Wikipedia defines TOR as free and open-source software for enabling anonymous communication by directing Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays in order to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis.
- TOR is short for The Onion Router.
- It is a network of servers designed to improve anonymity and privacy.
- Connected commuters can be configured to offer hidden/onion services.
- Onion routing was designed by the US army to protect their communications.
What TOR is designed to protect you from?
- It anonymizes the browser’s connection to the websites.
- It prevents your ISP from knowing what site you are visiting.
- It prevents a site; you are visiting from knowing who you are, unless, you tell them (for example logging in to a Facebook account using TOR).
- Its focuses on protecting the transportation of the data only.
- It allows you to access the TOR DarkNet or hidden services.
- It prevents tracking.
How TOR network works?
- There are a lot of users for the TOR network which helps your traffic goes through theirs.
- Traffic generally passes through three TOR devices (encrypted) before reaching the website (unencrypted).
- The first TOR device from where the traffic passes is called Entry Node; the middle ones are called Relay Node; the last one from where the data goes to the resource unencrypted is known as Exit Node.
- These nodes are chosen at random so every time your traffic will pass through different TOR devices.
- This process makes the data anonymous and hard to track back to its original user.
What TOR does not protect you from?
- Everyone (ISP) will know you are using TOR unless you made a special configuration.
- Cannot remove all browser vulnerabilities.
- No protection from OS, malware, man-in-the-middle, etc.
Weakness of TOR
- TOR is high profile for the nation-states.
- Internet speed and latency will dramatically drop.
- No UDP on TOR.
- Difficult to prevent leaks.
- TOR is complex (complexity is the nemesis of security and breeds mistakes).
- Web browsers can also leak information.
- TOR is blocked by some websites.
- DNS leaking.
- Accounts logged in via TOR can be blocked, locked, or suspended.
- Browser Fingerprint.
- Data leaves the exit node un-encrypted therefore can be eavesdropping.
- Vulnerable to traffic analysis attack (with focused monitoring and analysis of your network traffic someone can know what traffic is going through TOR)
- Using TOR when needed. (If not using TOR all the time, just for some time or something; will tell someone that you are doing something private)
- Relays and bridges can be blocked.