The Internet is not always a secure place for exchanging information. There are prying eyes on you ranging from Governments, local Internet Service Providers (ISP), or even hackers out there trying to get a piece of your information. Although current security measures are deemed “good enough” by most users, Tor has been created to go farther for users who want to get as anonymous and safe as possible.
What is Tor?
Tor a.k.a The Onion Router is a worldwide network that protects your identity online and enables you to browse the internet anonymously. Originally developed with the US Navy in the mid-90s, Tor project, a Non-profit organization (NPO) that advocates for internet privacy and security. Tor uses the onion routing technique to hide the information about its user’s identity and activities. The Tor logo represents an anonymous onion in reference to the technology used.
How does Tor work?
As mentioned above Tor uses the onion routing technique to keep your identity secret and your browsing activity anonymous.
There are volunteers for the Tor network who use their computer as “nodes” in the network. When you browse to a site using Tor, instead of sending your network packets directly to the server, Tor uses a passage of randomly assigned nodes to send your packet anonymously to the server without ever revealing your true identity.
It works very much like the broader internet does, except only using nodes (relays) that will ensure the user anonymity.
Why Use Tor?
Most people believe that their identity is fairly protected under normal usage conditions, but if you are not using a VPN or Tor, there’s a good chance your identity is already out, or easily traceable. If you want to make sure that your entire online activity and personal information stays secret, Tor can help.
Typical use cases for TOR include individuals who want evade hostile government censorship, people who want to avoid surveillance should use Tor to ensure maximum privacy over the Internet. Journalists, legal activists, whistle-blowers, people living in a country with censorship are the primary audience for Tor.
Many people think they can use Tor to download files on BitTorrent, but it’s not that simple. Using Tor as a proxy doesn’t always work because Torrent clients may just ignore the proxy. Secondly, that client can also package your actual IP address and send it to the P2P tracker. While your IP Address would be sent via the encrypted Tor network, it would still end up as being visible on the other end. Also, the Tor network is slower and is not designed to handle this amount of data. In general, using Tor for Torrent is NOT a good idea. An anonymous VPN (one that does not keep IP logs) is probably a better choice.
How to Use Tor and Stay Anonymous?
If you want to use Tor you can do so easily. Just download the Tor browser bundle which contains a preconfigured version of Firefox browser. Downloading the bundle and using it is straightforward (no settings required), but this does NOT yet mean you are completely anonymous.
You also need to change your browsing habits and make sure that you don’t log into Gmail, Facebook, or any other login that could be traced back to you while using Tor because while your IP remains anonymous, your (social media) profile isn’t. Use Tor with care if you want it to work. More tips below.
FBI managed to crackdown on some of the biggest dark web rings using a browser malware. The feds injected the malware into the browser which then revealed the (true) IP address of multiple users. This led to the arrest of one of the most notorious rings of cyber-criminals. This begged the question about whether or not law enforcement has a way to crack the Tor network and monitor its traffic. Luckily, they used a browser malware which is a typical exploit, and there is no proof that they can analyze the traffic on the Tor network.
Tips to stay anonymous:
- Use HTTPS instead of HTTP whenever possible.
- Disable Java, Javascript, and Flash because these could be used to identify your IP.
- Don’t use your real email/name on Tor websites.
- Don’t download files (via P2P) using Tor.
- Don’t log into services that can be tracked to you (official email, social media…)
- Prevent or Delete browser cookies which can be used to track you (Tor Browser does it automatically)
- Avoid using Google since it can track users by multiple ways (Ads, Android, Chrome, Search…). Others do it, but no-one has a wider net as Google, and all this information could potentially be cross-referenced to identify a user.
Pros of Tor
- Keeps your IP address hidden from web sites, ISPs, Advertisers. This information can be used to “spy” on your activities. While advertisers are often harmless (although annoying), repressive governments can obtain one’s identity by going through your online footprint.
- Lets you access the Deep Web.
Cons of Tor
- Higher latency, due to using multiple nodes hosted by peers, instead of a highly optimized public routing.
Tor for hosting sites
Most Tor users only care about browsing, but Tor also makes it possible to host sites and online services. It is often associated with illegal activities because it makes it easier for criminals to hide from the police, but it could also host forums for political dissidents, etc. In the end, there are various reasons to use the technology.
Tor allows websites to protect their anonymity by creating a server that does not require a domain or an IP. Both the server and the client do not require an IP address instead there is a 16-character link (Onion link) that’s used for accessing Deep Web sites.
Is Tor Illegal? What is the Deep Web and Dark Web?
No, it is not illegal: protecting your online information and keeping your identity secret is not illegal. Tor only helps you keep your information away from prying eyes, and that’s perfectly legal in most of the countries (check your local laws).
Deep Web is all the information on the Internet that is hidden from your regular search engines. This data includes government sites, large databases, intranet, etc. The (public) Internet is like an ocean, search engines like Google, Yahoo! Can only map and explore the surface of this ocean while Tor can also let you access the deeper parts of the Internet known as Deep Web. Deep Web is not illegal either because it includes legit information that’s just invisible to the regular search engines.
Deep Web should not be confused with Dark Web, which is made of private overlay networks that use the public Internet to transport data, but requires specific software and encryption to access the data. Those networks are called Dark Net. Darkweb addresses do not appear in regular network lists, and ping requests are not answered. It is estimated that the Deep Web is 96% of the web content, while the Surface Web (accessible by search engines etc…) only makes up 4% of the web.
Dark Web is used for privacy and security reasons for legitimate uses (Bitcoin services) or illegal trades (see Darkweb marketplaces), frauds or even terrorism.
Conclusion
Tor isn’t perfect and the user remains the weak point. With enough time and resources, the government can figure out who the user is, and it’s best to build a specific use case, instead of expecting a blanket of privacy. Tor is however used by journalists, the Military, the police and political activists worldwide.
Anonymity and security are two very different things. The Tor browser has all the security issues that browsers typically have. At this point, there is no proof that the Tor network was ever broken into, but users are still at the mercy of browser attacks. The FBI famously used a malware created by a former Tor developer to target criminals. Many organizations fight the government’s right to hack.
Although Tor can help you stay anonymous, keep in mind that your own behavior remains a weak point. If you log into any service that can be traced back to you it would weaken your position. It’s not easy to be anonymous on the web, and requires a strong discipline. Tor can save you a lot of time along the way.