Tor, once known only by network nerds, has now become something of a hot topic. This is thanks largely to the anonymous network's reputation for hosting drug marketplaces like Silk Road, and other unsavoury sites.
But what exactly is Tor? What is it good for? Does it have any legitimate uses? And how can those not versed in the finer details of network technologies actually access it?
08/04/2017:The Tor browser discloses information that a determined attacker could potentially use to identify who uses the browser to surf the web, according to a computer forensic expert.
Dr Neal Krawetz revealed the issues in his blog last week, suggesting that instead of masking the identity of the user through layers of encryption, Tor browsers do give away details about the person surfing the dark web.
The second issue he found is that the Tor browser tries to size the Window at 1,000 x 1,000 pixels but if the screen is smaller then it chooses a width that is a multiple of 200 pixels and a height that is a multiple of 100 pixels.
However, on Mac OS, the browser sometimes miscalculates the initial Window size, an inconsistent problem that he puts down to the height of the dock. This means that a user can be profiled: if the Tor browser window size is a multiple of 200 across but not a multiple of 100 tall then it is a Tor Browser on Mac OS X.
The third and last issue is to do with the scrollbar size in the Tor browser. The browser does not normalise the viewport size, so if scrollbars are displayed then the viewport size can be subtracted from the windows size to find out the thickness of scrollbars. This can then be used to find out which operating system a user is on, as different OS's and desktops use different default thicknesses.
Krawetz pointed out the scrollbar thickness for a number of platforms, including: "The Tor browser on MacOS 10.11 uses a default thickness of 15 pixels. The Tor browser on Windows 7/8/10 uses scrollbars that are 17 pixels thick. The Tor browseron Linux uses scrollbars that are 10-16 pixels thick."
He then said that if you can detect the Tor browser - as possible in the first issue, and the scrollbars are 17 pixels thick, then you can work out that it's the Tor browser on Windows. He added: "If the scrollbars are 15 pixels thick, then it's either Linux or Mac OS X (check the window height to distinguish Mac from Linux; see issue #2). And any other thickness denotes Linux."
Krawetz stated how hard it is to report an error to the Tor Project. Even though the project asks on its website and Twitter for users to report security issues, when he has he has usually been met with silence. "Over the last few years, I've tried to report some of these profiling methods (and solutions) to the Tor Project, but each time has resulted in failure," he wrote."Often, my attempts to report a vulnerability or profiling risk has been met with silence."
03/04/2017:Tor browser will rely on more Rust code
The Tor browser will take greater advantage of the Rust programming language developed by Mozilla to keep user interactions more secure, it has been revealed.
Although Tor developers have been gunning for the news for a long time (since 2014, in fact), the Mozilla-powered code will play a bigger role in the secretive browser's future.
According to Bleeping Computer, Tor developers met last week to discuss the future of the private browser and decided to use more of the C++-based code in future, hoping to replace the majority of its legacy C and C++ base in the coming months or years.
"We didn't fight about Rust or Go or modern C++. Instead, we focused on identifying goals for migrating Tor to a memory-safe language, and how to get there," Tor developer Sebastian Hahn said.
"With that frame of reference, Rust emerged as a extremely strong candidate for the incremental improvement style that we considered necessary."
The reason why it decided to make such a big change was because a tiny mistake in the C programming language used in the current version of Tor could have a huge impact on users, Tor developer Isis Agora Lovecruft said on Twitter.
"A tipping point in our conversation around 'which safe language' is the Tor Browser team needs Rust because more & more Firefox is in Rust. Also the barrier to entry for contributing to large OSS projects written in C is insanely high."
13/12/2016:The first sandboxed version of the Tor Browser was released in alpha last weekend, bringing privacy fans one step closer to secure browsing.
Version 0.0.2 of the software was released by Tor developer Yawning Angel on Saturday, who is tackling the project largely single-handed. Official binaries are yet to be released, but early adopters can take it for a spit by compiling the code themselves from GitHub.
The project has been a labour of love for Yawning Angel. "We never have time to do this," he said back in October. "We have a funding proposal to do this but I decided to do it separately from the Tor Browser team. I've been trying to do this since last year."
The efforts have been given new urgency by a zero-day vulnerability in Firefox. Discovered last month, the error was being used to de-anonymise Tor users, as the browser is heavily based on Firefox code.
Sandboxed instances of Tor are different from the normal version in that they run in a self-contained silo. This means that if an attacker uses an exploit against the browser, the amount of data it can collect through it from the rest of the machine and operating system is limited.
However, Yawning Angel has stressed that the software is still a very early alpha, and cannot be trusted to be entirely secure. "There are several unresolved issues that affect security and fingerprinting," he wrote as part of the software's README.
01/12/2016:A zero day vulnerability found in both Firefox and Tor web browsers has been exploited in the wild, allowing attackers to target users for their IP and MAC addresses.
Internet security firm Malwarebytes first discovered the flaw, which was shown to be almost identical to the one used by the FBI to expose Tor browser users in 2013.
Hackers were able to exploit Tor and Firefox browsers to send user hostnames and IP and MAC addresses to a remote server identified as 126.96.36.199, which has now been taken down.
"The goal is to leak user data with as minimal of a footprint as possible. There's no malicious code downloaded to disk, only shell code is ran directly from memory," said Jerome Segura, lead malware intelligence analyst at Malwarebytes.
"Browsers and their plugins remain the best attack vector to deliver malware or leak data via drive-by attacks," added Segura.
Malwarebytes recommend users adjust the security settings of their Tor browser to 'High' within the privacy settings, which will thwart any similar attacks of this kind. Users running the Malwarebytes Anti-Exploit tool will already by protected from the vulnerability. Both Mozilla and Tor have released patches to address the security flaw.
The term Tor can be used to refer to both the anonymous Tor network and the Tor Browser software used to access it. Designed for privacy and anonymity, it is used by journalists, hackers, privacy campaigners and criminals alike, and with around 2.5 million daily users, its the internets biggest avenue of anonymous online activity,
The systems aim is to prevent a users web activity (such as traffic, communication and search history) from being externally traced, usually by government or law enforcement agencies. Its commonly used to access whats known as the Dark Web hidden servers which are often used to host black market transactions.
Tor was originally known as The Onion Router, so named because it uses onion routing encryption protocols. This essentially functions like pass-the-parcel; data packets sent through Tor are secured with multiple layers of encryption.
They are then sent in a randomised pattern through Tors network of volunteer relay nodes. At each point in the relay, a layer of encryption is peeled away, which reveals the next point in the chain. Once the last layer of encryption has been removed, the data is passed on to its intended destination.
The key factor here is that each relay in the chain can only see the network location of the node immediately before and after it the one it received the data from, and the one its sending it to.
This means that at no point along the chain are both the sender and recipients network details visible at the same time, and thus cant be linked.
Tor is simply a network system, and can be used to provide untraceable access to any internet service or website. Its often used as an innocent precaution by those who dont want their actions traced by increasing levels of online government surveillance.
However, Tor also has a sinister side: the Dark Web. For obvious reasons, the prospect of untraceable web activity has proved very attractive to certain elements of society, and Tor has now become synonymous with varying levels of criminal activity.
Almost all of this activity occurs on servers inaccessible via standard web connections, known as hidden services. These servers are configured to only accept traffic coming from the Tor network, ensuring anonymity for both the servers operator and its users. They are also inaccessible from standard browsers.
Hidden services are extremely popular for the trade and distribution of illegal or objectionable materials. According to a study by Dr. Gareth Owen, narcotics alone are the subject of around 15 per cent of hidden services on the Dark Web, with hacking, fraud and counterfeiting all being popular topics.
Infamous Dark Web marketplaces like Silk Road and Evolution have brought this topic to the fore, and law enforcement agencies are becoming increasingly more aware of these services. The Tor network has apparently remained secure so far, but the US government, in particular, is heavily invested in cracking Tors integrity.
While many use the Deep Web and the Dark Web synonymously, important to note the distinction between the two.
As defined by Michael K. Bergman in his 2000 paper on the subject, the Deep Web refers simply to content that is not indexed by search engines, and thus extremely difficult for the average user to find.
The Dark Web, by contrast, is designed to be hidden from the rest of the internet. It consists of darknets; sub-sections of the internet which can only be accessed through systems like Tor.
The Dark Web is largely comprised of illegal or antisocial activity, while the Deep Web is often made up of innocuous but irrelevant web pages, such as archived content, multimedia elements or non-linked pages.
If youre looking to use Tor, be it for exploring the Dark Web or just for a little extra privacy, the first thing youll need is the Tor Browser, downloaded through The Tor Projects website. Its designed to be the best way to use Tor and is specially-configured to encrypt and protect your web traffic.
Available for Linux, Mac and PC, just download the Tor Browser installation file from the Tor Projects website, install it like any other browser, and following a brief setup, youll be all set to use Tor.
Youll also need a little patience. The relay method that makes Tor secure also means that its not quite as fast as a regular broadband connection, so you might find yourself waiting longer than usual for pages to load.
If youre just looking for the security of knowing no-one will be able to trace your everyday internet activity, then youre now all set to use Tor. Simply browse as normal, and the Tor network will do all the work to ensure that youre kept safe from prying eyes.
If you want to dive into the murky territory of the Dark Web, however, youll need to do a little homework first. Its not quite as simple as users may be used to, and given its dangerous nature, its best to go in prepared.
Before you do anything else, wed advise anyone thinking of engaging in any Dark Web activity to ensure theyve got the most up-to-date security possible; you never know whos out there, after all. Also, be very, very careful not to accidentally break any laws, and make sure you know where youre browsing to.
Once youve got Tor set up, youll need to start looking for Dark Web sites. Unlike regular websites, Tors hidden services arent accessible through regular web searches and dont have conventional web URLs.
Instead, theyre accessed through .onion addresses, which are 16-character alphanumeric strings, randomly generated when the hidden service is created. The .onion address for The Tor Projects homepage, for example, is http://idnxcnkne4qt76tg.onion/
Unless you know its specific address, you wont be able to access the hidden service. Some are a closely-guarded secret, but many of the more common Dark Net sites (both criminal and legitimate) are catalogued by directories like The Hidden Wiki, available as both a regular website and a hidden service.
There are also basic search engines like Torch, which crawl and index Dark Web sites based on content. Theyre nowhere near as sophisticated as regular search engines, though and are at a disadvantage due to the Dark Webs clandestine nature.
Of course, there are ways to access Dark Web sites without using the Tor Browser itself. Tor2Web is a project that uses Tor-based proxies to let users access Tor hidden services without using the Tor Browser itself.
With a standard web browser, adding the suffixes .to, .city, .cab or .direct to the end of any .onion Tor link will send your connection through to a proxy server configured to use onion routing protocols. This server will then visit the address on your behalf, and relay the page contents back to your browser.
However, while this method is far easier than installing the Tor Browser, it is inherently traceable and provides no anonymity to the user. Using the dedicated browser remains the safest method of traversing the Dark Web for anyone with more than an academic interest in its contents.
The rest is here:
Three vulnerabilities allow spies to detect Tor browsers - Cloud Pro
- Teejayx6 Will Steal Your Identityand Rap About It - WIRED - December 2nd, 2019
- Such as the struggle of the Venezuelan economy, some residents turn to a lucrative gig: Cybercrime - Herald Journalism 24 - December 2nd, 2019
- Smart users guide to the snooping game - Livemint - November 17th, 2019
- Privacy on your smartphone: how to protect your data - AndroidPIT - November 17th, 2019
- BBC News heads to the dark web with new Tor mirror - The Verge - October 27th, 2019
- The Tor Project releases Tor Browser 9.0 with several UX improvements - Neowin - October 27th, 2019
- Fraudulent Tor Browser Spies and Has Been Stealing The Bitcoins - GoodTime Nation - October 27th, 2019
- OnionShare Lets Anyone Host Anonymous Sites on the Dark Web - BleepingComputer - October 16th, 2019
- #SecTorCa: Millions of Phones Leaking Information Via Tor - Infosecurity Magazine - October 16th, 2019
- Is there anything we can do to stop someone spying on us? - Newstalk 106-108 fm - August 25th, 2017
- If you're really concerned about browser security, Incognito isn't enough - TechRepublic - August 20th, 2017
- The Daily Stormer has lost its lease, accessible only via Tor browser - The Moderate Voice - August 20th, 2017
- Tor Project 'disgusted' by Daily Stormer, defends software ethos - CNET - August 18th, 2017
- Neo-Nazi site Daily Stormer resurfaces with Russian domain following Google and GoDaddy bans - Vox - August 16th, 2017
- Tor Browser 7.0.4 Download - TechSpot - August 14th, 2017
- Debian-Based Tails 3.1 Anonymous OS Debuts with Tor Browser 7.0.4, Linux 4.9.30 - LXer (press release) - August 11th, 2017
- Tails 3.1 has been released but you'll need to do a manual upgrade - Neowin - August 10th, 2017
- China and Russia go further in squelching Internet freedom - Washington Post - August 10th, 2017
- The FBI Booby-Trapped a Video to Catch a Suspected Tor ... - Motherboard - August 9th, 2017
- Major Improvements Are Coming Soon to the Tor Browser - The Merkle - August 8th, 2017
- The Attack on Global Privacy Leaves Few Places To Turn - WIRED - August 4th, 2017
- Tor Co-Founder: There Is No Dark Web The Merkle - The Merkle - August 3rd, 2017
- Online privacy protection - Choice - CHOICE - August 2nd, 2017
- There Is Basically No Dark Web. It's Only A Few Webpages TOR Co-founder - Fossbytes - July 31st, 2017
- How to Install Tor Browser for Mac and Protect Your Online Activity - iDrop News - July 29th, 2017
- How to get around an ISP blocking a website - MyBroadband - July 26th, 2017
- Don't blame online anonymity for dark web drug deals. - Slate Magazine (blog) - July 26th, 2017
- Tor network will pay you to hack it through new bug bounty program ... - ZDNet - July 21st, 2017
- Tor Project to launch public bug bounty project - CIO Dive - July 21st, 2017
- How to access the dark web - The Daily Dot - July 20th, 2017
- Your Mailman Is a Drug Dealer. He Just Doesn't Know It. - WNYC - July 20th, 2017
- Want porn? Prove your age (or get a VPN) Naked Security - Naked Security - July 20th, 2017
- Suspected AlphaBay founder dies in Bangkok jail after shutdown of online black market - Washington Post - July 19th, 2017
- S. Sudan blocks Sudan Tribune website over hostile coverage - Sudan Tribune - July 19th, 2017
- Assassins and child porn; a darknet offers everything - The Slovak Spectator - July 19th, 2017
- Apple users warned of dangerous new Mac malware that steals banking credentials - ThaiVisa News - July 18th, 2017
- The best security apps to lock down your Android phone - The Daily Dot - July 14th, 2017
- Mozilla is held to a higher standard - Ghacks Technology News - July 14th, 2017
- Privacy blunder? Firefox's Get Add-ons page uses Google Analytics - Ghacks Technology News - July 13th, 2017
- Russia, China vow to kill off VPNs, Tor browser - The Register - July 11th, 2017
- How to safely search the deep web - The Age - The Age - July 11th, 2017
- ACLU's Gillmor on privacy: 'We pay for what we value' (Q&A) - The Parallax (blog) - July 10th, 2017
- What is Tor browser, and is it safe? | Komando.com - July 7th, 2017
- Darknet 101: Your guide to the badlands of the internet - CNET - CNET - July 5th, 2017
- In Reporting on North Korea, Tech Helps Break Through Secrecy - New York Times - July 5th, 2017
- How to safely search the deep web - The Sydney Morning Herald - July 5th, 2017
- TOR Browser - darkwebnews.com - July 5th, 2017
- How To Search The Deep Web Safely - Gizmodo Australia - July 5th, 2017
- Burleson man convicted of accessing child porn from dark website - Fort Worth Star Telegram - July 4th, 2017
- Here Brazilian Journalists Learn Privacy for Themselves and Their Sources - Brazzil.com - June 30th, 2017
- Purism aims to push privacy-centric laptops, tablets and phones to market - Computerworld - June 29th, 2017
- Brazilian site teaches journalists how to protect sources and personal data from digital attacks - Knight Center for Journalism in the Americas (blog) - June 29th, 2017
- The best ways to make your search private in 2017 - KnowTechie - June 28th, 2017
- Bill regulating online anonymizers unanimously passes first ruling in Russian Duma - Washington Times - June 24th, 2017
- The Burger King Ad That Activated Google Home Just Won A Prestigious Award - XDA Developers (blog) - June 24th, 2017
- Mozilla's new Android browser blocks ads and trackers - Boing Boing - June 22nd, 2017
- Secure OS Tails 3.0 Launches With Debian 9 Base, Redesigned ... - Tom's Hardware - June 15th, 2017
- Tails OS hits version 3.0, matches Debian's pace but bins 32-bit systems - The Register - June 14th, 2017
- Tor Browser 7.0 is released | The Tor Blog - June 10th, 2017
- Tor Browser 7.0 works harder to protect your anonymity on its own - Engadget - June 10th, 2017
- Tor Browser 7.0 released - gHacks Tech News - Ghacks Technology News - June 8th, 2017
- Tor Browser 7.0 arrives with multiprocess mode, content sandbox, and Unix domain sockets - VentureBeat - June 7th, 2017
- Wikipedians Want to Put Wikipedia on the Dark Web - Motherboard - June 7th, 2017
- What The Dark Web Is And How To Access It - Komando - June 3rd, 2017
- What is Deep Web and How is it Different from Dark Web - Guiding Tech (blog) - June 1st, 2017
- If You Think WannaCry is Huge, Wait for EternalRocks - Data Center Knowledge - June 1st, 2017
- DOJ, FBI Executives Approved Running a Child Porn Site - Motherboard - May 30th, 2017
- What is Tor, How It Works And Where to Download the Tor Browser? Everything You Need To Know - MobiPicker - May 30th, 2017
- WannaCry 2.0: EternalRocks author calls it quits - TheINQUIRER - The INQUIRER - May 28th, 2017
- Data For Sale: What Everyday Consumers Can Do To Keep Their Info Safe - Forbes - May 26th, 2017
- Fearing surveillance in the age of Trump, activists study up on digital anonymity - Washington Post - May 26th, 2017
- EternalRocks Attack Spreads While Using Same Exploit As WannaCry Ransomware - Yahoo News UK - May 23rd, 2017
- Tor browser for Android that is better than Orfox is in the works - Android Kenya (blog) - May 23rd, 2017
- Organizations Can Combat WannaCry & Jaff Ransomware With Well Instrumented DNS - Techzone360 - May 23rd, 2017
- This Spy App Can See If You've Visited Whistleblowing Sites on the Dark Web - Motherboard - May 20th, 2017
- Why Nigerian CIOs should care about the dark web - ITWeb Africa - May 20th, 2017
- A hack has put data of 17 million Zomato users at risk: Should India be worried? - DailyO - May 20th, 2017
- New Jaff Ransomware Part Of Active Necurs Spam Blitz - Threatpost - May 13th, 2017
- Tor Browser - TechRadar - May 6th, 2017
- Tor Browser Profiles Itself - Security Intelligence (blog) - May 4th, 2017