Edward Snowden swears by it, the US has spent millions on it and the Russian's want to destroy it, but what is Tor and how do you use it?
Private companies and governments track everything you do online. While these intrusions on your freedom and privacy may seem benign, for many anonymity is a matter of life and death. People living under repressive regimes, political activists, spies, journalists and even the military all need to access the internet and remain truly anonymous and impossible to track.
To do this people turn to Tor, the world’s most notorious anonymity tool. Tor routes connections through thousands of relays across the world to hide who you are, where you are and what you’re doing. Tor also forms part of the deep web, used by criminals to peddle drugs, weapons and images of child sexual abuse. This hidden network is forever scurrying beneath the surface of the public internet, away from the prying eyes of governments and Google. But now it is being dragged kicking and screaming into the spotlight, putting online anonymity at risk.
The name Tor was originally an acronym for The Onion Router. This is both the special software that is installed on your computer and the network that handles Tor connections. Like an onion Tor is made up of layers and the more layers your traffic passes through the harder you are to track. Tor uses thousands of relays around the globe to hide your connection, taking a random path and erasing its footprints to throw spooks off your trail. The seemingly random nature of Tor connections is the network’s greatest strength. Each relay your connection passes through is unconnected to the last, so there’s no way of tracing your hop-scotch through the relays. Each hop also uses a separate set of encryption keys while Tor changes the route it sends you on every ten minutes to stop any patterns from emerging. Look up your IP address when using Tor and you’ll get an idea of how it works – one second you’ll be in Bucharest, then Hamburg and then New York.
With success comes attention. In the US the National Security Agency (NSA) labelled Tor “the King” of internet anonymity, while notorious whistle-blower Edward Snowden used it to send thousands of top secret government files to The Guardian and Washington Post newspapers. There are few encryption technologies that can match Tor and such is its supremacy that the Russian government is offering £65,000 to anyone who can find a way to track its users. For corrupt governments, anonymity is a nut that needs cracking – or rather an onion that needs peeling.
US Financial support
It is odd then that the technology behind Tor was originally developed by the US Navy in an attempt to develop a secure way of routing traffic over the internet. In fact the US government is still the single biggest financial supporter of Tor and donated over $2.5 million to the project in the past two years. Despite that the NSA and its UK equivalent GCHQ have made several determined attempts to break open Tor’s encryption and unmask its users. An old bug in Tor’s browser software let spooks identify 24 users in a single weekend, according to The Washington Post while the NSA has also looked for patterns in entry and exit points on the Tor network to try and spot individual users. But despite best efforts Tor remains secure and there is no evidence that the NSA or any other agency is capable of unmasking Tor on a global scale.
Tor is used in equal measure for noble and nefarious means. In countries where voices of dissent and subterfuge are violently quashed Tor has become an essential tool. In Iran, Iraq, China and Russia Tor is used widely by citizens to avoid government spooks, tracking and web censorship. As connections over Tor are almost impossible to trace it is often the only way for people to communicate freely and without fear. In a country where information about other religions or cultures is outlawed, Tor can be the only way to escape censure. It is also used to access websites such as Facebook and YouTube when governments block them.
Inside the deep web
Tor is not only a secure way to access the normal internet; it is also a way access hidden websites. The deep web is a network of sites that can’t be accessed from a normal browser. Sites here end in .onion rather than .com and aren’t indexed like the rest of the internet. There is no way to search for them and there is no way to find them without a direct link. The size of the deep web is unknown but some estimates have put it at many thousands time larger than the ‘surface’ internet.
Accessing a deep web site is easy, all you need is the Tor browser and a deep web link – http://zbnnr7qzaxlk5tms.onion is the deep web link to Wikileaks, for example. Type that into Internet Explorer or Chrome and nothing will happen but type it into the Tor browser and you’ll see Julian Assange’s face.
On the deep web seemingly anything goes. Need someone bumped off? That’ll cost you $10,000. How about a handgun for just £500? A hacker for hire also offers their services, promising to ruin someone financially and personally for a few hundred euros. All prices on deep web are in Bitcoins, the anonymous currency of the anonymous internet making the money trail as difficult to follow as the web traffic.
Sites on the deep web come and go regularly, with directories linking to them riddled with dead links and dead ends. But it isn’t all about crime. There are secure email services, search engines and chat rooms that allow people to communicate and use the web away from prying eyes. As with anything, Tor is used in equal measure for good and bad.
Infamy has escaped most of the deep web with the exception of one site. Silk Road was responsible for $1.2bn in sales of heroin, cocaine and other goods and services until it was hauled down by the FBI in October 2013. Labelled the ‘Amazon for drugs’, Silk Road was many people’s first introduction to the dark web. Its alleged mastermind, US physics student Ross Ulbricht, is currently facing charges of soliciting murder, drug trafficking, facilitating computer hacking and money laundering.
He operated under the name the Dread Pirate Roberts, a reference to the infamous pirate in The Princess Bride. In the film, the Dread Pirate Roberts wasn’t one person, but a name handed down from one pirate captain to another, continuing the line. It’s mirrored in real life, with the Silk Road now living on under a new leader. A new version of the site appeared on the dark web in November 2013 and it is still going strong with thousands of products for sale. The people behind it claim it is stronger and more secure than ever.
Then, in late July, the unthinkable happened: Tor was hacked. The network frantically scrambled to close down relays on the network that were attempting to unmask users. The attack, believed to be the work of two university researchers from the USA, targeted people visiting .onion sites. It ran from 30 January until 4 July with anyone who accessed hidden sites during that time likely to be affected. The university researchers had planned to reveal details of their attack at the Black Hat hacking conference in July but pulled out at the last minute on legal advice.
Details of the attack reveal just how complex Tor is. Known as a traffic confirmation attack it works by inserting relays into the Tor network and using them to compare the timing and volume of traffic to try and find pairs of relays on the same circuit. Once the first relay in the link knows the IP address of the user and the last knows the destination of the Tor .onion site, the user can be unmasked. The vulnerability exploited in the attack has now been fixed but concerns have been raised about how anyone can remain anonymous online. For now Tor is the best hope we’ve got.
How to use – and not use- Tor
The Tor Browser is the best and easiest way to use Tor. Available for Windows, Mac and Linux, the Tor Browser, which is a modified version of Firefox, looks and behaves much like any other web browser, complete with address bar and bookmarks. All traffic that passes through the Tor browser will pass through the Tor network, letting you use the internet anonymously.
However, anything you do outside of Tor can and will be tracked and monitored. That means you can’t use Tor to torrent, nor should you use any browser plugins such as Flash or QuickTime. It is also recommended that you use HTTPS whenever possible. Tor automatically forces major websites to load HTTPS by default, but in some cases it might need doing manually. Tor is also unsuitable for downloading files and documents. In particular .doc and .pdf files can download information from outside of Tor, potentially revealing who you are.
The safest way to use Tor is on a Linux computer running no other software, that way you know exactly what is connecting to the internet and how. Oddly, the more people that use Tor the safer it will become. While Tor traffic is impossible to track it is quite easy to spot when someone is using Tor. When more people connect, especially if they live nearby, the harder it becomes to spot what you’re up to.