TOR, the onion router

TOR has many parts.   They fall into three general categories:  Clients (using the TOR browser), and servers (“hidden servers”) are used to both anonymize the user’s IP address and to reach hidden servers.   Hidden servers can hide their IP address and the physical location associated with that IP address.   Then there is the TOR network itself.

Browser (client):  Most of us will only use the TOR browser:  it is like other browsers (Chrome, Firefox, Internet Explorer, Safari, Opera, ..) but it is different in at least these ways:

  • It uses the TOR network to anonymize (hide) the IP address which is your network location that can be used to locate you.   The location of many IP addresses can readily be mapped through such services as http://utrace.de .   On first start, it maps your current location, but you can type in another valid IP address and see its associated physical location.  Try google’s domain server address 8.8.8.8 — it will show it is registered to google in Mountainview: http://www.utrace.de/?query=8.8.8.8 .  To anonymize (hide) your IP address, and therefore your location, TOR passes your network traffic through a series of routers (as if through layers of an onion?), making it difficult to backtrack to your real location.  TOR browsers do not protect your privacy if you willingly put your real name and other information on the site you visit with the TOR browser.
  • The TOR browser is able to connect to “hidden servers” on the “dark web”.  Hidden servers have a  “.onion” extension instead of .com, .edu, .org, or other commonly recognized “top level domains”.    Conventional browsers cannot reach those sites.
  • CAUTION:  You really do need to change your habits and be aware of the basic warnings and known issues where using TOR browser does not give you the protection you might assume:  Read the “caution page” on the TOR project site. Among the “insecure behaviors” is opening documents that you downloaded, while connected to the internet (because opening documents can trigger a “phone home” action that bypasses TOR, and reveal your real IP address and thus your real location). 

Servers:  Sometimes you might want to set up a hidden server on the TOR network, which will hide your IP address and the physical location associated with that IP address.  Many precautions should be taken before you gain full benefit of IP address privacy using a hidden server.

  • DuckDuckGo has a hidden server on TOR:   the URL is http://3g2upl4pq6kufc4m.onion/, which will only work when you type it into the TOR browser.  It will not work in your regular Chrome or Firefox browser.
  • News organizations use SecureDrop hidden servers on TOR to protect both whistleblowers and journalists, since no IP addresses (and related locations) are part of the transaction.
  • If you are supporting an organization or communicating with people who live under oppressive regimes — obvious ones such as Syria, Russia (?),  it might not be safe to reveal your real IP address and give away your location.    If you need a server, send me a note on the Contact page.

Network:   It is entirely possible to help extend the TOR network by joining and volunteering to be part of the TOR network of interconnected systems.   Typically you would not use your home computer to do so, if only because your should keep your personal use information isolated from the same machine that processes TOR anonymizing traffic.

Who uses TOR, anyway?    The “dark web” is sometimes used by criminals to avoid law enforcement, but there are many legitimate uses as well.    “Normal people use TOR” is a page on the TORproject that explains many appropriate and legitimate uses that have nothing to do with criminal or malicious activity.    It is not entirely overflowing with bad people at all.

Advertisements