Skip to content

TOR NETWORK – EXPLAINED

Wikipedia defines TOR as free and open-source software for enabling anonymous communication by directing Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays in order to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis.

  • TOR is short for The Onion Router.
  • It is a network of servers designed to improve anonymity and privacy.
  • Connected commuters can be configured to offer hidden/onion services.
  • Onion routing was designed by the US army to protect their communications.

What TOR is designed to protect you from?

  • It anonymizes the browser’s connection to the websites.
  • It prevents your ISP from knowing what site you are visiting.
  •  It prevents a site; you are visiting from knowing who you are, unless, you tell them (for example logging in to a Facebook account using TOR).
  • Its focuses on protecting the transportation of the data only.
  • It allows you to access the TOR DarkNet or hidden services.
  • It prevents tracking.

How TOR network works?

  •  There are a lot of users for the TOR network which helps your traffic goes through theirs. 
  •  Traffic generally passes through three TOR devices (encrypted) before reaching the website (unencrypted).
  •  The first TOR device from where the traffic passes is called Entry Node; the middle ones are called Relay Node; the last one from where the data goes to the resource unencrypted is known as Exit Node.
  •  These nodes are chosen at random so every time your traffic will pass through different TOR devices.   
  •  This process makes the data anonymous and hard to track back to its original user.

What TOR does not protect you from?

  •  Everyone (ISP) will know you are using TOR unless you made a special configuration.
  • Cannot remove all browser vulnerabilities.
  • No protection from OS, malware, man-in-the-middle, etc.

Weakness of TOR

  • TOR is high profile for the nation-states
  •  Internet speed and latency will dramatically drop.
  • No UDP on TOR.
  • Difficult to prevent leaks.
  •  TOR is complex (complexity is the nemesis of security and breeds mistakes).
  • Web browsers can also leak information.
  • TOR is blocked by some websites.
  • DNS leaking.
  •  Accounts logged in via TOR can be blockedlocked, or suspended.
  • Browser Fingerprint.
  •  Data leaves the exit node un-encrypted therefore can be eavesdropping.
  •  Vulnerable to traffic analysis attack (with focused monitoring and analysis of your network traffic someone can know what traffic is going through TOR)
  •  Using TOR when needed. (If not using TOR all the time, just for some time or something; will tell someone that you are doing something private)
  • Relays and bridges can be blocked.

Ref: https://www.hackhunt.in/2021/04/tor-network-explained.html