Tor has been a well-known tool for online anonymity for the better part of the last twenty years. However, it is still relatively unknown to general users and remains a niche application used mostly by geeks and technology enthusiasts. So, today, we will tell you what is Tor and onion routing. We will also look at all the benefits and drawbacks of the Tor Browser, as well as some the major controversies surrounding the technology.

Onion routing has been around for decades as a free, decentralized, peer-based communication technique over the world wide web. Tor, the most well-known implementation of the onion network, has also been in use since the early years of this millennium. It is one of the best ways to maintain anonymity online. So here’s what you need to know about Tor, onion routing and online privacy.

  • What is Tor?
  • What is Onion Routing?
  • Origins and Implementations
  • Applications
  • Tor Browser
  • Platforms and Availability
  • Drawbacks, Controversies and Criticisms
  • How Tor Can Aid Your Online Privacy
  • Frequently Asked Questions

What is Tor?

Tor is an open-source, decentralized privacy network that enables users to browse the web anonymously. Short for ‘The Onion Router’, it is a secure, encrypted networking protocol to ensure online privacy. It does so by using ‘onion routing’ – an anonymity technique that transmits data through a series of layered nodes, or servers, to hide the user’s IP address from not only the website or service being accessed, but also government agencies and organizations trying to monitor network traffic. It also prevents the ISP or others from snooping on the user’s online activities.

Onion routing is a technique for anonymous communication over a computer network by using a series of random “nodes”, or servers, to relay messages. Unlike regular proxies or VPNs, which typically use a single server to route your communication, onion routing uses multiple (largely crowdsourced) servers. This makes it incredibly difficult for would-be eavesdroppers to trace the original sender.

Origins and Implementations

Onion Routing, the underlying anonymity technique for Tor, was initially developed in the mid-1990s by the US Navy for confidential government communications. Paul Syverson, a computer scientist working with the US Naval Research Academy, is widely credited as being the inventor of Onion Routing. The research was subsequently published in the IEEE journal of communications in 1998.

Tor enables users to access any website or online service they can access on the ‘clearnet’ (regular web). In addition, it also allows users to access the ‘hidden web’ that contains websites with a .onion top-level domain (TLD) name, designating an anonymous onion service. Part of the so-called Deep Web, .onion addresses are not actual DNS names, and the TLD is not in the Internet DNS root. These sites can only be accessed by routing traffic through the Tor network. It can be done either by using the Tor Browser or through the standalone Tor client.

The Tor Browser is the official web browser developed and distributed by the Tor Project. Based on the source code of Mozilla Firefox, it is a free and open-source software that retains many of the privacy features of its parent, but comes with a built-in Tor client that starts by default every time you fire it up. It is known to be used not only by ordinary privacy-conscious users, but also by journalists reporting on sensitive matters, political activists fighting against repressive regimes and whistleblowers fearing adverse repercussions for their revelations.

The Tor Browser is available on Windows, Linux, macOS (download for desktops), and Android (download from Google Play). There is no official version of Tor for iOS yet, though The Tor Project recommends the Onion Browser on iPhones and iPads (download from the App Store). It is also not officially available on Chrome OS, but you can use the Android app on Chrome OS. Other privacy-focused applications, like Brave Browser, also recently implemented Tor integration to boost privacy. Tor Browser on Android

Tor has been praised by technologists, privacy advocates, and human rights groups for providing anonymity to political activists living under repressive regimes, and general web users seeking to circumvent censorship. However, even as free-speech advocates heap praises on it for bringing digital privacy to activists and reporters, the technology has its own share of detractors, who criticize it for various reasons.

Some believe that it is not as safe as The Tor Project claims it is, citing the US law-enforcement’s actions against onion sites, such as web-hosting company, Freedom Hosting, and notorious dark web marketplace, Silk Road. Others, mainly government agencies like the US National Security Agency (NSA), have criticized the technology, calling it a “major threat” to its monitoring of terrorists and other potential security threats.

Contrary to popular belief, Tor itself isn’t anonymous enough. Like other low-latency anonymity networks, Tor does not protect against the monitoring of traffic entering and exiting the network. As a result, the network is theoretically susceptible to exit node eavesdropping, traffic analysis attacks, mouse fingerprinting and circuit fingerprinting, among other vulnerabilities.

Another major disadvantage of Tor is sluggish connection speeds, which is a product of how the technology is designed. Since traffic in Tor is relayed through so many nodes, it can take a while to load website content. This can be frustrating even for seasoned users who know what to expect. Like torrent, the speed depends on the number of nodes and increases with the number of users hosting a relay.

Some websites and online service providers block access to Tor or require users to fill in Captchas before they can access the site. Premier CDN service provider, CloudFlare, routinely uses Captchas and other restrictions on traffic coming through the Tor network, citing malicious traffic. While it is an essential protection against possible DDoS attacks by botnets, it can further reduce the surfing experience for users.

4. Poisoned Nodes

While cases of users being de-anonymized because of a Tor vulnerability are almost unheard of, law enforcement agencies and hackers can still monitor users for surveillance or espionage purposes by running ‘poisoned nodes’, or gateways that are created specifically to monitor Tor traffic. For example, an attacker running two poisoned Tor nodes – one entry and one exit – will be able to analyze traffic and identify the tiny fraction of users whose circuit happened to cross both of those nodes.

With tens of thousands of nodes operating, the chances of getting de-anonymized because of poison nodes are less than one in a million. When Tor users are arrested for abusing their anonymity to commit crimes, it is often due to human error rather than any inherent weakness in the core technology.

Q. Why does Tor take so long to load sites?

By design, Tor relays your traffic through volunteers’ servers in various parts of the world. That creates its own bottlenecks and increases network latency. You can help improve the speed of the network by running your own relay.

Q. Is Tor safe?

Tor is free and open source, and is routinely audited by experienced programmers and volunteers from around the world. As such, it is one of the safest and most secured ways to enhance your privacy online. However, do note that it does not protect all your internet traffic. It only protects applications that are properly configured to send their Internet traffic through Tor.

Tor is not illegal anywhere in the world, so using Tor by itself is fine. If anyone running a relay node gets into trouble over abuse issues related to third-party users, they can resort to a web service called Exonerator that can check if an IP address was a relay at a given time. The Tor Project also provides a signed letter to back that up.

Tor is used by technologists, privacy advocates, and ordinary users to preserve their online anonymity and digital privacy. It is one of the main tools of secured communication for political activists living under repressive regimes and general web users seeking to circumvent censorship.

Tor uses an anonymity technique called ‘onion routing’ that transmits data through a series of layered nodes to hide the user’s IP address from not only the website or service being accessed, but also government agencies or organizations trying to monitor network traffic.

Tor hides your location, your IP address, and other personally-identifiable information. The exit node only gets to see your user agent (browser), which, by itself, is not personally-identifiable data. However, other apps on your PC, including browser add-ons, website cookies and other software, might reveal more about your identity. Which is why, you should use the Tor Browser, which comes with built-in safeguards against such issues.

Q. Is it safe to use Tor on Android?

The Tor Browser on Android uses the same onion routing technique as the desktop clients. So yes, it is as safe on Android as it is on any other platform.

As long as everything is correctly configured, Tor leaves no trace of your online activities on your computer or anywhere else.

Both your ISP and the website(s) you’re visiting will know that you’re using Tor. However, your ISP will not be able to detect which services you’re connecting to, nor will the website be able to tell who your are and where you’re connecting from. It is the same with VPNs, proxies and other anonymity networks.