How to browse anonymously with Tor

No readers like this yet.
screenshot of tor site

Opensource.com

Seems like every couple of months, a major security breach story hits the news — and I don't mean thieves cracking into Sony's account servers; I mean the police breaking down some dissident's door in a political trouble-spot, or even companies like Apple and Google tracking everything you do without your knowledge. Want to throw a wrench in attempts to track your online life? Have a look at Tor.

Simply logging out of pervasive Web services like Google and Facebook isn't sufficient to protect your anonymity online, however. Annoying advertisers, crooks, and Big Brother can still track you through cookies, JavaScript tricks, and straight-up IP address logging — at least, if you're using a run-of-the-mill Web browser. That's what Tor can help you out with: Tor is a virtual network that funnels your HTTP traffic through an encrypted, distributed network of volunteer-run nodes. Your page requests enter the Tor cloud cloaked in SSL encryption, so no one monitoring you can track your activity, and they come out at a random endpoint that cannot be connected back to you.

There are a lot of people on the Internet for whom this is critical functionality. Anyone living in — or visiting — a country where the state monitors communications might need to keep prying eyes away from his or her online message board visits. People facing threats or harassment and employees in danger of reprisals need to protect themselves. Companies may need to keep the locations of their remote workers secret (which a VPN alone cannot do) or browse the competition's Web site without being noticed. And the general browsing public may need to simply get away from the constant profiling and tracking by commercial companies.

Tor has its origins in a US Navy research project, designed to keep classified communication channels secure. At one point, the name was an acronym for The Onion Router, which helps most people understand how it functions. Requests from the browser (or other service; Tor works with chat, IM, and other applications as well) take a randomly-selected path between Tor nodes, each step of which is encrypted. Because there are multiple layers or encrypted forwarding (there's the onion metaphor), it is impossible to associate any single hop with any originating request. Also akin to the metaphorical onion, each layer is completely separate from those on either side of it: a Tor node doesn't know where a request it is funneling came from, or where it will ultimately arrive.

Of course, Tor only masks the origin and endpoint of the HTTP request: the contents of the request could very well reveal your identity to the site you are reading or to an eavesdropper on the site's end of the connection. Imagine, for example, that you use Tor to log in to a persistent service like Gmail: someone snooping on your Wi-Fi access point might not be able to tell that you've logged in, but if they know you they could still see you appear as "online" in Google Chat. What's far worse is that JavaScript apps can undermine your privacy by caching trackable info to send when you're not looking, and interactive plug-ins like Java and Flash initiate their own connections, bypassing the user's control altogether. So getting the most out of Tor isn't exactly trivial, but it is still easily doable.

Read the rest of this post on linux.com.

User profile image.
For the community, by the community, Linux.com strives to be the central source for informed, reasonable, and intelligent Linux information, software, documentation and answers across the server, desktop/netbook, mobile, and embedded areas.

1 Comment

good

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 3.0 Unported License.