Tor

The Onion Router (Tor) is a free BSD-licensed software implementation of second-generation onion routing which enables people to communicate anonymously on the Internet.^[1]

Everything connected to the Internet has a IP address (or uses a shared IP address) which can be used to identify the location, and in most cases the person/corporation, who uses it to communicate. Tor takes the TCP-stream from your IP and routes it through the Tor-network before it reaches its destination, making it impossible for the destination to know where the traffic originated.

[edit] In bullet summary

• Tor routes Internet-traffic through three Tor-routers between you (Alice) and the party you are communicating with (Bob).
• The first router knows that Alice is using Tor - but does not know what it's being used for.
• The last router knows that someone is talking to Bob - but doesn't know who.
• No single router knows the whole path.

[edit] Typical Tor-uses

It should be noted that United States Department of Defense use Tor on a daily basis.

Tor aims to provide three security properties:

1. A local network attacker can't learn, or influence, your destination.
2. No single router in the Tor network can link you to your destination.
3. The destination, or somebody watching the destination, can't learn your location.

[edit] Tor hides your location

There are many situations where you may want to hide your location but to not want to hide your identity.

• The NATO General may want to give out orders without telling the enemy where they should send lots of Sukhoi T-60S Bombers.

[edit] Tor allows you to remain anonymous

There are many good reasons why you want to remain anonymous when you are browsing the Internet.

• Search engines store search terms for long periods of times. Do you really want a corporation to know everything what you search for the last year?
• Websites you visit can and do keep track of what pages you view. This allows them to profile you and get a fairly detailed picture of what your interests are. Know that such data, called "marketing data", are also sold to governments and combined with other data they have collected on you.
• Imagine your insurance company calls you and says that "We have noticed you have been very interested in car racing lately, so you now have to pay slightly more for your insurance policy".

There are also many good reasons for using Tor to add information to the Internet. Tor allows people living in tyrannical regimes like Norway, where the government covertly tortures citizens for speaking out against the regime, to publish and participate on the Internet without fear of being tortured. Tor is a great way for people living in such countries to participate in normal political activities, participate in debate and so on. Criminal regimes like the Norwegian government can not torture citizens who criticize it when they are unable to find out who they are.

[edit] Tor allows you to run location hidden websites and other services

Location hidden services is a great Tor-feature which allows you to run normal Internet-services from behind a firewall without revealing who you are or where in the world the service is located.

• You can run any kind of normal TCP-based Internet service from behind a firewall using a hidden Tor service.
• You can publish anonymously and without fear of censorship.

Setting up a hidden service requires some skill; setting up a hidden Tor service is easy, making sure the software running the service (Such as Apache) does not leak any information requires careful consideration.

The domain names used for Location hidden services end with .onion and are based on a hash-string of a matching private key for that service. For example, this website is available to Tor-users as http://sowd5dpn54rk2srl.onion/

Hidden services provide authentication because you can be sure that the server you are connecting to is the one who has the private key which corresponds to the hash of the public key. And the connection between you and the server goes through Tor, so you get end-to-end encryption (which makes this an alternative to SSL).

[edit] Performance

Tor is slower than normal web browsing, but it is enough to browse the Internet without getting frustrated.

Location hidden services are slightly slower to get to (establish a connection) than normal Internet browsing through Tor, but they are quite fast (relatively speaking) once you have established a circuit.

[edit] Things you should be aware of when using Tor

You are not automatically anonymous just because you are using Tor.

• Tor makes your TCP-stream anonymous. That is it's job.
• Tor does not make your software applications act anonymous.
• If your application is leaking information then this information is leaked regardless of the connection used to leak it is anonymous or not. You must ensure that the applications using Tor to communicate do not leak information.

Mainstream computer press has widely reported that "experts" have found "Holes found in Tor IP privacy system".^[2] These holes refer to information leaked by the applications such as browser plug-ins like Java, Javascript, ActiveX and so on, not holes in Tor itself.

This is very important, so once again:

• Tor makes your TCP-stream anonymous
• Tor does not prevent you, or the software programs you are using, from giving the other site of the anonymous TCP-stream information which compromises your anonymity.

[edit] Dead give-aways

Your web-browser will report all sorts of details^[3] when you visit a website. You need to use a proxy like Privoxy between your web-browser and Tor which applies some sexy filters before the web-browsers traffic is forwarded through the Tor-network to it's destination. You should also disable browser-extensions like:

• Java. Java-applets run by your web browser may not use your browsers configured proxy and can report all sorts of information.
• Java-script. Java-script can also report all sorts of information and also be used to track you the same way cookies do. ^[4]
• Flash-applications.

The webmaster of Flight77.info anonymously added a link to gay porn on that page. The picture linked had no links to it from that site, and the site itself has nothing to do with entertainment for men who like men. It really isn't very hard to guess who posted that links given the givens, regardless of the link being posted anonymously...

[edit] Cookies

Site X sets a cookie and logs your IP. You find out site X is evil, you start using Tor when you visit site X, you think you're safe - but site X already knows the person with that cookie visited 20 times from your home IP, and they see you are suddenly visit using seemingly random IPs (using the cookie).. it really isn't hard to guess which visits were from your home IP.

Clear your cookies if you switch from using Tor to normal browsing. SwitchProxy and other browser plug-ins can be configured to do with automatically. And don't forget to clean global flash cookies with Betterprivacy plugin.

[edit] DNS leaks

Domain Name System (DNS) lookups can and should go through the Tor-network. Most browsers, and other software, which supports using a proxy supports looking up DNS through Tor (Only bad socks implementations leak DNS queries). Make sure all the software you're using together with Tor looks up DNS through Tor!

DNS leaking means that your software asks your ISP's nameservers for the IP of the site/service you want to visit and then visits it through Tor. The KDE GUI Tork^[5] can warn you if you are leaking DNS requests. The Tor log also gives DNS-leak warnings.

[edit] You should assume all traffic which goes through the Tor-network to the normal Internet is eavesdropped

If you are communicating with the normal Internet using Tor then your traffic will go from your Tor-node through the Tor-network to a exit server. This exit will then contact your destination and communicate with it on your behalf. These exits can log everything which goes through them.

So what? The exits do not know where the traffic is coming from, so why care? You should, most normal Internet traffic, including login information at forums, e-mail accounts and so on is unencrypted. Tor exit nodes are "men in the middle" who can easily monitor everything sent unencrypted through them.

An adversary may not care who you are or what your deal is; An adversary may simply want to obtain dozens upon dozens of random e-mail accounts (or other information from random people).

Never enter passwords over unencrypted Tor-connections, only send passwords and other information over https connections (This applies to all Internet usage, not only Tor).

There are Tor-servers running websites who not only admit to be listening to traffic, but also post an overview of sniffed login-information.^[6]

[edit] A brief overview of Tor's history

Tor was designed by Roger Dingledine, a former NSA employee, and Nick Mathewson of Free Haven and Paul Syverson from US Naval Research Laboratory. The design was based upon research and ideas from US NRL. The Tor-project was from the beginning financed by US Naval Research Laboratory until Electronic Frontier Foundation tok over the project late 2004. The project is currently financed by donations. EFF still hosts the projects website.

[edit] Attacks on Tor

Tor it self is now very robust, which makes it hard to attack the actual Tor network. But Tor can be attacked in other ways, mainly by giving it a bad name.

[edit] "Tor is used by bad people"

[edit] Attacks - in theory

A paper by the University of Colorado called "Low-Resource Routing Attacks Against Anonymous Systems"^[7], published by Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno and Douglas Sicker points out that it is, in some cases, possible for the adversary to use timing-attacks to make out the whole path of a connection if the adversary controls the entry node and the exit node - without having control over the middle node.

The research was done using a "private" Tor-network because it's way more problematic to do this kind of attack on the real Tor network, which uses the real Internet, compared to a private Tor-network on a private LAN.

The attack described in theory has not yet been used against the real Tor-network^[8]

[edit] User-software attacks

These are not attacks against Tor itself, rather, they are attacks against ignorant Tor-users. The basic example here is: You visit a website without Tor, the website sets a cookie, you revisit the site using Tor, the site checks the cookie set without using Tor and now they know it's you, and the complete history of IPs you've used to visit that site. It does not matter if the connection is anonymous if the data sendt over it containes enough information to identify who's making the connection.

There are frequently articles in the press who describe "attacks". These "attacks" usually depend on the user having things like Java^[9] enabled in their browser.

[edit] Why runs Tor-network anyway?

The Tor-network has about 800 volunteer-operated routers around the world. The Tor-software runs in client-mode by default. You really should consider running Tor as a server if you are using it on a regular basis.

The Tor-network is a distributed trust network. The more different groups who run servers the better the security properties are - for everyone using it.

[edit] Tor in the mainstream media

• BBC: Free anonymising browser debuts

[edit] How secure is Tor?

"An near-global eavesdropper can probably defeat any currently deployed low-latency anonymity network." -Nick Mathewson

[edit] References

1. ↑ Official Tor website
2. ↑ Computerworld, October 2006: Holes found in Tor IP privacy system
3. ↑ What is my IP? Checker - detailed view
4. ↑ Tracking using the web browser's cache
5. ↑ Tork - Tor GUI for KDE
6. ↑ paranoid but dumb? ... behold tor sniffing
7. ↑ Low-Resource Routing Attacks Against Anonymous Systems (PDF)
8. ↑ The rumors of our demise
9. ↑ Hacker builds tracking system to nab Tor pedophiles