What Is Tor and Why Should I Use It?
Tor is one of the easiest ways to browse the web anonymously. But now that we have spoken the word “a”, we need to put a big asterisk next to it, because using Tor to hide your online activity comes with a number of caveats. Let’s take a look at what Tor does, who uses it, and most importantly, what Tor won’t do if you want to hide on the net.
How Tor works
Tor is short for The Onion Router (hence the logo). It was originally a worldwide server network, developed in conjunction with the US Navy, that allowed people to browse the Internet anonymously. It is now a not-for-profit organization whose main goal is to research and develop online privacy tools.
The Tor network hides your identity by encrypting your traffic and passing it through the various Tor relays on the network. Programmer Robert Heaton has a great description of how this preserves (in theory) anonymity:
When you visit a website using a regular web browser, your computer establishes a direct TCP connection to the website’s server. Anyone in control of your internet connection (or server connection) can trivially check the headers of your IP packets, detect the IP addresses of both you and the server, and conclude that you were communicating with each other. While you and the server were communicating over the encrypted HTTPS protocol, the analyzer will not be able to read the actual content of your messages. But – as Person X knows all too well – sometimes even just knowing who you are communicating with is all the information an adversary needs.
In contrast, when you visit a website using the Tor browser, your computer never communicates directly with the website’s server. Instead, the Tor browser builds a winding path through a random set of 3 Tor nodes and sends your data along that pattern. The browser starts by sending your data to the first (or guard) node in the chain. The protection node sends your data to the second (or middle) node. The middle node sends your data to the third (or exit) node, and finally, the exit node sends your data to the website server. The server sends its response back to the exit node, which takes care of relaying the response to you through the rest of the circuit.
All you have to do to access Tor is download the Tor browser . Launch it and everything you do in your browser will go through the Tor network. Most people don’t need to change any settings; it just works. However, since your data will pass through many relays, your Tor experience may be slower than normal Internet browsing.
Why Tor is good
Tor is useful for anyone looking to protect their online activities from the hands of advertisers, ISPs, and websites. This includes people who bypass censorship restrictions in their country, people who want to hide their IP address, or anyone who doesn’t want their browsing habits associated with them.
The Tor network can also host websites that are only accessible to other Tor users. In other words, you’ve now entered the world of the Dark Web or sites that aren’t indexed by the regular crawlers you use to find cute animals, buy items, and quiz answers. You can find everything from free textbooks to drugs on the Dark Web – and even worse – if you know the special URL that will take you to those sites. Proceed with caution.
What Tor Doesn’t Do
Tor sounds perfect on paper – it’s a free and simple system that you can use to power your underground life on the Internet. But this is far from the case. There are many ways to opt out of security and anonymity when using Tor. For example, consider the scenario by Paul Ducklin of Naked Security:
Although Tor exit nodes cannot determine where you are, thanks to the anonymizing effect of the entry security and middle relay (which changes frequently), they can actually see your final decrypted traffic and its final destination because it is an exit node. this removes the last layer of Tor encryption, which is a mix and a mystery.
In other words, if you are using Tor to navigate to a non-HTTPS (unencrypted) web page, then the Tor exit node that handles your traffic can not only track and modify your outgoing web requests, but also interfere with any responses that are returned. … …
While Tor can help disguise that it was your computer that made the initial request, say, to visit some sketchy internet forum and do all sorts of terrible things, it won’t do anything to help you if you create an account on this website. … And if this account is ever associated with illegal activity, payments and / or real addresses, it doesn’t really matter which browser or anonymization method you use to visit the site. In the end, you will not really hidden .
This is not all. Many of the ways you use a regular web browser can also betray your Tor identity – or at least leave enough breadcrumbs for the highlighted object to make it easier to figure out who you are. As the Tor project describes :
Tor Browser will block browser plugins like Flash, RealPlayer, Quicktime and others: they can be manipulated to reveal your IP address. Likewise, we do not recommend installing additional add-ons or plugins in the Tor Browser as they can bypass Tor or otherwise harm your anonymity and privacy.
Tor Browser will warn you before automatically opening documents that are processed by external applications. DO NOT MISS THIS WARNING. You have to be very careful when downloading documents over Tor (especially DOC and PDF files unless you are using the PDF viewer built into the Tor Browser), as these documents may contain Internet resources that will be downloaded outside of Tor by the application that has them opens. This will show your non-Tor IP. If you need to work with files downloaded via Tor, we strongly recommend either using a disconnected computer or using the danger zone to create secure PDF files that you can open. However, under no circumstances is it safe to use BitTorrent and Tor together.
And if the target is determined to find out who you are and is willing to provide you with some malware to get there, the mere fact that you are using Tor will not stop them. The FBI bust of Tor shows how it can work, as Motherboard reported back in 2013:
The big FBI arrest for child pornography this summer has also raised some suspicion from privacy advocates over how easy it is for feds to break into Tor. The FBI was able to hack into an anonymous network by injecting malware into a browser in order to determine what it called “the” biggest child porn presenter on the planet. ” In doing so, the malware exposed the IP addresses of hundreds of users.
So, is Tor worth using?
If you are a regular user who views cat GIFs and browses Facebook, you probably shouldn’t worry about the government spying on your activities. Tor will simply slow down your connection. It is more likely that you need to secure your Internet rather than anonymize it, for example when you are using public Wi-Fi . In this case, you need to make sure that you are using HTTPS on all sites that support it, and perhaps even a VPN to encrypt all your traffic when you are away from home.
If you don’t have a VPN, Tor is better than nothing, but I wouldn’t use it to log into any services, especially financial ones. You still don’t know who controls the various nodes in your relay, including this critical output node; I would rather trust my connection over a single source VPN (even if in theory you are still transferring your data through another entity).
In other words, unless you really need to be anonymous, don’t worry about Tor.
And if you want to stay anonymous because you download large files and don’t want people to see what you download – say through BitTorrent – Tor is not the best solution . Don’t be that jerk who slows down everyone else’s traffic for no reason. Just as important, you don’t have to remain anonymous at all . In this case, you need a VPN .
Remember, Tor isn’t just a “free VPN”. Both can help you achieve some anonymity on the Internet, but the approaches vary widely.
This article was originally published in February 2014 by Thorin Klosovsky. It was updated in December 2020 by David Murphy, who added new information about Tor, cited additional sources, updated hyperlinks, and updated images.