The Onion Router
The Onion Router (more commonly Tor) is a computer network and free open source software for anonymous communication. It enables users to surf the Internet, chat and send instant messages anonymously. The Tor network comprises many volunteer-operated servers and computers, termed nodes, that relay data between users and websites. It uses a strong encryption design and is considered the strongest anonymizing software and network available on the internet. Tor makes it hard to track internet activity of specific users.
The Tor Project comprises a group of volunteer-operated internet servers which take messages from internet users and forward them to the intended internet website. Typically, an internet website will know the IP address and characteristics of each visitor. With Tor, the internet website thinks that the Tor server is the internet user, when in fact, the Tor server forwards the information back to the actual user without disclosing the identifying data to the website. The Tor Project also provides software: the Tor Browser bundle, a Tor-configured web browser with anonymizing precautions, the Orbot protocol for for Android devices), and Tails, an operating system that is preconfigured to operate Tor safely, and less well-known software. The operating system Whonix is developed independently of the Tor Project, but is alike to its also-Linux-based counterpart Tails in providing a Tor-enabled system with minimal user configuration.
Each user's path to a website is formed by three nodes: the guard, the middle and the exit. A unique combination of those three nodes is a circuit. Tor's anonymizing strength lies in its unique encryption scheme. Only the guard node knows the user's IP address, and only the exit node knows the content of the user's communications. It is vital to strengthen Tor's anonymization with additional methods. To stay anonymous, users must enable HTTPS communications so that the nodes cannot spy on the content of their communications, and must also avoid de-anonymizing behavioral giveaways.
Various other aspects of the design of TOR make it even harder to penetrate. For instance, there are now frequently multiple middle nodes, spread across the globe, adding legal issues as well. The "exit node" can be anywhere in the world, as can the middle node, requiring any investigation to obtain warrants internationally. TOR also has "hidden services" which themselves connect to the internet via a TOR protocol. While a "hidden service" can still be hacked, each service must be hacked individually, ensuring that only sites with illegal content and a large audience are taken down.
The strength of Tor also leads it to be very slow compared to normal browsing. It is generally fast enough to download large files within a few hours and stream videos without pause. Whenever a user uses Tor, he slows down the network unnoticeably slightly for every other user. People who download large files for immoral purposes unfortunately slow down Tor.
Internet privacy and security experts consider Tor the strongest software and network for anonymizing oneself on the Internet. A user will never truly appear to be 'the average Joe'. Sufficiently enough users, however, use Tor so that in ordinary conditions no single person knows too much about who they are. Tor's encryption can be broken if the same organization or conspiring group of organizations controls all three nodes; in this case, the attacker knows everything the user sends over Tor that the website could know without Tor. To reduce the chance of a serious privacy breach in this manner, it is advised to create different Tor circuits for each different use; this is handled well by the Tor Browser bundle by default. As revealed by Edward Snowden, the National Security Administration (NSA) tries to de-anonymize Tor users by controlling its nodes. As of Snowden's 2012 revelations, the NSA can identify a small fraction of users by coincidence, but cannot identify a specific user on demand.
As the Tor developers warn users, The Onion Router "cannot help them if they use it wrong". Many Tor users have been identified because they have configured it incorrectly. For this reason, new users are advised to use pre-configured software such as the Tor Browser bundle or a specialized operating system—Tails or Whonix. There are many ways to de-anonymize users based on their behavior. Fingerprinting is the identification of a unique configuration or behavior so that it matches only one known user. Browser fingerprinting takes note of the browser, the operating system and browser settings; this can be circumvented with the Tor Browser bundle. Other behavior can be just as unique as someone's face, handwriting or fingerprint, such as his typing or mouse movement patterns.
An exit node has complete access to and control over the content of a user's communications; the user's safeguard is that the exit node does not know his IP address. If the connection to the website is not encrypted with the HTTPS protocol, the exit node can insert malicious code into the user's browser. Malicious exit nodes, a minority of all nodes, are operated by surveilling governments or hackers; the famous Julian Assange found secrets for Wikileaks by monitoring Tor communications as an exit node.
It is possible for a local network operator to prevent a computer accessing the network simply by censoring all known TOR IP's. A bridge is a server that substitutes for a guard node to bypass local network interference. Some bridge protocols are automatically packaged into Tor: 'obfs4' makes it ineffective to ban bridges by simply trying to contact all of them, 'meek' pretends to be a connection to a non-suspicious website, and 'snowflake' uses regular users' computers.
A TOR website, if breached, can be programmed to download malware that reveals the location of the computer, allowing law enforcement or other parties to find a user's location. In a notorious case, American child pornography producer Buster Hernandez was busted by exploiting a security vulnerability on his computer, having downloaded a video via Tor. A small software development company, Facebook and the government conspired to exploit a security vulnerability. Other weaknesses include various programs that take advantage of capabilities given to that type of program, such as a PDF installing extra software on a user's computer. Using antivirus software to protect against such malware is highly recommended, or else switching to an operating system like Linux that does not need an antivirus. It is wise to remember that TOR is the software used by criminals of all stripes, none of whom are beyond committing crimes against other users.
Tor has millions of daily users worldwide, and more than a million in the United States alone. Many users are normal people who do not have to fear much. A minority is of ethical users and criminals who have very much to hide. Tor is stereotyped as a dangerous criminal tool, and it is reasonable to assume that America runs state-sponsored smear campaigns on Tor. This is a non-comprehensive list of types of Tor uses and purposes for use:
- Normal users. Contrary to expectation, much traffic on Tor is from normal users who have little to hide. These people are generally just concerned about government and corporate surveillance. This emphatic rejection of unnecessary intrusions into privacy led to the Fourth Amendment, which the courts have unfortunately ignored in continuing to allow the government to spy on citizens' internet activities.
- Activists. Anonymous communication, file transfer and blogging is possible for activists, whistleblowers and others who fear government persecution. Those who live under tyrannical governments, like those of China or Iran, will especially benefit.
- Firewall and network logging bypassing. A local network operator can log the websites a user visits and block any number of them he wishes. Tor allows users to bypass local firewall restrictions and prevents logging them. It is useful in work and school environments where access to a website is blocked. Tor may be the only option for those who live in countries with state-enforced internet censorship to access any website on the internet.
- Evidence erasing. Those who are researching sensitive topics or otherwise do not want traces of their browsing to be discovered on their computers use the Tor Browser or a Tor operating system.
- Criminals. Tor is notoriously popular among criminals. It enables anonymous, online black markets for trading drugs, child pornography, malware code, gambling and other illegal products. Tor is also popular among pirates of software, movies and music, who most often use the peer-to-peer protocol called BitTorrent, which allows files to be quickly transferred without a central file hosting server. It is rumored that a third of Tor traffic is of torrenting. The Tor Project has urged users not to torrent over Tor because it uses too many network resources and has revealed that Tor does not provide good protection to torrenting. The project also responds to the criminal use of Tor, "So yes, criminals could in theory use Tor, but they already have better options, and it seems unlikely that taking Tor away from the world will stop them from doing their bad things. At the same time, Tor and other privacy measures can fight identity theft, physical crimes like stalking, and so on"
Tor was created to protect US intelligence online, and was originally made by a US Navy Seal. Development started in 1997 by DARPA, an agency of the U.S. Department of Defense responsible for the development of emerging technologies for use by the military. However, in 2002 the Naval Research Laboratory released the code for Tor under a free license.
In 2014, the Russian government offered a $111,000 contract to "study the possibility of obtaining technical information about users."
Even subsequent government studies have concluded that Tor is difficult to infiltrate, because the government would have to penetrate all three computers handling a particular message to be able to trace it back to its origin. Because the number of active Tor nodes is large, and the middle node is assigned at random, most of the node computers on a Tor network would have to be compromised for the privacy of most messages to be broken. Edward Snowden's leaks revealed that
- Tor Project Overview. Retrieved on February 8, 2016.
- Tor Project. Retrieved on February 8, 2016.
- Tor Project Abuse FAQ. Retrieved on February 8, 2016.
- "The Inside Story of Tor, the Best Internet Anonymity Tool the Government Ever Built", Bloomburg Business, January 23, 2014. Retrieved on February 29, 2016.