Connect with us

Hi, what are you looking for?

Internet

Tor review | Is it safe? Can you be tracked? Things to know

Tor review

How is Tor . funded?

Tor is 100% free and open source, although it does accept donations. In a strange twist of fate, Project Tor was developed in the mid-1990s by the US Naval Research Laboratory, in order to help people living under repressive regimes bypass censorship and exercise freedom of expression.

To this end, the project continues to receive significant funding from the United States Government. This is uniquely strange, because other branches of the US government routinely spend large amounts of money, time and resources trying to corrupt the Tor network!

Despite this somewhat strange situation, Tor is still completely independent, and its open source code is still among the most comprehensively and regularly audited in the world. Sensitive to cash, however, Tor has also made great efforts to expand its funding base. For a full list of Tor sponsors, please see here

How does Tor . work?

The name Tor originated as an acronym for The Onion Router, and refers to the way data is encrypted in layers. When using Tor:

  • Your internet connection is routed through at least 3 random “nodes” (servers run by volunteers)
  • These nodes can be found anywhere in the world
  • The data is re-encrypted multiple times (each time passing through a node)
  • Each node is only aware of the IP addresses “in front of it”, and the IP address of the node “behind”
  • This should mean that at no time can anyone know the full path between your computer and the website you are trying to connect to (even if some nodes along the path nodes are being controlled by malicious entities)

The real beauty of the Tor system is that you don’t have to trust anyone. It is designed so that no one can discover your true identity, and (if you connect to a secure website) no one will be able to access your data.

Tor relay circuits are reset randomly every 10 minutes so that your actions cannot be linked to previous actions.

Each node is run by a volunteer, so the more volunteers there are, the more secure the entire Tor network is.

The last node in the chain, the one that connects directly to the wider Internet, is called the “exit node”. Data enters and leaves this exit node unencrypted by default, and can be “seen” by the exit node operator. See later for a discussion of the security implications of this.

Thus, volunteering to run an exit node is a great service to the Tor community, and deals a severe blow to freedom and against oppressive censorship. It is also not difficult to set up.

However, running an exit node means that other Tor users’ activity, including highly potentially illegal activity, will appear to originate from your IP address, which can lead to problems. There is an article on how to reduce risks available on the Tor website.

Get Tor

Tor as an anti-censorship tool

Tor randomly routes your connection to exit through a node located somewhere else in the world. As long as there is little or no censorship in the province where the exit node is located (most exit nodes are in “free” countries), you can access the Internet without censorship.

This ability to evade censorship (which will also avoid lesser censorship measures like school or work firewalls) is a core design feature of Tor. Of course, countries (and other organizations) that are really serious about their censorship try to counter this by blocking access to the Tor network (see below).

Problems

slow tor

As we can see, Tor is designed to be very secure, but this comes at a cost. Your data is routed through at least 3 random nodes that can be anywhere in the world (reset every ten minutes), and is re-encrypted each time (which requires processing power from each node). Results? Tor is slow (see example speed test results later).

If you are fortunate enough to have a fast broadband connection (many countries that can make significant use of Tor do not have this kind of infrastructure), you may not notice this slowdown simply while browsing the web, but there is more likely to be an activity such as streaming content Video can be impossible thanks to buffering issues.

Do not use Tor for P2P downloads (“torrents”)

Not only is torrenting via Tor very slow, but:

  • slows down the network for All Tor users (many of whom rely on Tor for human rights reasons, whose internet connection is very basic in the first place!)
  • Volunteers who run Tor exit nodes can be held accountable for copyright violations that are traced to their IP addresses.

So it is considered very bad shape Torrenting with Tor (a point that may also apply to attempts to stream content).

Banned exit contract

The list of public Tor relays (nodes) is publicly available (see here for an explanation of why). This makes it easy for websites to block Tor users. While it usually isn’t a problem for most users (except for those trying to access geo-restricted services, which always block Tor’s exit nodes), CloudFlare has recently taken a more aggressive stance toward Tor users.

With CloudFlare hosting a very large percentage of websites in the world, Tor users are likely to find themselves increasingly challenged by CAPTCHA and other similar security measures.

Censorship on Tor

Restricted countries with advanced Internet censorship systems (such as China and Iran) try to block all access to the Tor network, using Deep Packet Inspection (DPI) to identify Tor traffic.

In many cases, this can be countered with the pluggable obfsproxy transport tool, which encapsulates data with an obfuscation layer to look like innocent traffic, rather than Tor traffic.

Secretariat & amp; Privacy

I think it’s fair to say that Tor uses a complex encryption system – the main simplified points are highlighted in the box. However, Tor uses the TLS 1.2 encryption protocol at its core.

In December of last year, Tor addressed security concerns about its use of the 1024-bit RSA handshake by implementing highly secure Curve25519 DH elliptic-curve exchanges instead.

Older nodes may still use the RSA-1024 handshake, but it’s worth noting that despite this, Tor’s use of Perfect Forward Secrecy (where new keys are generated for each exchange) should seriously impede any adversary’s ability to hack communications (because they would have to It has to) crack a new key every time a new Tor connection is created).

The data is protected using AES-128. Although much of the VPN industry now uses AES-256, as far as anyone knows, AES-128 remains secure, and in fact has a stronger key table than AES-256. It should also be remembered that Tor traffic is re-encrypted multiple times, providing additional layers of protection.

Those interested in a very detailed analysis of the cryptography used may be interested in this paper by Tor, and this excellent paper by independent analysts. For a friendly discussion of the many encryption terms used here, please refer to the VPN encryption terms described (AES vs. RSA, SHA, etc.).

Weak points

As long as Tor is a magnet for “interesting” traffic, Tor will also be a magnet for those who want to eavesdrop on that traffic.Bruce Schneier.

Almost everyone, from the National Security Agency to President Putin to “white hat” hackers, appears bent on hacking the Tor network and anonymizing Tor users.

Despite some occasional limited successes, the prevailing opinion among experts is that Tor is still fundamentally secure, and that you are more likely to be “caught” by negligence or improper use of the network, than by any major design flaw. .

Anonymity is difficult to achieve, and there is no guarantee that Tor can provide it. However, Tor is a very secure system and has proven itself to be very resilient even in the face of the most sophisticated and well-funded attacks.

In documents released by Edward Snowden, the NSA admitted there were “significant” problems in its attempts to decrypt messages sent through heavily encrypted email providers such as Zoho or in monitoring users of the Tor network.

In short, Tor may not be perfect, but when it comes to protecting your identity on the Internet, Tor is as good as it gets (and that’s pretty good!).

Nobody knows what the NSA can really do, but here are the most well-understood threats to Tor users.

malicious exit contract

As I mentioned earlier, Internet traffic enters and leaves the Tor exit node unencrypted, and can be monitored by anyone running that node. Given that anyone can volunteer to run an exit node, this is clearly a major security issue.

Therefore, it is important to consider the following points:

  • Thanks to the random chain of Tor nodes that your data passes through between you and the Tor exit node, the owner of the exit node cannot know who you are directly.
  • However, you can give up your true identity either directly or indirectly through your online communications or behavior
  • In addition to snooping on your data, malicious Tor exit nodes can execute a man-in-the-middle (MitM), usually redirecting your page request to a fake website.

However…

  • As long as you connect to SSL-secured (https://) encrypted websites, your data remains secure and cannot be intercepted by a rogue exit node
  • And you are immune to any MitM attack

SSL secured websites are increasingly becoming the norm (especially thanks to EFF’s Let’s Encrypt campaign), and as long as you stick to connecting to these sites, you’re safe. If you are Act Connect to unencrypted websites, please be careful about what information you reveal (which is good general internet security advice anyway!).

Research has found that approximately 2.5 percent of all Tor exit nodes are operated by malicious entities. Although the NSA is suspected of operating many of these “corrupt onion nodes,” most appear to be run by petty criminals.

End-to-end timing attack

In 2013, a Harvard student made an ill-advised bomb threat to his campus (in order to get out of school and take a final exam!). He was arrested because, despite making the Tor threat, he made the mistake of doing so while using WiFi on the Harvard campus.

All Harvard security had to do was check their records to see who was using Tor at the time the emails were sent, and the police could then bring him in for questioning (and it’s very likely that Kim was the only person who used Tor at 8:30 a.m. that day).

This anonymity technology is known as an end-to-end timing attack (e2e), and it’s a well-known vulnerability in Tor. However, it should be noted that Kim was only arrested because he made the stupid mistake of connecting to Tor via a campus WiFi network, which is not an issue likely to affect most Tor users.

In order to have any chance of executing a successful e2e timing attack against a Tor user on the open Internet, the adversary would need to control a high percentage of all existing Tor nodes. This is because the more nodes an adversary controls, the greater the chance of correlating the timing of activity in an exit node for an individual’s initial connection to the Tor network.

However, given the large number of Tor users online at any given moment, such a link would require extensive and lengthy statistical analysis.

On the face of it, then, this task seems so difficult that it becomes virtually impossible. No one really knows, however, what organizations like the NSA, GCHQ, Mossad, and even the Mafia, which have virtually unlimited power and a truly global reach, really can.

In theory at least, such an adversary, if determined to put in enough effort and resources to solve the problem, could use an all-out timing attack to de-anonymize the Tor user.

Tor hidden services

Tor was primarily designed as a way to access the open Internet that we all know and love without censorship and without revealing our identity. As it should be obvious by now, the Tor exit node – the node that connects the Tor network to the open Internet – is a major weakness in the system. It can be controlled…

[ad_1]
Don’t forget to share this post with friends !

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related

Internet

AnyConnect certificate-based authentication. Cisco community πŸ‘¨β€πŸ’» The information in this document is based on the following software and hardware versions: ASA 5510 running software...

Internet

AnyConnect: Install a self-signed certificate as a trusted source πŸ‘¨β€πŸ’» kmgmt-2879-cbs-220-config-security-port objective The goal of this article is to walk you through creating and...

Internet

ITProPortal . Portal πŸ‘¨β€πŸ’» We live in a dynamic moment in terms of technology. Even criminals are becoming more technically savvy and are using...

Internet

Download antivirus for free. Best antivirus protection πŸ‘¨β€πŸ’» Protecting your identity, banking information and privacy Cybercriminals want your credit card details, passwords and other...