The Onion Router

onion router

Tor is an overlay network that lets you browse and use other TCP based services anonymously. Normally if you use a secure tunnel an observer can still see the destination and origin ip addresses; They may not be able to tell what the payload is, but they will be able to tell who is talking. Onion routing uses a series of encrypted hops to hide this information. The Tor client creates unique routes through a network of Tor nodes. First the client contacts a node and negotiates an encryption key with it. Once that link has been established the client instructs that node to contact another and get the next key. Once all of these keys have been collected the client can begin encrypting its information. The payload is encrypted by each key in route order. When the first node decrypts the payload it determines where to send it next. The encryption is removed one layer at a time as it travels along the route arriving at its destination fully decrypted.

Tor recently reached 100 verified nodes. If you’ve got some spare bandwidth why don’t you set up a node of your own. You can even use Tor to provide anonymous web services. Of course using Tor will make it more difficult for sites to show you “singles in your area”, so make sure you consider the consequences.

18 thoughts on “The Onion Router

  1. I’m in China, and I use Tor to access parts of the Internet that are blocked by the mythical “Great Firewall of China” (For example, all of .blogspot.com is blocked by my home and work ISPs). It’s a nice side benefit of using Tor.

  2. that’s good to know that tor is getting some real practical use, and isn’t just being used by the tin foil hat community, information ought to be free, and privacy should be a right (i think there was an amendment here in the states that protected it at one point.) Anyway, keep using it darren, and tell anyone you can about it.

  3. Tor is pretty neat. I’ve been testing it out here @ work and it functions exactly as it claims from what I can tell.

    I wish the tech would be expanded. The ability to run a web server through tor would kick ass. The server’s ip would constantly change though, that would pose some DNS problems.

  4. The problem with Tor is that it’s fairly easy to detect and harvest nodes. Thus it’s no use in any regime that simply makes running it in the first place illegal. Also the outproxying to the “real” net, although cool, should be a considerable concern for prospective node operators … I know for a fact Tor was used to crapflood Slashdot till malda banned all the public IPs, and that’s pretty harmless compared to the cracking, spamming etc that is probably done through it.

    I2P is almost as easy to harvest btw.

  5. I’m all for privacy. But at some point, someone will start abusing it and you will have tons of hack sites, terrorist sites, and child pornography sites and there will be no way to trace who’s visiting those sites.

  6. re 6: Would you prefer that people weren’t allowed to write sites like that? If so, then where do you draw the line? Who would decide which sites are suitable and which are not? All of a sudden you start getting a situation like you have in china, where one body (the government, in this case) is deciding exactly what people should and shouldnt see. not that I’m standing up for child pornography, here, but freedom of speech means that other people can say what they think without repression, even if you personally find their views offensive.

  7. i don’t think i suggested a ban of free speech anywhere in my post. i was simply making the point that we have to consider both the good and bad of such technologies. you just took it too far.

    i don’t know what country you’re from, but last i checked the laws in the US, child pornography is still ILLEGAL. perhaps your sense of the word illegal is different from mine, but as far as i know, it means you are not allowed to distribute such contents;offensive or non-offensive. as much as you seem to hate it, we still live in a country with a governing body. the 1st amendment also came from that same governing body. if you embrace the 1st amendment, then you should accept all the other laws established by that same body. you don’t really get to pick and choose.

    a lot of people take the 1st amendment way too far and way out of context.

  8. Dude. If you would take the time to actually pay some attention to the damned articles, each one has a link under ‘read’ at the bottom left of the text.

    Tor is a great idea – rather than just using privoxy or some other software and having to create a proxy list that’s constantly changing and runs the risk of losing your isp.

  9. I have a problem, My ISP can see what is transfered over my connection. (For discussions sake I downloaded puppydogs, and my ISP is very Anti-puppy dogs) Anyway, do you guys think that This would eliminate the problem of my ISP being able to watch my downloads?

  10. More of a question than a comment. I have downloaded everything suggested and think this is what im after. I wish to join a forum but not have them know my ip details. I understand the tor proxy will hide my real email address. To register with the site I must submit my email addresss to get an activation code. Will they get my true ip from the email address ? and is there anyway around this? eg hotmail.

    I realise this may be posted in the wrong area but ive spent hours reading stuff I dont really understand. If you move it would you be kind enouight o let me know where to ? the supplied email address does work.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s