The weapons for anonymity - What you need to know about TOR!!!

in #darknet8 years ago

This is the first article in a series called "The weapons for anonymity", in which we will discuss some of the various tools available, that help you to become truly anonymous online.

Today, we look at the Tor browser, how it works, as well as where its weaknesses lie.

How does Tor work?

Tor is the browser you need to access hidden services on the darknet. Tor attempts to hide the origin of a certain web request by first sending your data through a number of Tor nodes, which are servers run voluntarily by individuals. Normally, your data passes through 3 nodes, the entry node, the relay node and the exit node. Each time you establish a connection to the Tor network, your client choses 3 random nodes in the Tor network that it is going to use. This information along with the actual data that you want to send is then encrypted 3 times, once for every node, and then sent to the entry node. Let's break down how each node works and what they know about you:

  • The entry node knows your real IP address, since you are connected to it directly. It does not know the content of your data. By removing the first layer of encryption, it decrypts the address of the next node, that you specified beforehand and passes your request on to the next node.
  • The relay node does not know your IP address. It only knows the address of the entry node. It does not know the content of your data. It removes the next layer of encryption and thereby decrypts the address of the last node and passes your request on.
  • The exit node removes the last layer of encryption. If you are not using a website that supports HTTPS (most hidden services don't), that means the exit node can see everything you send to a website. However, it has no clue where this request came from, as it only knows the address of the relay node. The exit node finally passes your request to the website you wanted to visit.

That way, no node knows both your IP address and the data you are sending to a website. The system is pretty clever, but there are also vulnerabilities, mostly due to human error.

Vulnerabilities of Tor - and how to avoid them

Keep in mind, that everybody could in theory run a malicious exit node, even government agencies. This means, if you send any identifying data through the Tor network (for example if you log in to your facebook account), all your other darknet activities using that same connection can be tied back to you. This is extremely important, so keep the following rule in mind:

Never send any identifying personal information through the Tor network. Keep your darknet and your clearnet activities strictly seperated!!!

Tor has some weaknesses, however, they are generally easy to avoid if you know what you are doing. For example, previous Windows-versions of Firefox (which the Tor Browser is based on) had some bugs that allowed malicious javascript code to leak the user's real IP address, his Mac address and other potentially identifying information about the user's machine. This technique has been used in the past by the FBI to identify the users a web hosting platform where, among other things, child pornography was distributed. Even though this particular vulnerability has been fixed, you can never be sure that a similar bug isn't present in the current version of Tor. You should therefore 

Always have javascript disabled by default!!!

To be extra safe, you should always have additional security measures in place. On it's own, Tor will simply not do the job. A good idea might be to use Tails or Whonix, both of which are anonymity-fouced linux-based operating systems that come with some great anonymity features built in (for example MAC spoofing). You can install these directly on your hard drive or you can install Tails on a USB flash drive and boot from there. If that is too much of a hassle for you, you can also install it in a virtual machine, although this is a little less secure since you still have to rely in the host operating system. 

You might also want to research VPNs, Tor bridges and (if you're really going for it) Qubes OS, which is one of the most secure operating systems known to man and makes a perfect combination with Whonix in a VM. I will post more detailed information about all of them soon.

#tor #opsec #anonymity
8 years ago in #darknet by
$0.00
    1 vote
    Reply 1
    Sort:  
  • Trending
    • [-]
     8 years ago  

    Congratulations @justusspringer! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

    You published your First Post
    You got a First Vote

    Click on any badge to view your own Board of Honor on SteemitBoard.
    For more information about SteemitBoard, click here

    If you no longer want to receive notifications, reply to this comment with the word STOP

    By upvoting this notification, you can help all Steemit users. Learn how here!