Tor: Privacy Upgrade or Mask for Criminals?

Down the Clickhole: Exploring the Deep Web

Chapter 2: Tor: Privacy Upgrade or Mask for Criminals?

If you wish to remain anonymous online, Tor is for you. In chapter 1 we briefly defined Tor and a few of its uses. In this chapter, we’re taking an in-depth tour of Tor, understanding what it is and its role on the deep web.

“Tor” is short for “The Onion Router”, which was released in September 2002. Tor is used to direct Internet traffic through a free online network consisting of over 7,000 relays to hide a user’s physical location and usage though network surveillance. Tor makes it virtually impossible for anyone to see your webmail, search engine history, social media activity, or other web activity for that matter.

How does Tor work?

Tor operates thanks to thousands of volunteers over thousands of servers worldwide. Data is encrypted and bundled into a “data packet” when it is placed on the Tor network. Data packets are any kind of data sent online, like an email or instant message. Tor then anonymizes the packet by stripping part of the packet header, which contains information that could tie the packet to the sender.

The packet’s wrapper is encrypted and the packet can move anonymously around the network. Typical internet connections cannot encrypt or strip the wrapper like Tor can. The modified data is routed through several servers along the way to its destination. Bouncing around multiple servers rather than moving directly to the destination greatly complicates any tracing attempts.

How to download Tor

You can download Tor on any OS, even your smartphone by visiting the Tor download site – it works on Windows, Apple, Linux, and smartphones. Switching to Tor isn’t as simple as switching between Chrome and Firefox – Tor will require you to change your online habits. For instance, you will probably need to configure individual apps to send web traffic through Tor. Depending on how many apps you have that use an internet connection, this can be a tedious process, but remember, you only need to set it up once.

Should Tor be used for regular browsing?

Tor is widely used by privacy advocates and activists, reporters who wish to protect their sources, and a community of cybercriminals, who can operate with anonymity. Users also include “normal people” who are tired of being bombarded by online ads, and other annoying junk web mail. The five most popular countries for Tor relay users are the U.S., Russia, Germany, the UAE, and France. Due to its strong encryption, Tor is recommended for people concerned about privacy. With so many security breaches of private data, Tor can serve as a safety net in your multi-layered online security suite. While its privacy is welcomed, many complain that it’s often slow.

Alternatives to Tor

Tor isn’t for everyone. If you determine that it’s not the browser you’re looking for, several alternatives exist. FreeNet is one of the top Tor alternatives. FreeNet utilizes Darknet and OpenNet technology. FreeNet does not contain a central server, which could be vulnerable to attack. Data encryption occurs before it is stored, which makes it a strong Tor alternative. Hackers and data tracking software cannot intercept stored data on FreeNet. Even FreeNet administrators can’t tell what type of data is stored on their network.

Another Tor alternative is the Invisible Internet Project (I2P). I2P encrypts data in layers and uses public and private keys to encrypt network traffic. Some consider I2P an internet hidden within the internet because it creates a network layer inside UDP and TCP/IP network sessions, making it the perfect way to store private and personal data.

What are the security risks for using Tor?

Like everything else on the Internet, Tor is not 100% completely safe to use. It’s important to remember, many online predators and criminals have used Tor for malicious intent, and will continue doing so. Tor’s anonymity protects both innocents and criminals alike. Tor’s strongest feature is unfortunately exploited by malicious users to openly run their business on the black market while enjoying full anonymity. This is known as the Dark Web. You can check out a very interesting dark web documentary by Vice Motherboard for more on this.

Some of the criminal activities on Tor include the infamous Silk Road, which allowed users to sell drugs, child pornography and weapons. While Silk Road was taken offline in 2013, online black marketplaces still exist and are getting more and more sophisticated. Today, everything that was for sale on Silk Road is still available, along with sophisticated hacking attacks, malware-as-a-service, such as ransomware and hacking-as-a-service. These markets have evolved to the level where users can leave reviews for the products and services they procured, increasing the odds that the next buyer will get what they pay for.

The largest security risk when using Tor exists on the “exit node”, which is where encrypted Tor traffic enters and exits the internet. Specifically, it’s the exact point where data packet leaves the Tor network between the Tor exit relay and the internet. Once traffic exits the relay, it can be exposed to monitoring. Although there is no true way to predict what exits the Tor network, the FBI successfully hacked Tor in 2013 due to criminal activity and is still likely monitoring it. The FBI or anyone wishing to sniff traffic can exploit at the exit relay or exit node. All traffic not using HTTPS is even more vulnerable at the exit node because the traffic will not be encrypted after exiting the Tor network.

Why is Tor so slow?

Because of the nature of how data packets move through Tor in a complicated pattern, hopping from server to server before it hits the exit node, Tor will never be fast. Network latency exists with every data packet because not only is your data bouncing all around the world, some network bottlenecks also slow the traffic down. There is very little you can do about the slowness of Tor. If you want to try speeding it up, you can do some research ways to change exit nodes, however, the everyday user will not have the knowledge to do this.

To summarize, Tor is neither “good” or “bad”. It’s simply a medium that facilitates extreme privacy online at the cost of speed. Sadly, this is high degree of privacy is exploited by cybercriminals, and enables large-scale crime to run unchecked. It’s the responsibility of the everyday user to not support these activities. In the next chapter of this series, we will take a closer look at the “Dark Web”, and the implications of browsing on it.