Let’s talk about Tor (The Onion Routing Project), a secure anonymizing network that aims to offer privacy, and hence protection, to anyone who needs it for any reason.
First of all, let’s clarify some jargon:
- Clearnet: Clearnet refers to the unencrypted, unsecure non-Tor internet. This is what people think of as the ‘normal’ internet, the traditional world wide web. In clearnet, any website you visit knows your IP address and you reach the website in the first place by using it’s IP address (URL). It’s transparent, hence the term clearnet. For example: Google.com, Facebook.com, Twitter.com etc. are all on the clearnet.
- Surface Web: This is nearly the same thing as clearnet with one major difference. Search Engines can index all of Surface Web but not all of Clearnet. Let’s consider emails. When you search for something on Google, you don’t see other people’s private emails in there, do you? Those aren’t search engine indexable. Neither is your online banking page or any content that requires authentication or is hidden behind a paywall. Here, see for yourself.
- The front page of Gmail.com is indexable so we can search for it.
- But the link that opens up the Gmail inbox isn’t, so we don’t see everyone’s private emails here. Note that we still access it using clearnet, it’s just not available to search engines.
- Deep Web: The opposite of Surface Web. The bits of the internet (Tor and non-Tor) that a search engine cannot index are collectively called Deep Web.
- Darknet: Darknet is that part of the internet that can only be accessed by special software. This contains anonymizing networks such as Tor, freenet and i2p. Private peer-to-peer networks (say, a direct connection from your computer to your friends) are also termed Darknet. It is analogous to clearnet, some of it is searchable, some of it isn’t.
Tor was originally designed, implemented, and deployed as an anonymous routing project for the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the sole purpose of protecting government communications. Today, however, it has exponentially expanded, almost beyond measure and is used for a wide variety of purposes by the military, journalists, law enforcement officers, activists, and really just anyone seeking online privacy and anonymity.
Tor is a network of virtual tunnels that allows users to improve their privacy and security on the Internet. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
In a nutshell, Tor works by ‘bouncing’ your connection around the world through Tor relays. Every relay knows only two things: the previous relay that a packet of data came from and the next relay to which it must be forwarded. Since no single relay can know both the final destination and the original source, your connection is private.
That sounds a bit like proxies or VPNs. So why aren’t proxies or VPNs enough? Why do we need Tor?
Proxy servers and Virtual Private Networks act as middlemen through which we can, for example, visit websites without revealing our identity (IP address and location). We don’t connect to the website directly and nor the website to us. We are connected to the middleman and so is the website, effectively giving us a dummy IP address that actually belongs to the proxy or VPN server. So the website can’t know who we are. End of story. Or is it?
Enter Tor.
How is Tor different and why do we need it?
- The first reason is simple, Tor is more thorough. A connection through Tor typically takes 3 hops, your connection goes through 3 relays. One VPN or proxy means one hop. But what about proxy chains?
- Tor is encrypted. You can chain any number of proxies you want, but whether to encrypt the connection or not is up to each proxy. Tor protocol on the other hand, requires encrypted relay-to-relay connections. That is, not even a misbehaving relay (e.g: run by NSA) can see the entire path of any Tor user.
- Tor is used by many people, a crowd to disappear within. A single weak link in your personal proxy chain could lead directly back to you. Not to mention, your Tor circuit changes every ten minutes or so. You can of course try to accomplish the same with proxy chains by enforcing encryption and implementing dynamic routes and convince other people to use it and congratulations, you have reinvented Tor.
- The zero trust principle strikes again. A VPN is a single point of failure. A VPN knows who you are. A VPN could, in theory, be logging all the traffic it gets. VPN’s are run by companies. And if they’re hoping to make money (which is all of them), they must register somewhere (in some country). In doing so, they get a bunch of legal goodies: protection of assets, limited liabilities, tax benefits etc. but they also need to abide by the country’s laws and that means they may be subpoenaed (legally forced) to give up all their user logs. They could even be compelled by the government to install a backdoor and forced not to tell the world about it. If only VPN companies were as big and powerful as Yahoo. Oh, wait. If this wasn’t bad enough, there’s also:
- Paying for a VPN leaves a money trail that leads directly to you. (Even if you pay in bitcoin)
- Not paying for a VPN leads to the question “Does this VPN run on fairy dust?” No. It runs on servers. It needs electricity. It needs bandwidth. It needs software developers. All of which costs money. If you’re not paying for a product, you are the product.
- Even if a VPN provider says they don’t keep logs, you have to take their word for it. Sure. In this day and age, trust is simply not good enough.
- No software can ever be completely secure. Same goes for Tor. However, Tor is open source and decentralized. The same cannot be said of a VPN (or a proxy). They can run whatever code they want on their server. Tor is regularly audited for security holes, any zero-day exploits are patched quickly and while Tor isn’t perfect, it is the best we can do and it’s often enough. After all, security is a cat and mouse game. You either keep on running or you lose.
Edward Snowden uses Tor. And he’s alive and kicking and tweeting. If that isn’t a testament to Tor’s power, I don’t know what is.
So now that we’ve answered “Why Tor?”, let’s take a look at what all Tor can do for you.
- Individuals use Tor to keep websites from tracking them, or to connect to news sites, instant messaging services, or the likes when these are blocked by their internet providers or an oppressive regime.
- Tor’s hidden services let users publish websites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication, for example: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
- Journalists use Tor to communicate more safely with whistleblowers and dissidents (Edward Snowden, for example).
- Even governments use Tor for intelligence gathering. Law enforcement agencies use Tor for visiting or surveilling web sites without leaving government IP addresses in their traffic logs, and for secure communications during sting operations.
- Tor lets you securely browse the clearnet without leaving a trace (technically you do leave a trace but with Tor, the trace doesn’t lead back to you)
- Tor gives you access to the darknet, the hidden world of the .onion domains.
You now have one piece of the puzzle. The story isn’t over yet. Head over to How Tor Works to get one step closer to seeing the big picture.
Want to be a real hacker? Sign Up!