In this post, we will go through what Tor does and does not do and what is Tor designed for and what it will and will not protect you from. So without a special configuration, Tor, one of the most secure browsers, is designed to do the following –
- It anonymizes the browser’s connection to Web sites and that’s the browser only, you have to specially configure other applications to use the TOR proxy if you want them to use Tor. So after installing only the Tor browser uses Tor, don’t make the mistake of thinking all the applications now go through tor just because you’ve installed the Tor browser. That’s not the case, it’s only the tor browser that goes through Tor unless you make special configuration.
- It focuses on protecting the transportation of data only and it prevents your Internet service provider or local network form knowing what sites you are visiting
- It prevents a site you are visiting from knowing who you are unless you tell them in some way like by logging in, like if you go to Facebook via Tor and log in as yourself. That’s pretty pointless.
- It prevents tracking because sites have no idea if you visited the site before since you are coming from different IP addresses and you are not maintaining tracking information within the browser.
- It can help you evade censorship and it allows you to access the tor dark net or hidden services via the .onion addresses.
What Tor does not protect you from
- Tor doesn’t prevent your ISP or local network or country or whoever is watching from knowing that you use tor unless special configurations are made. This is because tor is a distinctive SSL/TLS connection and with deep packet inspection Tor traffic can be identified. You can use bridges, change VPN, pluggable transports and other work arounds to avoid this detection which we will cover shortly.
- Tor does not prevent a site you are visiting from knowing you are using tor since the Tor exit relays are known and the Tor browser has a unique fingerprint.
- Tor does not make applications other than the Tor browser use Tor so anything you download like for example a PDF or executable once downloaded and accessed or run, it could reach out and deanonymize you as it won’t go through the tor network. It can just reach out connect to a server of some sort or then that server is going to know your real IP address and where you’re coming from.
- Therefore it is not going to protect you from issues related to add ons and extensions that you install, it’s not recommended to install any other extensions or add ons. And there’s no protection from malware that is on a Web site or especially on your laptop. It also offers no protection from your operating system being compromised and no protection from hardware compromises, its not going to prevent someone watching over your shoulder.
- There is no protection from man in the middle or man on the side attacks, there’s no protection from attachments. It doesn’t remove personal information from documents if you’re going to send them. And there’s no protection from doing something stupid like logging into a web site and thinking your circuit is still anonymous when you’ve logged in as your real identity.
How to properly use Tor
First one is use the Tor browser. There are many ways that a normal browser can be manipulated to give up your privacy and anonymity so you have two choices. Either use the tor browser or harden a browser yourself or you could find another alternative hardened browser, however, the tor browser is the easiest option and the better option for Tor security privacy and anonymity.
The Tor Project also states that if you try to use another application like for example your email client with Tor it is risky because it might leak information like DNS. I’m sure a lot of people consider Tor for torrenting and unfortunately, torrents are leaky. And if you take a look at this there’s a good post on it and a research paper if you want to understand more. Basically what they say is that torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told not to, I mean by direct connections is connections not going over Tor even if your torrent application connects only through Tor. You will often send out your real IP address in the tracker get request because that’s how torrents work plus you slow down the Tor network which they don’t really appreciate.
The next one is don’t enable or install browser plug ins and that will apply to extensions as well so dont install any add ons or extensions to the tor browser as this will alter your browser fingerprint and uniquely identify you and those extensions or add ons could make you more vulnerable as they could be a platform for attacks. So don’t do it unless you really know what you’re doing.
And the next one is use HTTPS versions of Web sites, as it states tor will encrypt your traffic to and within the Tor network and the encryption of the traffic to the final destination Web site depends upon that Web site. i.e. you have to be connecting to an HTTP website. You have to use HTTPS or end to end encryption to stop the exit node seeing all your traffic which is pretty obvious and in fact anyone who is observing the exit node traffic can also read the traffic if it’s not encrypted and remember it’s not just that they can read your traffic if it’s not encrypted they can inject malicious code into the traffic as well if they are a man in the middle once it has left the exit node.
The next is don’t open documents downloaded through Tor while online. There’s no protection from attachments using Tor which we’ve already mentioned. The usual precautions for any downloaded file should obviously be taken as if you just open a file you can just connect out and not go via Tor so don’t do it.
Hardcoded into every Tor client is a list of 10 directory authorities or DAs. These DA’s are distributed around the world and are in charge of distributing an ever-changing master list of all known tor relays and their capabilities, this list is called the consensus.
The directory authorities play a very important role as they are the gatekeepers that choose what relays are valid and when. By default as you know Tor bounces connections through three relays and this circuit is chosen at random based on the bandwidth that is available in each country although you can manually configure the choice of relays if you wish however it is not recommended. Trust is distributed and there is no central ownership because it is an open network so anyone including your adversary can run these relays although there is a vetting process but because of the onion routing they cannot see the full circuit even if they own a relay. If they own three relays they would be able to see the full circuit but they wouldn’t necessarily know that it was you going in and you going out unless they performed a correlation attack.
Each relay has a certain role. The entry or GUARD relay is the entry point to the Tor network. Relays are selected to serve as guard relays after being around for some time plus they sholud be stable and have a high bandwidth
The middle relay is used to carry the traffic from the entry or guard relay to the exit relay. This prevents the entry/guard and exit relay from knowing each other
The exit relay is the exit point at the edge of the Tor network. These relays send the traffic to the final destination intended by the client and the exit relay can see the data sent by the client since they have to pass that data to the destination. So if sensitive data is passed unencrypted say over HTTP, FTP or similar cleartext protocols, the exit relays can sniff the traffic and they can even inject malicious code into the traffic which is a known vulnerability and It is not part of the tor designed to protect against.
Running a Tor Relay
You personally can volunteer to run a tor relay if you have your own server or VPS, a sensible question to ask might be doing you get more anonymity if you run your own relay because lots of traffic would go through your relay so surely this would make it harder for an adversary to know what traffic belongs to you and what traffic belongs to someone else? Well, the answer depends on the type of attacks you’re expecting which we will cover in the near future so until we assess the various attacks you can read here what the Tor Project has to say on running your own relay and whether this makes you more anonymous
Personally I’m not really sure either but what I do know is it’s always good to uninteresting and running a relay is definitely interesting to an adversary and I would never recommend doing it from your home either. You are less likely to get complaints from your provider if you run a guard or middle relay as all they would see is encrypted traffic. On the other hand running an exit node is a risky business as you have no control over what traffic goes through it and out of it unencrypted onto where. You may get served with a copyright violation notice, sued or even get a knock at the door and arrested. It does happen!
if you are thinking about setting one up check out this for configuring a tor relay on Debian or Ubuntu. if you are going to run one, the best thing to do is be very open about it so you can justify the traffic as not being your own. The Tor Project helps a lot with this so if you are going to run one check this out, understand the legal side of being a relay operator. The Tor Project should provide guidance on any legal issues but it is, of course, your own risk but it is good if you can support the Tor Project.