The Onion Router

onion router

Tor is an overlay network that lets you browse and use other TCP based services anonymously. Normally if you use a secure tunnel an observer can still see the destination and origin ip addresses; They may not be able to tell what the payload is, but they will be able to tell who is talking. Onion routing uses a series of encrypted hops to hide this information. The Tor client creates unique routes through a network of Tor nodes. First the client contacts a node and negotiates an encryption key with it. Once that link has been established the client instructs that node to contact another and get the next key. Once all of these keys have been collected the client can begin encrypting its information. The payload is encrypted by each key in route order. When the first node decrypts the payload it determines where to send it next. The encryption is removed one layer at a time as it travels along the route arriving at its destination fully decrypted.

Tor recently reached 100 verified nodes. If you’ve got some spare bandwidth why don’t you set up a node of your own. You can even use Tor to provide anonymous web services. Of course using Tor will make it more difficult for sites to show you “singles in your area”, so make sure you consider the consequences.

14 thoughts on “The Onion Router

  1. that’s good to know that tor is getting some real practical use, and isn’t just being used by the tin foil hat community, information ought to be free, and privacy should be a right (i think there was an amendment here in the states that protected it at one point.) Anyway, keep using it darren, and tell anyone you can about it.

  2. Tor is pretty neat. I’ve been testing it out here @ work and it functions exactly as it claims from what I can tell.

    I wish the tech would be expanded. The ability to run a web server through tor would kick ass. The server’s ip would constantly change though, that would pose some DNS problems.

  3. The problem with Tor is that it’s fairly easy to detect and harvest nodes. Thus it’s no use in any regime that simply makes running it in the first place illegal. Also the outproxying to the “real” net, although cool, should be a considerable concern for prospective node operators … I know for a fact Tor was used to crapflood Slashdot till malda banned all the public IPs, and that’s pretty harmless compared to the cracking, spamming etc that is probably done through it.

    I2P is almost as easy to harvest btw.

  4. re 6: Would you prefer that people weren’t allowed to write sites like that? If so, then where do you draw the line? Who would decide which sites are suitable and which are not? All of a sudden you start getting a situation like you have in china, where one body (the government, in this case) is deciding exactly what people should and shouldnt see. not that I’m standing up for child pornography, here, but freedom of speech means that other people can say what they think without repression, even if you personally find their views offensive.

  5. i don’t think i suggested a ban of free speech anywhere in my post. i was simply making the point that we have to consider both the good and bad of such technologies. you just took it too far.

    i don’t know what country you’re from, but last i checked the laws in the US, child pornography is still ILLEGAL. perhaps your sense of the word illegal is different from mine, but as far as i know, it means you are not allowed to distribute such contents;offensive or non-offensive. as much as you seem to hate it, we still live in a country with a governing body. the 1st amendment also came from that same governing body. if you embrace the 1st amendment, then you should accept all the other laws established by that same body. you don’t really get to pick and choose.

    a lot of people take the 1st amendment way too far and way out of context.

  6. Dude. If you would take the time to actually pay some attention to the damned articles, each one has a link under ‘read’ at the bottom left of the text.

    Tor is a great idea – rather than just using privoxy or some other software and having to create a proxy list that’s constantly changing and runs the risk of losing your isp.

  7. I have a problem, My ISP can see what is transfered over my connection. (For discussions sake I downloaded puppydogs, and my ISP is very Anti-puppy dogs) Anyway, do you guys think that This would eliminate the problem of my ISP being able to watch my downloads?

  8. More of a question than a comment. I have downloaded everything suggested and think this is what im after. I wish to join a forum but not have them know my ip details. I understand the tor proxy will hide my real email address. To register with the site I must submit my email addresss to get an activation code. Will they get my true ip from the email address ? and is there anyway around this? eg hotmail.

    I realise this may be posted in the wrong area but ive spent hours reading stuff I dont really understand. If you move it would you be kind enouight o let me know where to ? the supplied email address does work.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.