Tor: An Anonymous, And Controversial, Way to Web-Surf

 In Blog, Security


Tor: An Anonymous, And Controversial, Way to Web-Surf – Tor(The Onion Router) is for enabling anonymous communication. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than six thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”. Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored. An extract of a Top Secret appraisal by the National Security Agency (NSA) characterized Tor as “the King of high-secure, low-latency Internet anonymity” with “no contenders for the throne in waiting”.

Tor is implemented by encryption in the application layer of a communication protocol stack, Tor encrypts the original data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communication can be de-anonymized through network surveillance that relies upon knowing its source and destination.


NSA might tag you as extremist when you use Tor, other privacy online services


Tor Project developer Jacob Appelbaum, along with German journalists Lena Kampf and John Goetz, published an analysis of the source code, which made the shocking revelations on the NSA’s widespread efforts to track and monitor individuals who use privacy tools, which include thousands of activists in oppressive regimes, journalists and their sources, political dissidents and a good many others who may have different reasons for wanting to stay anonymous online.

Surveillance, however, is not simply limited to collecting IP addresses. Analysis of the code reveals rules that describe how the software monitors users found to have visited Linux Journal, the popular Linux publication which the agency dubs an “extremist forum” in the code. Even more disturbing are the rules that reveal how the agency conducts deep-packet inspections of emails sent and received through Tor’s anonymous MixMinion email service, whose server is maintained by Tor Project leader Roger Dingledine at the Massachusetts Institute of Technology (MIT). Aside from the Tor directory, the MIT server is also host to a number of unrelated websites, including gaming libraries, which means the NSA could be collecting metadata of those users as well.

Ironically, Tor began as The Onion Router developed by the U.S. Naval Research Laboratory in the late 1990s as a way for government employees to remain anonymous on the Internet. It was later passed on to the public sector, although it is still largely funded by the U.S. government. Tor allows users to become anonymous on the Internet by encrypting data sent while browsing, sending messages and chatting with friends and rerouting the traffic to a number of servers managed by some 5,000 volunteers from around the world. Each server can only “see” connections with the previous server that sent the data and the next server that will receive it, making it impossible to link a user’s IP address with his online activities.


But Tor is not the only target. XKeyScore is also reportedly tracking users of other online privacy services, including the anonymous operating system Tails developed initially for human rights activists and journalists with access to the Snowden leaks, FreeNet, HotSpotShield, Centurian, and MegaProxy. The code referring to Tails also includes anyone “viewing documents relating to Tails, or viewing websites that detail Tails.”

It’s unclear how the source code for XKeyScore was obtained, but experts believe it may have been revealed by a second source, not Snowden, since the original leaks did not contain information of this sort. One thing is clear, though. If the findings are true, the NSA is flying in the face of its own assertions that its surveillance program is only targeted at those considered threats to national security.

“It’s a dead certainty that people who heard the NSA’s reassurances about ‘targeting’ its surveillance on people who were doing something suspicious didn’t understand that the NSA meant people who’d looked up technical details about systems that are routinely discussed on the front page of every newspaper in the world,” writes activist and fiction writer Cory Doctorow.

Wikipedia and Google suggestions

Recent Posts

Leave a Comment

Start typing and press Enter to search