Understanding and using the Tor network

Slashdot it! Delicious Share on Facebook Tweet! Digg!
© Yevgeniya Ponomareva - Fotolia.com

© Yevgeniya Ponomareva - Fotolia.com

Layers of Privacy

Given the extent to which intelligence agencies have been tapping data off the Internet, those wanting to protect their privacy need to take action. Tor can help you.

Surfing the web without protection inevitably leaves behind more traces than you ever bargained for. This information trail includes IP addresses that make you easily trackable. Not only do investigators use them for hunting down criminals and "potential attackers," but various web projects and trackers use them to monitor users' surfing behavior for resale. A whole industry depends on it.

To make things harder for data collectors, you need to conceal your personal data as much as possible. This is where the Tor network [1] comes into play. It consists of a network of worldwide computers linked together by encrypted data traffic.

How Tor Works

Tor stands for "The Onion Router," a project originally initiated by the United States Navy [2] and implemented to protect communication between government agencies.

At its core, Tor works as follows: At the starting point, the client obtains a list of so-called Tor nodes from a directory server and registers with one of them. Once the client opens a web page, it connects via SOCKS to an Entry Guard, which forwards the request to a second node that passes it, in turn, to a third, the Exit Node. For efficiency purposes, Tor developers decided on three connection nodes only (Figure 1).

Figure 1: The Tor network basically works as follows: A client sends a request to an Entry Guard that forwards it encrypted to a Relay Node (without knowing the destination of the request). The Relay Node knows neither the source nor destination of the request and forwards it to an Exit Node only. The Exit Node knows only the destination of the request, but not its owner. Because none of the nodes handle all the data, attackers have a hard time uncovering the complete connection path.

What makes connection with Tor so secure is the fact that each server, by using different levels of encryption, sees only part of the data connection. Thus, the Entry Guard doesn't know which host the client wants to reach. Only the Exit Node knows that, but without knowing the client's identity. To discover the connection, an attacker must crack the whole framework. However, Tor automatically and randomly alters the node routes every ten minutes, so the attacker likely will discover only part of the route. This architecture makes it nearly impossible even for intelligence agencies to monitor the communication data of a certain computers over longer periods.

And, this is where Tor is different from other anonymizing proxies. As a rule, the latter use static server cascades and typically belong to companies that, depending on the server location, are obliged to monitor connections. Thus, it's easier for agencies to trace those connections back to their origins.

The communication between the Tor nodes and the client is totally encrypted. Only the connection from the Exit Node to the destination remains unencrypted, unless the contacted server does not itself deliver encrypted content (e.g., via SSL). Apart from web browsing, Tor supports services such as IRC, Instant Messaging, email, and SSH. To use these services, each client must support SOCKS connections.

Using Tor

Both Ubuntu and openSUSE provide Tor in their repositories for installation over the package manager. If the current version isn't present, the Tor project recommends installing it from its sources. This is important, because some Tor nodes reject connections attempts from older versions.

The service loads automatically after installation. You can start and stop it manually by using the commands sudo torctl [start|stop] and /etc/init.d/tor [start|stop], respectively. Tor gets its directives from the /etc/tor/torrc file. A configuration is usually unnecessary but can provide some extra useful functions.

To use the Tor network, you need to configure your web browser accordingly. In Firefox, for example, enter the address for the SOCKS Host and use port 9050. Then, mark the SOCKS v5 check box. Whereas the Torbutton add-on helped in the past to set up a fast anonymous connection, you can now do without it. According to developer Mike Perry, Torbutton provided only "nightmare situations for anonymity and privacy" [3]. The project no longer provides it as a separate add-on; it is only bundled with the Tor Browser Bundle (see the "Tor Browser Bundle" box).

Tor Browser Bundle

In addition to individual components, the Tor project provides the Tor Browser Bundle [6] for download. It consists of a modified Firefox browser currently based on version 17, which already includes enhancements such as HTTS Everywhere, NoScript, and Torbutton. Alongside the browser is the Vidalia graphical front end.

Because the bundle is statically compiled, it uses no system libraries and starts equally well in all distributions. It also stores both the configuration files and cache in its own directory so that it's portable. You can copy it to a USB stick and take it anywhere.

To use the bundle, unzip the archive and start the enclosed start-tor-browser script. This simultaneously starts Tor, Vidalia, and the browser, which establishes a secure connection directly through the Tor network. Upon closing the browser, Tor automatically deletes all data accumulated during the

These combined actions not only contribute to making anonymous browsing uncomplicated but also provide added safety. Many websites ask when visiting them for such things as system configurations and the browser ID. Furthermore, sites, such as Facebook, log visited websites that use their plugins even after you log off [7]. You can avoid these risks if you use the bundle instead of the default browser.

The Torbutton Firefox extension primarily serves to conveniently switch between the normal and secure network, but it also provides other security features. You can configure the add-on by clicking the onion icon next to the address bar and selecting Settings. Among other things, the Security Settings allow you to deactivate plugins during the Tor session and turn off automatically generated search suggestions. In the Cookies section, you can specify how you want the browser to handle cookies.

Buy this article as PDF

Express-Checkout as PDF

Pages: 4

Price $0.99
(incl. VAT)

Buy Ubuntu User

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content