Who's using Tor or a similar service here? Is it daily, or a case by case basis? Why do you use it? Just curious, always wanted to try Tor but I feel safe from tracking, (main reason for me to think about using tor), with the extensions I have on my browser, or does that not matter?
What extensions are you referring to?
i have disconnect, adgaurd, https everywhere, and privacy badger
Disconnect, adguard, and privacy badger are just going to disable scripts and block cookies from third party advertisers. https everywhere forces web connections to use SSL/TLS encryption via https, rather than clear text http, if the website supports it, and it's in the https everywhere database of supported sites.
I use https everywhere, and privacy badger as well, and I think they're great. However, they're not going to do what Tor does.
When you connect to a site, say https://teksyndicate.com with your described setup, your connection will be encrypted, because tek syndicate uses https. However, if your ISP is monitoring you, or intelligence agencies like the NSA or GCHQ are monitoring you, they will see that you are connected to https://teksyndicate.com. However, they will not see what you are viewing, because the data is encrypted.
Likewise, your IP address is almost certainly logged on teksyndicate's server, so they can see what your IP address is.
Tor seeks to make these last two issues disappear. In simple terms, Tor uses clients, relays, and exit nodes. When you use Tor as a regular client, you just use the Tor network. When relay, you relay the traffic, when exit, the traffic sent through the Tor network exits through your internet connection.
So the way it works is kind of like those little Russian dolls. The ones where you open a doll, inside it is a smaller doll. Open that one, a smaller one is inside, etc. Keep this in mind.
So let's say you're running Tor as a standard client, (you are W, for walterloco) and you want to visit teksyndicate.com (T). Your client will choose two relays out of a pool of relays, and an exit node out of a pool of exit nodes. Let's say these are our pools.
Relays - R1, R2, R3, R4, R5, R6, R7, R8 ,R9, R10
Exits - E1, E2, E3, E4, E5
So you make a web request for https://teksyndicate.com, and two relays and an exit are chosen. All the connections are encrypted, with the exception of when the request is for an http site, then the connection from the exit to the site itself is unencrypted.
= denotes encrypted traffic
- denotes unencrypted, plain text traffic
So the building of the circuit goes like this.
W == R7
R7 receives your request, decrypts it, and sees that it's supposed to forward it to the next node.
W == R7 == R2
R2 decrypts, and sees to forward to the exit node
W == R7 == R2 == E3
E3 receives, decrypts, and sees that the request is ultimately for T, so it completes the connection
W == R7 == R2 == E3 == T
So they call this process of decrypting the first layer, seeing where to forward it, decrypting/forwarding etc. onion routing. And the way Tor works makes it so, for the relay nodes and the exit node, they only know the IP address of the previous node, and the following node. No node can know the entire circuit. Furthermore, T doesn't know the IP address of W, only E3. If your ISP or an intelligence agency were monitoring you, they wouldn't know you were visiting T, they would only know you're using the Tor network.
Worth mentioning is the case where you might visit a website that doesn't use https. Let's just say teksyndicate doesn't for this example. Then it would look like this
W == R7 == R2 == E3 -- T
Now everything previously stated still applies, however, E3 can now snoop on the traffic, because the connection from E3 to T is unencrypted. If you were to say, log in to tek syndicate's forum and they didn't use https, E3 could probably get your login details. They could also modify the data you requested and send it back to you, infecting you with malware.
This is just a very simplified explanation of how Tor works, and I didn't mention hidden services, which attempts to conceal the IP address of a web server from visitors, thereby making the website anonymous in addition to the visitors.
Tor has it's uses, but it's not perfect. There are potential attacks that can be conducted. Timing correlation attacks can be performed if adversaries control both R7 and E3, and the feds and intelligence agencies are almost certainly sitting on some sort of exploit or technique used to deanonymize hidden service web servers. Just look at the recent news regarding Carnegie Mellon, and look in the past history regarding Silk Road, and Freedom Hosting.
The greatest risk when it comes to Tor is for hidden service web site operators, in my opinion. I absolutely would not host a hidden service site, especially if I were doing something illegal. Time and time again they have been found by law enforcement agencies, and sites which grow to notoriety, such as large dark web drug markets like the Silk Road, are going to be huge targets for law enforcement.
As far as how you could use Tor, well, how you shouldn't use Tor is to log into accounts like facebook, tek syndicate, banking accounts, etc. Absolutely DO NOT do this. However, if you wanted to visit clear-net (non hidden service) web sites without your ISP or intelligence agencies knowing what sites you're visiting, or the sites themselves knowing you're visiting them, you could use Tor for this purpose, and if this were the case I would strongly recommend using the TAILS operating system.
You can read more about Tor, and TAILS, here.
https://www.torproject.org/
https://tails.boum.org/about/index.en.html
4 Likes
I use tor daily. I enjoy my privacy and I like reading about anarchy and escaping the matrix. I also use i2p for email and IRC, again for the same reasons. I2p is also good for tunneling, I use it to tunnel ssh or proxy traffic sometimes. My rule of thumb is to use tor for the outside world (except email) and i2p for everything else.
great explanation, thanks
You're welcome.