The Onion Router

From The TSP Survival Wiki
Jump to: navigation, search

The Onion Router (Tor) is free software plus a network behind it to protect one's anonymity online while surfing on the internet. The Tor software package comes bundled with the Tor browser, which is simply a tweaked version of Firefox. When browsing with it, your IP address is hidden from the destination web sites. Also, data is encrypted as it passes through the nodes in the Tor network; anyone watching the traffic leaving your PC will be unable to tell its contents or where the data is really going to (other than a Tor node).

It can be downloaded from



The components of the system include your Tor Browser, the Tor network, and the destination web site. Your traffic from the browser to the destination web site will pass through three levels of Tor nodes, at random. The traffic between your browser and the first Tor node is encrypted by the Tor software. Likewise, the data is also encrypted between the next Tor nodes. The final (third) node is called the exit node; the data from the exit node is no longer encrypted when sent to the final destination web site. This is necessary since some random web site won't be able make sense of data encrypted by Tor. Note that if you are using an SSL (e.g. "https://") connection to the destination web site, the data between the exit node and the web site is still encrypted by the SSL from your browser.

As you use Tor, the 3 nodes you are using will randomly change to other nodes. This makes it difficult for someone watching the encrypted data between nodes to do traffic analysis of it to determine what it might contain. The destination web site will see your IP address as that of the 3rd Tor node. Therefore, your IP address will appear to hop around every few minutes.

Suggestions for use

The Tor Project can be very useful but may not be appropriate for all web browsing you may want to do. So, care should be taken in its use, and you should use it with at least a basic understanding of how it works.

If all you want to do is random web searching and browsing, Tor is very safe for that. As long as you don't actually log into google or other search engine with the Tor browser, the search engine will only know what you are searching for, but not who you are. Likewise, any web site you visit will only know what URL you went to and whatever else you might enter into a form on a web page.

Be very wary of the exit nodes; anyone's PC can be an exit node (just by installing the Tor browser bundle and turn it on), and watch the data that is passing through the node to/from a web site (e.g. by using WireShark or other network monitor). If you were not using SSL, the exit node can see any data traffic between you and the web site. So, if you logged into a social networking web site, forum, or email system with your personal account, that info can be stolen at the exit node and then used without your permission.

Therefore, be absolutely sure you are using SSL with any web site that you don't want the traffic intercepted at the exit node. The exit node cannot see what's in any SSL-encrypted traffic. (Although, the web site itself will see the unencrypted traffic - if that is a concern to you, try to keep your identity anonymous with the web site by providing inaccurate information.)

Your IP address will appear to "jump around" as you browse a single web site. Some web sites don't like this and have software to automatically detect the IP address changing and then block you from using the web site. Don't even bother using Tor with bank accounts, credit card companies and other similarly important accounts; they will detect the IP address changing and possibly lock out your account. Besides, Tor is hardly of any use for such purposes -- the bank already knows very well who you are and has told the government everything -- the traffic to the bank's web site doesn't require analysis to learn what they want about you from the bank.

If you wish to use an email service or other easy to acquire online account, but still remain completely anonymous (even to the web site), you need to do this carefully. You obviously don't want to just use your regular gmail or other account that's identifiable as yours; the fact that you logged in is enough to know it is you. If it is email you want to use, you'll need to sign up for an email service (such as while logged in through Tor and providing information that won't identify you. From that point on, you must always use that email service while logged in through Tor. If you forget even a single time and log in without using Tor, your IP address will then be identified and easily associated with that email address. And, as explained earlier, only access such services with an SSL connection so that the exit nodes can't intercept any useful information.

Tor Hidden Services

(please fill in for someone who may know more about this)

See Also


External Links

Relevant TSP Episodes

Personal tools