Tor (formerly an acronym for The Onion Router) is often touted as a way to browse the web anonymously. From human rights activists evading oppressive governments to drug dealers selling through online marketplaces, Tor is a popular way to gain significantly more anonymity than you would normally have online. At the same time, Tor isnt perfect, so it can provide a false sense of security if used incorrectly.
In this article, well look at what Tor is and isnt. Then, well take a look at how it works, how it compares to VPN services, and how to stay safe. Youll learn all about Tor and be ready to use it with confidence, knowing that you wont make any beginner mistakes that would compromise your anonymity.
Using the Tor Browser is similar to using any other web browser. Although the process of starting up the browser differs slightly from Chrome or Firefox (Tor must configure a connection to the Tor network before the browser can start), actually browsing the web with Tor is pretty intuitive.
The main difference is that when you browse the web with Tor, your real IP address and other system information is obscured from the websites and services you're visiting. Additionally, it also hides what you're doing from your Internet Service Provider.
The primary uses of Tor are the following:
Using Tor offers a number of privacy and anonymity protections over directly connecting to a website. That said, it also presents some challenges.
The concepts underpinning Tor namely, onion routing were developed by the United States government in the 1990s. It was originally designed to protect the communications of US intelligence agencies across the Internet. The original code for Tor was released under a free and open-source software license by the United States Naval Research Laboratory, allowing other people and organizations to contribute to the project.
Since 2006, a nonprofit called The Tor Project has been responsible for maintaining Tor and the Tor Browser. Financial support comes from corporations like Google, organizations such as Human Rights Watch, and many others.
There are two things people may mean when they say Tor: the networking system and the Tor Browser.
To anonymize Internet usage, Tor routes traffic through multiple randomly-chosen relay servers before accessing the destination website. There are over 7,000 of these servers, which mostly belong to volunteers. The request is encrypted multiple times, so the relay servers only know the previous relay and the next relay, but not the request contents or the full circuit. The network request finally exits the Tor network at an exit node. From the websites perspective, you are browsing directly from the exit node.
Tor hidden services, which will be covered below, are accessed in a slightly different way from standard websites they use .onion domain names and are inaccessible from the regular web.
To actually use Tor to anonymize your communications, you run the Tor Browser on your computer. The Tor Browser is a modified version of Mozilla Firefox that connects to the internet via the Tor network. In addition to the functionality necessary to use Tor, the Tor Browser also bundles a number of extensions that help users maintain their privacy. For example, the NoScript extension is bundled with Tor out of the box, meaning that users have to manually approve individual JavaScript files before they can runhelping to protect against fingerprinting and browser security exploits.
Although Tor is frequently used by privacy-conscious people and those looking to avoid surveillance, it isnt perfect. Simple mistakes can make hours of meticulous privacy protection useless, so it pays to be especially careful when browsing with Tor. Here are some things you should look out for:
Even though Tor encrypts data between the users computer and servers in the Tor network and within the Tor network, it does not encrypt the final part of the connection between the exit node and the destination server. As a result, it is possible for a government or internet service provider to eavesdrop on traffic between the exit node and destination servers. Since the full list of Tor exit nodes is publicly available, any unencrypted traffic leaving exit nodes is likely to be monitored closely.
Another security concern is when the entry relay and exit relay both exist on the same Internet autonomous system (AS) like if the same network operator owns both IP addresses. If this is the case, it is possible for that network operator to use timing-based statistical techniques to determine that a particular network request originated from a particular computer. This technique is difficult to execute, so its usually only possible for governments to pull off. Additionally, it can be expensive, so it is not usually a concern except for high-value targets.
Other signals may also be used to fingerprint users. If you happen to be browsing a compromised website using Tor with JavaScript enabled (or the website youre browsing uses compromised third-party JavaScript), its possible for the attacker to determine who you are based on your mouse movements. Most people move their mouse in a distinct way which can be used to correlate a Tor browsing session with a regular, non-Tor browsing session.
As with regular web browsing, it is always possible to have your web browser compromised as a result of a security bug. While modern browsers, including the Firefox-based Tor Browser, include very good exploit protection, the kinds of adversaries that target Tor users also stockpile browser exploits that browser vendors are completely unaware of (known as zero-day bugs).
Although most security considerations for Tor are only applicable to the most paranoid users, its still a good idea to follow some safety guidelines. Anyone using Tor is automatically enough of a surveillance target that protecting your security is important.
Tor hidden services, onion services, or Tor websites are websites that are only accessible from within the Tor network. All hidden service domain names end in .onion and consist of a very long of seemingly-random characters. Collectively, Tor hidden services are sometimes referred to as the dark web.
These websites are not indexed by and won't appear on search engines like Google. Instead, a number of user-created directories of hidden services allow you to find the sites youre looking for.
The term dark web generally evokes a mental image of criminals selling illegal services through sketchy Tor-based marketplaces. Although much of the news surrounding Tor and Tor hidden services makes it seem as though using them is like walking down a dark alley at night, there are plenty of perfectly legitimate uses for hidden services as well.
Sites like Facebook, DuckDuckGo, and The New York Times run versions of their sites with .onion addresses for journalists and activists living under oppressive regimes.
Some extremely privacy-conscious individuals make their blogs or websites exclusively accessible through Tor hidden services so that their real-life identity cannot be determined.
The US government has steadily improved its technologies for catching and prosecuting criminals who use Tor for illegal purposes. As mentioned above, Tor is vulnerable to timing attacks and other types of advanced compromises that require government-like resources. For that reason, a government with sufficient resources can deanonymize some Tor requests if they control the right internet service providers (which is almost always true of the American government).
While using Tor itself is perfectly legal, there is plenty of illegal activity involving Tor, so be sure to watch out when visiting hidden services so that you dont accidentally end up on a sketchy .onion site. If you decide to access the Dark or the Deep web, do it in a safe way.
Virtual private network (VPN) services are frequently marketed as a way to improve privacy or gain anonymity. In reality, VPN services can be hit-and-miss when it comes to privacy. Some are certainly better at protecting data than Tor, whereas others will compromise your privacy more than not using one at all.
VPNs are point-to-point tunnels. Network traffic travels in an encrypted tunnel from the users computer all the way to the VPN providers network and is forwarded onto the destination server. In that sense, they are similar to Tor.
The most problematic aspect of VPN service marketing is the no-logging policy." Most VPN providers advertise that they do not log how their services are used, so users can feel confident using the service with no legal ramifications. However, there are few ways this claim can be proven beyond a reasonable doubt. So if you do end up choosing a VPN for privacy, it's best to go with one that has had its no-logs policy tested in the wild due to some police investigation, or at least one that has had the infrastructure audited by a trustworthy, independent third-party.
The biggest advantages of VPNs over Tor include much better connection speeds for downloading videos and other large files. Also, with a VPN, you can choose the server your data is routed through, or at least the country in which that server is located. Finally, it is far easier to use a VPN systemwide than it is to use Tor outside of Tor Browser.
Whether youre using Tor or a VPN service, be careful not to leak your actual IP address through browser plugins or by logging into an account that would nullify your anonymity.
Read more: Tor over VPN
Yes. In most of the world, using Tor is perfectly legal. However, there are plenty of illegal activities that can be facilitated with Tor hidden services, so Tor usage may be seen as suspicious by many governments or internet service providers.
Tor Browser, the recommended way to use Tor, uses DuckDuckGo by default. That said, you can use any other search engine you choosebut note that DuckDuckGo uses the least tracking of any major search engine.
Yes. While Tor obscures your IP (so long as you dont accidentally reveal itsee the next section) and Tor Browser includes a variety of anonymizing features that make tracking harder, you still have to be very careful to avoid leaking information that could be used to track you. Dont log into accounts that you use with other browsers or do anything else that would make your browsing session personally identifiable.
Yes, assuming that you dont accidentally leak it. Websites you visit while using Tor will see the IP address of the Tor exit node you are using, not your actual IP. However, browser plugins and torrenting applications can easily leak your actual IP address if you arent careful. Additionally, there are a number of other ways to track users aside from IP addresses. Be sure not to reveal your identity in any other way, like signing into an account you use from another connection. Tor Browser includes a variety of tracking prevention features that help prevent unique browser and device characteristics from being used to fingerprint you across the web. No matter what, vigilance is always necessary to protect your anonymity.
Not reliably. The Chinese governments Great Firewall prevents connections to much of the outside world, including practically all parts of the Tor network. Using Tor in China is significantly more complicated than in most other parts of the world; it generally requires tunneling traffic to another country and then using Tor over that connection. If you already have a VPN that works for getting access to websites that are blocked in mainland China, you may be able to use Tor through that VPN, which can improve your privacy significantly.
If you want to protect your privacy and anonymity as much as possible while browsing the web, Tor and the Tor Browser may be a good choice. Tor is a widely used and well-studied way to avoid surveillance and censorship from internet service providers and government agencies. It also offers access to .onion hidden services, which are used for avoiding oppressive regimes (and, occasionally, less-noble activities as well).
To use Tor effectively, you must be mindful of a variety of security and privacy concerns, as laid out earlier in this article. Depending on your threat model which potential threats you want to protect against you may need to take aggressive measures to keep your browsing anonymous, some of which can make browsing inconvenient.
Virtual private network (VPN) services are marketed similarly to Tor. However, while they offer significantly higher speeds, their protection against surveillance depends on the specific service provider.
In conclusion, Tor is a powerful tool that must be wielded smartly. It can allow you to avoid all kinds of digital oppressionjust like journalists and human rights activists do around the world every day. If used incorrectly, it will only provide a false sense of security. By understanding and following the recommendations made in this article, youll be ready to make use of Tor correctly and in an effective manner.
See the original post here:
What is Tor (Browser) & How does it work? | CyberNews
- Tor Browser Has a New WebTunnel Feature to Avoid Censorship - How-To Geek - March 14th, 2024 [March 14th, 2024]
- The CIA Is Now Trying to Recruit Russian Spies On Telegram - TIME - May 18th, 2023 [May 18th, 2023]
- Dark Web Alerts: Identifying Criminal Data Exposure on the Dark Web - Security Boulevard - May 18th, 2023 [May 18th, 2023]
- Mullvad aces security audit with this new privacy tool - TechRadar - May 18th, 2023 [May 18th, 2023]
- Billions of Google Chrome users warned to avoid browser over red alert privacy concerns check your sett... - The US Sun - May 18th, 2023 [May 18th, 2023]
- How the decision on Space Command's home will be made - POLITICO - May 18th, 2023 [May 18th, 2023]
- Bitcoin Mixers: Clearnet vs. Darknet Which Offers Greater Anonymity? - Crypto Mode - April 27th, 2023 [April 27th, 2023]
- Matt Taibbi: Report on the Censorship-Industrial Complex - Scheerpost.com - April 27th, 2023 [April 27th, 2023]
- The Ultimate 2023 Guide to The Tor Browser Explained - Pixel Privacy - January 31st, 2023 [January 31st, 2023]
- What is Tor & How Do You Use It? Microsoft 365 - January 17th, 2023 [January 17th, 2023]
- Improving privacy when browsing web: Alternative browsers and chrome extensions - HackRead - October 19th, 2022 [October 19th, 2022]
- Tor Browser Bundle - Free download and software reviews - CNET Download - October 11th, 2022 [October 11th, 2022]
- Hacktivists seek to aid Iran protests with cyberattacks and tips on how to bypass internet censorship - CNBC - October 11th, 2022 [October 11th, 2022]
- This security firm claims to have the right tool for your privacy, and it's not a VPN - TechRadar - September 15th, 2022 [September 15th, 2022]
- A VPN Isn't the Only Way to Change Your IP Address - CNET - September 11th, 2022 [September 11th, 2022]
- Hi, I'll be your ransomware negotiator today but don't tell the crooks that - The Register - August 6th, 2022 [August 6th, 2022]
- Rewards for Justice Reward Offer for Information on Russian Interference in U.S. Elections - United States Department of State - Department of State - July 29th, 2022 [July 29th, 2022]
- How Tor Is Fightingand BeatingRussian Censorship - WIRED - July 29th, 2022 [July 29th, 2022]
- What Is Incognito Mode And Should You Be Using It? - Forbes - July 29th, 2022 [July 29th, 2022]
- TOR Browser - Onion VPN on the App Store - July 17th, 2022 [July 17th, 2022]
- Tor Browser now bypasses internet censorship automatically - BleepingComputer - July 17th, 2022 [July 17th, 2022]
- The dangers of the dark web: being safe online - Open Access Government - July 13th, 2022 [July 13th, 2022]
- Tor vs VPN: Which One Should You Use? - Dignited - June 30th, 2022 [June 30th, 2022]
- Rewards for Justice Offers Up to $10 Million for Information on Foreign Interference in US Elections - HS Today - HSToday - June 30th, 2022 [June 30th, 2022]
- Kremlin tightens control over Russians' online lives threatening domestic freedoms and the global internet - Jacksonville Journal-Courier - June 30th, 2022 [June 30th, 2022]
- Defence in Amanda Todd 'sextortion' trial zeroes in on missing data - The Tri-City News - June 30th, 2022 [June 30th, 2022]
- Now that 'Roe' has been overturned, it's up to the tech industry to protect our data - Fast Company - June 30th, 2022 [June 30th, 2022]
- QAnon Is Celebrating the Return of Its Leader After 18 Months of Silence - VICE - June 30th, 2022 [June 30th, 2022]
- 3 ways to find out if your passwords are being sold on the Dark Web - Komando - June 22nd, 2022 [June 22nd, 2022]
- EXPLAINER: EFCC 'Linked Naira Marley to the Dark Web'. Here's What You Need to Know About the Internet's Most Hidden Part - FIJ NG - June 11th, 2022 [June 11th, 2022]
- What is the Dark Web? - AOL - May 28th, 2022 [May 28th, 2022]
- Cookie Banners Can Be AnnoyingHere's How To Block Them - WRAL News - May 28th, 2022 [May 28th, 2022]
- DuckDuckGo tries to explain why its browsers won't block some Microsoft web trackers - The Register - May 28th, 2022 [May 28th, 2022]
- Proton VPN Secure Core: what it is and when you should use it - TechRadar - May 28th, 2022 [May 28th, 2022]
- How to Download & Install Tor Browser in Windows 10 - May 7th, 2022 [May 7th, 2022]
- How to Unblock a Webpage from Behind a Firewall - Beebom - May 7th, 2022 [May 7th, 2022]
- Download Tor Browser For Windows & MAC (Offline Installer) - May 1st, 2022 [May 1st, 2022]
- Tor Browser - Dark Web Portal Exposed | Dark Web Wiki - May 1st, 2022 [May 1st, 2022]
- Top 10 dark web links & Tor websites for 2022 - Surfshark - May 1st, 2022 [May 1st, 2022]
- How to Install the Tor Browser on a Chromebook - May 1st, 2022 [May 1st, 2022]
- How to Anonymous access to the dark web with Tor - BollyInside - May 1st, 2022 [May 1st, 2022]
- How to Change the Tor Browser Language - How-To Geek - April 29th, 2022 [April 29th, 2022]
- Bites of Life: Shining Light on the Dark Web - Macalester College The Mac Weekly - April 29th, 2022 [April 29th, 2022]
- How to protect against the weakest link in cybersecurity THE USERS - Security Boulevard - April 29th, 2022 [April 29th, 2022]
- What Is Dark Social and Why It Matters - Legal Talk Network - April 29th, 2022 [April 29th, 2022]
- IP bans - why they happen and how to prevent them - Oneindia - April 29th, 2022 [April 29th, 2022]
- Deep Web Tor Browser - Tor Links - Onion Links (2022) - April 20th, 2022 [April 20th, 2022]
- How to Install and Use the Tor Browser on Linux - April 20th, 2022 [April 20th, 2022]
- The Best VPN for Binance 2022 [How to Use Binance With a VPN] - Cloudwards - April 20th, 2022 [April 20th, 2022]
- Three tactics for security providers in the age of Dark Web collaboration - SecurityInfoWatch - April 20th, 2022 [April 20th, 2022]
- Simple way to Install Tor Browser in Rocky Linux 8 - Linux Shout - March 17th, 2022 [March 17th, 2022]
- Laptop in Veltman apartment had what appeared to be 'hate-related material': docs - Lethbridge News Now - March 17th, 2022 [March 17th, 2022]
- How to Access Blocked Websites anywhere and for Free - BollyInside - March 17th, 2022 [March 17th, 2022]
- Download Tor Browser for Mac - Free - 10.0 - Digital Trends - March 11th, 2022 [March 11th, 2022]
- Open in Tor Browser Get this Extension for Firefox (en-US) - March 11th, 2022 [March 11th, 2022]
- Use Brave Private Browsing with Tor to Hide IP Address - OSXDaily - February 21st, 2022 [February 21st, 2022]
- Are Crypto Transactions More Transparent Than Wire Transfers? - InvestingCube - February 21st, 2022 [February 21st, 2022]
- The Truth about Dark Web Is It Really Dangerous? - Crypto Mode - February 21st, 2022 [February 21st, 2022]
- Tech-Savvy Professionals Among 22 Arrested In Dark Web Narcotics Operation - NDTV - February 15th, 2022 [February 15th, 2022]
- Download Tor Browser for Windows - Free - 11.0.3 - February 1st, 2022 [February 1st, 2022]
- Tor Project heads to Russian court to appeal against censorship - The Daily Swig - February 1st, 2022 [February 1st, 2022]
- Firefox Monitor may remove personal information now from the Internet - Ghacks Technology News - December 9th, 2021 [December 9th, 2021]
- The Real Russia. Today. Reining in an unruly Communist Party Meduza - Meduza - December 9th, 2021 [December 9th, 2021]
- See the stunning mansion Josh Duggar is calling home during his child pornography trial ahead of possible... - The US Sun - December 9th, 2021 [December 9th, 2021]
- Whats the Difference Between the Deep Web and the Dark Web? - How-To Geek - December 9th, 2021 [December 9th, 2021]
- How to Access the Dark Web Complete Guide? - The Bulletin Time - December 7th, 2021 [December 7th, 2021]
- Theres More to Threat Intelligence Than Dark Web Monitoring - Security Boulevard - November 25th, 2021 [November 25th, 2021]
- You have to work on this through the routeras options diet plan, as some items immediately restore previous setup after a forced reboot - ADOTAS - November 25th, 2021 [November 25th, 2021]
- Privacy-Protective Internet Browser Tor Is Running Low on Servers - Gizmodo - November 23rd, 2021 [November 23rd, 2021]
- Yes, the Internet has become safer but a VPN is still needed - TechGenix - November 19th, 2021 [November 19th, 2021]
- Scots businessman caught with the 'most serious' category of child abuse images jailed - Scottish Daily Record - November 19th, 2021 [November 19th, 2021]
- Anna and Josh Duggar welcomed daughter Madyson Lily on October 23, their 7th child * starcasm.net - Starcasm - November 17th, 2021 [November 17th, 2021]
- Tor Browser (Alpha) 11.0.9 Download | TechSpot - November 5th, 2021 [November 5th, 2021]
- US government offers $10 million bounty for information on Colonial Pipeline hackers - The Verge - November 5th, 2021 [November 5th, 2021]
- The Tor Browser: What is it and why would you use it ... - October 24th, 2021 [October 24th, 2021]
- Tor Explained: What is Tor? How Does It Work? Is It Illegal? - October 21st, 2021 [October 21st, 2021]
- Alternatives to Using a VPN That Provided Excellent Anonymity While Online - TechBullion - October 21st, 2021 [October 21st, 2021]
- Slicing open The Onion Router (Tor) with no tears - ComputerWeekly.com - October 19th, 2021 [October 19th, 2021]
- What is the dark web? - fox4kc.com - October 19th, 2021 [October 19th, 2021]
- Use of VPNs in India spiking because of blocked websites, experts say ban proposal will not help users - India Today - October 19th, 2021 [October 19th, 2021]