93. Leaving no traces with Tor
By Andrew D. Wright
You are far from home and you need to use the Internet to communicate with
someone privately. Maybe you're a sales representative in a competitive
field, maybe you're a member of the Canadian Forces stationed overseas.
You're smart, so you know to encrypt your message. You might be logging
into a home server over a Virtual Private Network (VPN), using an https://
web page address, or encrypting your text with PGP or GPG. The content of
your message is secure.
What is not secure is where you are and who you are talking to. Your data
packets carry the time and IP address you are at and the destination they
are headed to. Statistical analysis of your encrypted data can be very
revealing.
Tor is a network of onion routers and free software to use them, available
for Windows, Macintosh OS X and Linux/Unix/BSD.
Data packets are sent through a randomized series of onion routers rather
than taking a direct route from one place to another. The data packet is
wrapped in multiple encrypted layers, like the way an onion looks, hence
the name.
Each onion router can unwrap only one layer of the data packet and send it
on. The next onion router in turn only knows that the data came to it from
one onion router and it can only unwrap the next encrypted layer to know
where to send the data packet.
Data enters the Tor network, gets bounced around from onion router to
onion router until finally the last layer of the onion is decrypted and
the data is passed on to its final destination.
To the destination the data packet looks like it originated with the final
Tor router in the chain. From someone observing the sender's connection,
data is being sent to various Tor routers with no way to tell where it is
going after that. Only someone able to monitor both the sender connection
to the Internet and the destination connection to the Internet would be
able to infer, through statistical analysis of the traffic, that some
communication had occurred.
Tor can be used to obscure both ends of an Internet transaction so neither
sender or receiver could be identified by any third parties.
A useful addition to the free Tor software is the free Privoxy software,
which acts as a web proxy, securing outgoing data such as web browser
identification strings, DNS requests and tracking cookies as well as
blocking popup ads.
When asked about Tor being used for illegal purposes, the developers make
the point that the bad guys already have better security than Tor can
provide because since they are already willing to break the law they can
just steal access to other peoples' computers or accounts to disguise
themselves.
According to them, Tor is meant to level the playing field so ordinary
people can have anonymity when they need it, whether it is a reporter
talking to a confidential source or an aid worker overseas who needs to
communicate with their employer discreetly.
Tor (free): http://tor.eff.org/
Privoxy (free): http://www.privoxy.org/
Torpark (Mozilla Firefox + Tor: free): http://torpark.nfshost.com/
The Mousepad runs every two weeks. It's a service of Chebucto Community
Net, a community-owned Internet provider. If you have a question about
computing, email mousepad@chebucto.ns.ca or
click here. If we use your question
in a column, we'll send you a free mousepad.
Originally published 2 July 2006
