Last week we promised a look
at Tor, a system for anonymous Internet
communication, primarily developed by Nick Mathewson and Roger Dingledine. Current
development is supported by the Electronic
Frontier Foundation (EFF), but Tor was originally developed as part of
the U.S. Naval Research Laboratory's Onion Routing program.
As the Tor web page explains, Tor is a "toolset for a wide range of
organizations and people that want to improve their safety and security on
the Internet." What does that mean? In a nutshell, Tor is a
client/server application that anonymizes traffic by routing it from the
client through a series of nodes to hide the origin of a request. It can
also be used to protect services against denial of service attacks and the like by hiding
Tor routes traffic through nodes that "know" about the previous node and
the next node -- but not the rest of the network. By routing traffic through a series of
"onion routers" Tor makes it difficult for the receiver, observers and
even other Tor routers to detect the source of traffic. A more complete
description of Tor's design can be found in the design
paper; a protocol
specification is also available for those who wish to build compatible
Tor works as both a server and as a client. By default, Tor runs as a
client only, but it can be configured to allow other users to connect to
your system as a Tor node. In addition, Tor can be used to run "hidden"
services that do not reveal your IP address to others at all. The "hidden
wiki" maintains a list of hidden services that users can see as an
example. Finally, it's possible to set up one's own Tor network that does
not interact with the public Tor network, for those who want to test the
protocol but may lack access to the Internet.
To achieve best results, one may need to use Tor in conjunction with other
applications. For example, users who wish to browse anonymously would use
Tor in conjunction with Privoxy. Other applications may require
use of tsocks or ProxyChains.
To see what Tor had to offer, we installed it on a Ubuntu Hoary machine,
along with Privoxy, tsocks and ProxyChains. Configuring services to work
with Tor is not terribly difficult, and there is a relatively detailed HOWTO
for users who wish to configure specific applications like Gaim, X-Chat,
SSH or BitTorrent with Tor.
It should be noted that using Tor can have an impact on performance for
client applications. Using Tor and Privoxy together for browsing, for
example, introduced a notable lag. Firefox users may be
interested in using the SwitchProxy
Tool extension to switch Proxy use on and off, reserving Tor for
specific sites rather than for all web browsing. Users should also be
prepared for some odd behavior on some sites -- for example, we kept being
redirected to country-specific versions of Google, rather than Google's main
site, when using Tor and Privoxy. Tor itself didn't seem to have much of an
impact on system performance overall.
Tor is not completely foolproof. It could be possible for someone who's
running a Tor server to modify Tor or use other software to monitor traffic
going through the server. Traffic coming out of the "exit node" (the last
hop in the Tor "circuit") is not encrypted, so a malicious user could set
up a Tor server and browse traffic coming out of their machine. (It is
possible to specify your exit node in the Tor configuration.) There are
traffic that passes through Tor.
Interested users should also have a look at the EFF's legal issues page
about Tor. Though Tor can be used for things like BitTorrent, it is not
designed to assist copyright infringement or other illegal activity.
There is still a lot of development ahead for Tor, but it is definitely
worth a look for users who are interested in anonymous communication on the
Internet. Users with bandwidth to spare are also encouraged to set up and
run a Tor server to help test its scalability and to help provide a larger
Tor network. See the download
page for Tor packages and source code.
to post comments)