Tor (The Onion Router): Difference between revisions
Thomasmann (talk | contribs) mNo edit summary |
|||
Line 8: | Line 8: | ||
Normal proxies forward your data using a single server: they hide your computer IP from websites you visit by placing themselves in the middle of the data transfer. But your privacy could still be compromised by the owner of that single proxy, or by a hostile party monitoring the proxy server. | Normal proxies forward your data using a single server: they hide your computer IP from websites you visit by placing themselves in the middle of the data transfer. But your privacy could still be compromised by the owner of that single proxy, or by a hostile party monitoring the proxy server. | ||
The Tor network uses "onion layer routing," called this because it resembles the the layers of an onion. Instead of data being routed through a single proxy, everything will be send encrypted using a chain of proxies, routing your browser's request for pages through a minimum of three servers, often located in different countries. If a Tor server administrator has followed the instructions for setting up their server, then no logs will be kept of traffic through the server. This makes it impossible to compromise people's security, even if the server is seized. The proxy chain is also set up to keep changing servers every few minutes, so for a major spy agency to be able to spy on the Tor network they would have to control ''all'' of the servers in the Tor network--controlling just a few servers would not be enough to track down a user. The Tor network is known to be somewhat slow and is not recommended for downloading large files. The speed it provides is normally enough to anonymously browse websites that are not too heavy on photos or videos, though it can cause the buffering of streaming videos. | The Tor network uses "onion layer routing," called this because it resembles the the layers of an onion. Instead of data being routed through a single proxy, everything will be send [[Encryption|encrypted]] using a chain of proxies, routing your browser's request for pages through a minimum of three servers, often located in different countries. If a Tor server administrator has followed the instructions for setting up their server, then no logs will be kept of traffic through the server. This makes it impossible to compromise people's security, even if the server is seized. The proxy chain is also set up to keep changing servers every few minutes, so for a major spy agency to be able to spy on the Tor network they would have to control ''all'' of the servers in the Tor network--controlling just a few servers would not be enough to track down a user. The Tor network is known to be somewhat slow and is not recommended for downloading large files. The speed it provides is normally enough to anonymously browse websites that are not too heavy on photos or videos, though it can cause the buffering of streaming videos. | ||
To access the Tor network the end user runs a program called a Tor client (a special Internet browser) on his computer, this comes with an extra filtering program (like [[Privoxy]]) between the Tor client and the Internet browser on the local computer due to the risk of applications like Java revealing user information. Any Tor user with sufficient bandwidth can also choose to run a proxy allowing other Tor users to route traffic through his computer, but one has to be very careful when running an Tor "exit" node, which is the last computer in the chain, and the one that connects directly to the site you are visiting. | To access the Tor network the end user runs a program called a Tor client (a special Internet browser) on his computer, this comes with an extra filtering program (like [[Privoxy]]) between the Tor client and the Internet browser on the local computer due to the risk of applications like Java revealing user information. Any Tor user with sufficient bandwidth can also choose to run a proxy allowing other Tor users to route traffic through his computer, but one has to be very careful when running an Tor "exit" node, which is the last computer in the chain, and the one that connects directly to the site you are visiting. | ||
Line 23: | Line 23: | ||
==See also== | ==See also== | ||
[[Javascript exploit defeats Tor if javascript is enabled in the browser]] | *[[Encryption]] | ||
*[[Javascript exploit defeats Tor if javascript is enabled in the browser]] | |||
== External links == | == External links == |
Revision as of 19:38, 30 April 2016
Tor is a free open source project providing people with a proxy to make their computer IP address anonymous when surfing the Internet.
- NOTE: This article gives some of the technical details on how Tor works. If you'd like to skip the technical information, then just see link to the Tor Project homepage at the end of this article, visit the Tor homepage, download the browser bundle, and install it. You should make sure that the "global scripts option" (the "S" with a circle and line through it, found on the the upper-left corner of your screen) is set to not allow scripts. (You can disable this option, and enable scripts, for visiting "safe" sites which do not contain sensitive information.) Using Tor, you can begin to surf the Internet safely and securely. (Note: Never try to download bit torrents that contain sensitive information through Tor--you are NOT protected from others monitoring your downloads, and your real IP address will be exposed! Also, you should NEVER combine the visiting of sites which have the details of your real-life identity at the same time that you visit "sensitive" sites. Only do one thing at a time--browsing that involves your "real-life identity," should not be done at the same time that you are using Tor to visit "sensitive" sites (like BoyChat, for example) Remember: close your Tor browser, and then start it again to protect your real-life identity and to keep yourself safe.
Now to the technical details about Tor.
Normal proxies forward your data using a single server: they hide your computer IP from websites you visit by placing themselves in the middle of the data transfer. But your privacy could still be compromised by the owner of that single proxy, or by a hostile party monitoring the proxy server.
The Tor network uses "onion layer routing," called this because it resembles the the layers of an onion. Instead of data being routed through a single proxy, everything will be send encrypted using a chain of proxies, routing your browser's request for pages through a minimum of three servers, often located in different countries. If a Tor server administrator has followed the instructions for setting up their server, then no logs will be kept of traffic through the server. This makes it impossible to compromise people's security, even if the server is seized. The proxy chain is also set up to keep changing servers every few minutes, so for a major spy agency to be able to spy on the Tor network they would have to control all of the servers in the Tor network--controlling just a few servers would not be enough to track down a user. The Tor network is known to be somewhat slow and is not recommended for downloading large files. The speed it provides is normally enough to anonymously browse websites that are not too heavy on photos or videos, though it can cause the buffering of streaming videos.
To access the Tor network the end user runs a program called a Tor client (a special Internet browser) on his computer, this comes with an extra filtering program (like Privoxy) between the Tor client and the Internet browser on the local computer due to the risk of applications like Java revealing user information. Any Tor user with sufficient bandwidth can also choose to run a proxy allowing other Tor users to route traffic through his computer, but one has to be very careful when running an Tor "exit" node, which is the last computer in the chain, and the one that connects directly to the site you are visiting.
Used correctly, Tor protects one's anonymity. But there can be problems: In 2013 Ross William Ulbricht was arrested for running a Web site--Silk Road--using Tor. It was primarily a marketplace where illegal drug sellers and buyers could connect. He was sentenced to life in prison without parole. (See Wikipedia for information on how his site was compromised by the legal authorities.)
The Tor technology is attractive to boylovers because of the anonymity offered by the proxy network. Some sites, such as Wikipedia, restrict access or posting using Tor software, to reduce spam and malicious hackers. BoyChat for example, will only allow people to post using Tor if they have a registered nick. The Tor network also hosts hidden sites that can not be taken offline because it is not possible to work out which server is hosting them, however these sites, with the extension .onion, are only accessible if you run Torsoftware in your computer.
Tor and live CD
Even when you use Tor it could still be possible for someone to see information on your computer hard drive, and to look at your drive's contents--websites that you have visited using Tor proxy can be found in the Internet browser cache (if it is enabled). But if you use the "Tor browser bundle," with the special version of Firefox that comes with it, then you do not have to worry about your browser cache being stored on your computer.
Using a "live CD" to browse the Internet avoids leaving any traces of your browsing history on your hard drive, because after you have finished browsing using a live CD all of the data held in volatile RAM memory will disappear, and recovery will not be possible. A live CD (i.e. Tails) with Tor is one of the most powerful anonymity tools that exist.