issues, the main use for Tor is general browsing. It isn’t suitable for streaming or torrenting, or anything else that requires a lot of bandwidth.
Detectable by ISPs
Another downside of it, is that your ISP will be able to see that you’re using Tor. It won’t be able to read the contents of your traffic. But the fact that it detects you’re using Tor could have some repercussions. As mentioned earlier, using Tor alone is enough to raise suspicion from ISPs and authorities. One way around this is to use a VPN with Tor.
Blocked by Network Administrators
Tor is often blocked by administrators of certain networks. One way around this is to use bridges which shouldn’t be detectable as Tor nodes. If the blockage is more sophisticated and uses deep packet inspection, you may need to use an additional tool, such as Pluggable Transports. This will mask your Tor traffic as regular traffic to bypass the block.
Vulnerable to Attacks
While it hasn’t been confirmed, there have been reports that traffic analysis on Tor has been successfully used to find incriminating evidence. One case that stands out is the Silk Road takedown of 2013. Silk Road was a marketplace run through the Tor network and was involved in the sale of an estimated $1 billion worth of drugs, along with other illicit goods and services.
There have been various theories regarding how the FBI identified the criminals involved. But the case suggests that there are vulnerabilities in the Tor network as an anonymity tool.
There are also the aforementioned rumors about exit node monitoring to be wary of. Bear in mind that these reports don’t appear to have been confirmed. So can be viewed with skepticism.
