LUKE MILLANTA delves into the good, the bad and the ugly aspects of the anonymous internet.
Tor, also known as the Tor Project or the Onion Router, is an online anonymity network designed to conceal its user’s identity and online activities. It does this by first encrypting the user’s communications, and then routing these communications through a network of relays located around the world. Due to its sophisticated design, entailing multi-layered encryption – hence the reference to onions – Tor allows users to mask their location and evade a number of internet-based censorships.
In addition to concealing a user’s identity, the Tor network can be used to access a variety of hidden services, which are outlined below.
This article provides an outline of the Tor network, and explains the basic steps in using Tor to conceal your identity. In addition, some of Tor’s vulnerabilities are canvassed and the future prospects of the Tor Project are outlined.
Connecting To Tor
Connecting to Tor is an easy process that takes only a matter of seconds. You begin by downloading the Tor Browser Bundle from the Tor website (torproject.org). Once you extract and install the application to a location of your choosing, you run the executable labelled ‘Start Tor Browser’. On launch, the application automatically connects to the Tor network and loads the Tor Firefox-based browser. You are then informed that you have successfully connected to the Tor network.
While connecting to the Tor is an easy enough task, there are several “rules” that the Tor project suggests users follow to ensure that their identity remains protected. The first is to use only the Tor browser that comes packaged with the Tor Browser Bundle and to use only those applications that have been configured to work with Tor. If you decide to use another browser while connected to the Tor network there is a significant danger that the alternative browser may be misconfigured, with the desired level of identity protection not being achieved.
The second rule, which closely relates to the first, is to refrain from installing any plugins into the Tor browser. Plugins can be corrupted by both hackers and law enforcement agencies with the purpose of revealing your true IP address and other information about you.
The final rule is to be prudent when downloading files using the Tor network. Some files, especially PDF and Microsoft Office documents, may initiate the downloading of resources outside of Tor, thereby resulting in your IP address being compromised. So when opening files while connected to Tor, you should adopt the policy of opening them in a virtual or stand-alone computer that is not connected to the internet.
If you follow these simple rules, together with ensuring that your Tor client is kept up to date, the chances of your identity being exposed will be greatly minimised.
The Hidden Wiki
As indicated above, once you have connected to the Tor network you have the ability to browse the internet anonymously, and access hidden services hosted on the so called “Deep Web”. This is an area of the web accessible only through the Tor network. Tor has numerous hidden services which are a part of the .onion domain, a domain that supplies service providers with a secure and anonymous way of hosting their services away from the mainstream, top-level domains, of the internet, also known as the clearnet.
The .onion domain uses a special naming convention made up of a 16 character alphanumeric string that is generated from a public key. This public key is automatically generated when a new service is configured. For example, a domain name could be “jv6g2ucbhrjcnwgi.onion”. It is primarily due to this unique naming convention that the Hidden Wiki was created in 2008, to help users find their way to ‘important’ and ‘useful’ websites. The Hidden Wiki is split into categories such as ‘Mail Services’ and ‘Financial Services’.
Due to the Hidden Wiki often experiencing downtime, several clone websites have been created by members of the Tor network to enable Tor users to access this information 24/7.
The Good and the Bad of Tor
Tor’s hidden services provide a number of positive benefits to its users. For example, imagine that you are subject to a repressive regime that deals harshly with any outward dissent, or that actively censors your internet feed and monitors your internet activity. Tor provides you with a means of voicing your dissent, or accessing restricted sites without risking retribution. Because nobody likes bullies, especially bully governments, most would regard this feature of Tor as a big positive.
However, depending upon your point of view, some of the services provided within the Tor network may be regarded as undesirable. In addition to the Hidden Wiki outlined above, the services available have been employed to disrupt the activities of law enforcement agencies and to protect members of the cyber underground. Since its release, Tor has been used to engage in a number of nefarious activities including hacking, identity theft, drug dealing, and contract killing. It has protected the identities of those engaged in such pastimes and facilitated the growth of such illicit, underground activities.
While Tor potentially offers internet users the opportunity to secretly engage in a number of activities, it is important to understand that it is not itself devoid of security flaws. In particular, Tor cannot protect users against network boundary traffic monitoring. This means that law enforcement officials can potentially monitor traffic entering and leaving the network. If they do, they have the potential to resolve your real IP address and your identity.
In 2007, a security consultant announced his successful interception and capture of username and password data for email accounts operating over the Tor network. He achieved this by monitoring Tor exit nodes. Many Tor users make the mistake of assuming that Tor is an end-to-end encryption tool and that traffic cannot be captured at any point along the network. However, Tor does not encrypt traffic entering or exiting the Tor network. There have also been cases where prosecutors have gone after those running exit nodes when they have detected illicit activities.
In 2011, another of Tor’s vulnerabilities was uncovered. This vulnerability, known as the “bad apple attack”, exploits the use of unsecured third-party applications to match the simultaneous use of a misconfigured application with the IP address of the Tor user. Once this match has been made, the attacker has your real IP address and your identity will have been compromised. BitTorrent is a primary example of an application susceptible to this kind of attack. However, any third-party application that has not been configured correctly to work with Tor is also susceptible.
The Future of Tor
The future of Tor looks bright. Tor is funded by a number of big supporters including the Broadcasting Board of Governors and the National Science Foundation. Such support allows for payment of developers and other staff to work full time in developing new features for Tor.
Tor needs to stay one step ahead of governments, law enforcement agencies and hackers attempting to discover the identities of its users; this is not an easy task and requires vigilance by the Tor development staff. One way that you, the Tor user, can help is by operating a relay; the more relays Tor has, the more destinations traffic can have, thereby increasing security for the Tor network.
In my opinion, Tor serves a very important function. Not only does it allow those facing persecution or oppressive censorship to speak out, it also provides individuals and organisations with a higher level of security and online privacy. In a world where governments are continually working to censor internet feeds and actively monitor their citizen’s internet usage, the importance of Tor cannot be overstated.