tor

In our last entry of ‘Anonymity Online’ we talked about some of the options available to you to secure your browsing and help eliminate your tracable footprint on the web. A big portion of that discussion that was left out is the use of Tor – The Onion Router.

What is Tor?

Tor, or ‘The Onion Router’ is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

How does Tor work?

*Courtesy of Torproject.org

How Tor works

To create a private network pathway with Tor, the user’s software or client incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. No individual relay ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can’t trace these connections as they pass through.

Tor circuit step two

Once a circuit has been established, many kinds of data can be exchanged and several different sorts of software applications can be deployed over the Tor network. Because each relay sees no more than one hop in the circuit, neither an eavesdropper nor a compromised relay can use traffic analysis to link the connection’s source and destination. Tor only works for TCP streams and can be used by any application with SOCKS support.

Tor circuit step three

For efficiency, the Tor software uses the same circuit for connections that happen within the same ten minutes or so. Later requests are given a new circuit, to keep people from linking your earlier actions to the new ones.

Options for implementing Tor

A common question I see is, how do I implement Tor? The answer to that depends on personal preference, as there are a multitude of TOR bundles, browsers, and add-ons that can be added into your web browsing security stack with varying degrees of success.

Tor Browser Bundles – There are several browser bundles around that offer fully configured/packaged Tor connections the help ease the transition to a fully Tor encapsulated experience.

Tor Browser – This option is available directly through the Tor Project. It is a fully packaged browser with a multitude of pre-configured options such as a patched version of Firefox, the TorButton addon, etc.

Pirate Browser – This is a bundle package that contains the Tor client (Vidalia), FireFox Portable, the FoxyProxy add-on, as well as some custom configuration to route traffic around censorship limitations of various countries. Please note that this browser is more heavily focused on censorship bypass and use for piracy (in particular, The Pirate Bay) and is not fully configured for anonymity purposes.

Tor Add-ons – Multiple add-ons exist independent of the aforementioned browser bundles that can be used on an as-needed basis. It is recommend that you use a fully configured solution if you are unfamiliar with the inner workings of Tor and the specific add-ons, as each add-on performs a very specific function, and will not necessary do everything that you need in a given situation.

Torbutton – Torbutton takes care of application-level security and privacy concerns in Firefox. To keep you safe, Torbutton disables many types of active content.

Vidalia – Vidalia is a cross-platform graphical controller for the Tor software, built using the Qt framework.

Arm – The anonymizing relay monitor (arm) is a CLI status monitor for Tor. This functions much like top does for system usage, providing real time statistics for resource usage, general relay information, event log, connections correlated with Tor census data, and torrc config file with syntax highlighting and validation.

Orbot – Orbot is a Tor proxy app for mobile devices that allows for connection to the Tor network

Torbirdy – It may also work with other non-web browser Mozilla programs

Tails – Tails is a live operating system that you can start on almost any computer from a DVD or a USB stick.

Tor2Web – Tor2web enables anonymous exposure of a Tor Hidden Services hosted website, making it reachable from the internet.

Tor Cloud – The Tor Cloud project gives you a user-friendly way of deploying bridges to help users access an uncensored Internet

Shadow – Shadow is a unique, open source discrete-event network simulator that runs real applications like Tor.

Obfsproxy – Obfsproxy is a tool that attempts to circumvent censorship, by transforming the Tor traffic between the client and the bridge.

Onionoo – Onionoo is a web-based protocol to learn about currently running Tor relays and bridges.

FoxyProxy – FoxyProxy is a set of proxy management tools for Firefox and other mozilla products that can be used in tandem with other Tor add-ons.

Implementing the Tor Browser Bundle

Below is a run down of how to implement the Tor Browser in Ubuntu 13.04. Installer packages are available for various other systems (Windows, Mac, Linux) but as always we will be focusing on Linux.

  1. Visit torproject.org and download the version of the Tor Browser Bundle applicable to your Operating System (ex. tor-browser-gnu-linux-i686-2.3.25-12-dev-LANG.tar.gz
  2. Extract the package archive using the following command: tar -xvzf <tor version>.tar.gz
  3. Browse to the correct directory: cd <tor-browser_LANG>
  4. Run the Tor Browser script: ./start-tor-browser
  5. This will then start Vidalia and connect to the Tor network, at which point Firefox will be launched. WARNING: Do NOT run TBB as Root

 

Troubleshooting Tor Browser

Upon initial installation, you are tasked with running the Tor Browser. Often times, you will run into directory ownership issues caused by root owning the Tor Browser directory. This can be fixed as follows:

  1. sudo chown -R <username> <Tor Directory>
  2. Example of the vidalia error caused by improper permissions