Tor (originally called The Onion Router because it layers your traffic like an onion) is a free network of servers, or “nodes,” that randomly route internet traffic between each other in order to obfuscate the origin of the data. The Tor Browser can significantly increase a user’s privacy and anonymity online. In internal documents, the NSA has even referred to Tor as “the king of high-secure, low-latency internet anonymity.”
In this guide, we will explain the origins of Tor, how the network works, how you can make use of it and contribute it, and the many other little things Tor enables us to do online.
What is Tor?
Tor is short for “The Onion Router.” It is often viewed negatively by the press and law enforcement agencies, but it has many positive benefits. Journalists and their sources rely on it to communicate securely and anonymously, without fear of government interference. Secure communication is essential in whistleblowing cases, like the Edward Snowden revelations. Similarly, Tor is important for law enforcement as it allows for covert operations and investigations online. Tor currently has about two million daily users worldwide, most of them originating from the United States, Germany, and Russia.
Similar to a VPN, you can use Tor to hide your IP address and anonymize your internet traffic. Using the Tor Browser also allows you access to the dark web, and run a “hidden service” anonymously. Generally, the Tor Browser will not anonymize all your web traffic, which is why it is commonly run alongside a VPN.
Connecting to Tor through a VPN connection is a great way to maintain your internet privacy and security. Not only will it hide your browsing data from your VPN company, it will also hide your home IP address from the Tor entry node.
The unlikely history of Tor
Tor: The early years
The United States armed forces have always relied on a vast network of spies around the globe to gather information. As this information became increasingly digital in the 1990s, the agencies realized how valuable it would be for their assets to communicate online.
No longer would spies need bulky radios, or have to decipher messages in newspapers to receive information. But the U.S. military was also aware that the way the internet was constructed posed serious threats to the identity and security of their sources. It would be very easy to detect who was communicating with servers operated by U.S. intelligence or military.
Imagine an NGO discovering one of their members frequently logs into the members-only forum of a military base, or a large corporation noticing that an employee is frequently opening up the website of a government agency. Without a global network providing anonymity, spies, police, and other government organizations wouldn’t be able to effectively communicate with their sources or carry out covert investigations.
In the mid-1990s, the U.S. Naval Research Laboratory began to work on a solution. They started to develop a way to route encrypted data through a network of computers placed all around the world. This routing method would hide both the origin and the destination of all the data. After 1997, the project was further developed by the Defense Advanced Research Projects Agency (DARPA).
But how would such a network authenticate its users? And how would such a network remain undetected? Who else could profit from being able to access the uncensored internet in an anonymous way?
Public tool instead of secret weapon
We can wildly speculate about these questions, but for historians, it is difficult to determine what debates the military and intelligence organizations involved went through, and which arguments convinced them to release the software for public use, under a free license, in 2002. The responsibility to maintain the project was handed over to the Electronic Frontier Foundation (EFF), which then handed control to The Tor Project. The majority of its funds still come from the United States government, though the government of Sweden also contributes significantly.
The reasons for the government’s involvement in the Tor Project might appear contradictory. The government wants to continue to use the Tor network to obfuscate the source of its attacks, to infiltrate civil rights movements, and to enable its spies to communicate intelligence securely and effectively. On the other hand, they gave the public a tool that would allow anyone to obfuscate the source of their attacks and hide, or information, from the government.
With and against the government
But to be able to use this tool without raising suspicion, the government needs to promote the Tor network as a liberating and empowering technology for those who want to break free from authoritarian control. They needed to not just promote it by spreading the word, but also by making the software genuinely effective and endorsed by the same people the government wishes to gather information on.
The government needed to give up power to maintain power. This complicated balance is probably also the reason the U.S. government has made itself a name as both a vivid supporter and ferocious attacker of this technology.
Organizations like the U.S. government are not entirely homogeneous, and no doubt consist of actors who honestly try to protect civil rights, as well as those who wish to strengthen authoritarian structures.
Can a balance be struck between power and freedom?
To use the Tor network to our advantage, we must understand how it works and what the limitations are. Tor’s open-source code allows us to understand exactly what is going on under the hood and audit the implementation of secure encryption.
How Tor works under the hood
Let’s pretend that computers and the internet don’t exist and people still communicate with what we now call “traditional mail.”
Now, say you want to buy a book. How could you do so without leaving the house? You could use the yellow pages to look up the address of a publishing house, then send them a postcard.
On that card, you could express a desire to obtain a book you like, and you could include your own address so that the publisher knows where to send it to.
The problem is that everyone along the delivery route can see what everyone wants to read. They can make copies of everything or simply keep lists of who requested what.
Envelopes protect the content
A simple level of protection would be to put requests into sealed envelopes. These cryptographic seals are impossible to open without breaking them, so all the post office could do is maintain lists of what gets delivered where, without knowing the contents of the envelopes.
This information—pertaining to, for example, the size and weight of the envelope, and the identities of the sender and recipient—is called the metadata.
Metadata reveals a lot. For example, you can tell if you’ve received a speeding ticket just from looking at the envelope. And so can the mailman.
This is very close to how the internet works today. Cryptographic seals go one step further by being impossible to open. In the past years basic encryption, like Transport Layer Security (TLS), has become a standard across the web. (You can tell when this is active, as a lock icon will appear in your address bar).
Tor circuits rely on a system of nodes
To send requests anonymously in the Tor network, you start by establishing a Tor circuit. To do this, you send your “sealed postcard” to a random Tor node. This could be a residential or commercial address. It could be your neighbor’s house, or it could be a big building in a faraway country. This is your entry node, and all your sealed mail will be sent to this address. All the mail that you receive will also come from this address.
Your entry node will forward your mail to yet another node, which will again forward it on to another node—the exit node. Only the exit node knows the address of your intended recipient.
The following is an explanation of how the system of nodes works:
- The entry node can see who you are, but not what you request or who you request it from.
- The middle node cannot see anything. It is important because it separates the exit and entry nodes from each other.
- The exit node can only see what you request, but not who you are. Ideally you will be using TLS to end-to-end encrypt your request, so the exit node can see who you are requesting something from, but not the content of your request.
Tor is run by volunteers
A system like Tor could at least hypothetically work with physical mail, but the effort needed to reroute mail and seal envelopes would be gigantic. The Tor principle is far easier to accomplish electronically, but the network still relies on volunteers who run Tor nodes on their servers or at home.
The exit node is the most fragile spot in this chain. If the connection to the website you are visiting is not using TLS encryption, there is no guarantee that the exit node is not logging the contents of your requests, altering them, or injecting malware into them. If your system is not correctly configured, things like cookies, or the contents of your communications, could still identify you.
The dark web: Use .onion addresses to avoid exit nodes
There is a way to entirely avoid using exit nodes. But for that to work, the website you are visiting needs to be set up with a .onion address. This address is not like a regular domain name, because there is no way to formally register it. The domains are usually alphanumeric strings generated from a public cryptographic key. Using such a domain not only removes the exit node from the equation, it also makes it impossible for both the user and the site to know where the other party is.
Facebook is also among the small number of sites that have TLS certificates issued for their .onion sites. This does not make the content significantly more private or secure, but can help to identify whether the site you are connected to really is the site you wanted to reach. Many sites are exclusively reachable through their .onion address, in an attempt to remain uncensorable and to keep their location a secret. This part of the Internet is usually called the dark web.
The dark web is also known for hosting a large variety of illicit content. In 2011, the online marketplace ‘The Silk Road’ gained notoriety for allowing users to offer and purchase drugs and contraband. As servers reachable through .onion domains are difficult to locate and their domains impossible to seize, the dark web theoretically provides ideal shelter from censorship and the reach of the law.
However, most offers on the dark web, from weapons to pornography and drugs are scams created to part curious visitors from their Bitcoin.
In practice, .onion addresses perform another important function. They are an easy tool to make your devices reachable inside of locked-down networks with strict firewalls, such as student dorms or office complexes. If you want to run a personal server for example in such an environment, using tor and an onion address is a convenient way to make this device reachable from the outside.
Is Tor legal?
Using Tor is not legally distinct from using any other browser, and surfing the dark web is not different to surfing the internet. In some places, mainly authoritarian countries with heavy censorship, using Tor is both necessary and can be regarded as subversive.
Offering or buying narcotics on the dark web is illegal whenever it would be illegal to do so on a regular website. In most jurisdictions, coming browsing a site offering illegal content is not illegal, but storing (e.g., screenshotting) such content and storing it on your own device will be.
The Tor Browser is built for privacy and security, but don’t let it lower your guard. Be mindful of what information you surrender on the dark web, and do not download and install software.
How to use Tor to protect your privacy
Connect using the Tor browser
The Tor Browser is easy to run. In fact, it doesn’t require any installation at all and you can just run the .exe or .dmg files directly from your USB stick. This makes it possible to bring the browser into an environment where you cannot install software, such as your school or office.
After starting the browser, it will ask you about your network. If your network is clear from censorship you can start surfing the internet immediately. Otherwise, you will be asked to give more information, such as your local proxy service, which will help the browser circumvent the censorship.
You can navigate websites in the same way you are used to. Additionally, you can resolve addresses on the dark web. These are addresses ending in .onion where the server cannot easily be identified, censored or seized. The online publication ProPublica (http://propub3r6espa33w.onion/) and Facebook (https://facebookcorewwwi.onion) both operate such servers, for example.
The Tor Browser makes it easy to be secure and private, but we still need to make sure not to voluntarily hand over information that could compromise us.
Practice safe browsing habits
The Tor Browser will not do everything your regular browser can do, but that’s for good reason. Don’t be tempted to install plug-ins or add-ons, because they might connect back to servers outside of the Tor network, revealing your IP address and other information about your browsing history.
In the Tor Browser, you need to make more sure than usual that you are connecting to websites using HTTPS. Just like on public Wi-Fi, there is no way to know who is running the exit node, or whether it is secure. There is also no way of telling what the node is doing. It could be reading, intercepting, or even altering your information. The exit node might even try to strip Transport Layer Security (TLS) from the site entirely, so always check if the lock in the address bar is visible! Otherwise, a malicious exit node might establish an encrypted connection between itself and the server you are connecting to, meaning the exit node can read the traffic between you and your server.
While the Tor Browser deletes your cookies and history upon each startup, surfing the web could trigger compromising cookies to be loaded on your machine. For example, logging into Facebook in one tab will set cookies that can identify you to other pages as a specific Facebook user.
Also be aware of any content you download. Even PDFs and Word documents might contain little snippets of code that could reveal your personal Internet protocol (IP) address. The safest thing to do is to open such documents on a virtual machine, or when your computer is offline.
The Tor network protects your metadata by hiding it among all the other traffic. If your load on the Tor network is very high (i.e., you operate a very popular dark web site), you might be identifiable due to your heavy traffic.
Set up Tor as a proxy
Browsing is not the only thing you can do with Tor. It can also be set up as a proxy service, so that any data you point to gets routed through the network.
Many applications support the SOCKS5 proxy that Tor uses. Pidgin, Adium, Dropbox, and Bitcoin wallets like Core and Electrum all allow you to route your traffic through the Tor network so you can stay anonymous. For a truly anonymous solution, though, you need to make sure to sign up for all your accounts while connected to Tor, download all the software through Tor, and never connect to these services through the regular internet.
You can also use Tor the other way around (a reverse proxy), i.e., make the services on your web server available through a .onion address. This protects both you and your users from bad exit nodes and unwanted server location reveals. It might also make your page available in places where your site is unavailable.
It’s not recommended to torrent through the Tor network. Modern BitTorrent clients use UDP as a protocol, which does not work over Tor. As a result, your data will either not be transmitted at all or transmitted outside of Tor, revealing your IP address in the process.
Connect to Tor via bridges and VPN when Tor is blocked
Some networks ban any kind of Tor traffic through their systems by blacklisting all known entry nodes. To get around this ban, you can connect to a bridge. A bridge functions similarly to an entry node, except that you have to obtain IP addresses manually. Using a bridge to connect to the Tor network does not have any significant drawbacks, but in many situations will not be able to circumvent Tor obstructions. For better results, first connect to your VPN, then to the Tor network.
When you are connected with a VPN, neither the sites you are visiting nor the Tor entry nodes will know your true location, though the VPN company will. However, the VPN company cannot see the content of your traffic, even if they tried to, as the traffic is encrypted between you and the Tor entry node.
Theoretically, there is also the option of connecting first to the Tor network, then tunneling a VPN through it. This makes it impossible for your VPN provider to know where you are, and ensures exit nodes can’t read or alter your traffic. This helps little with anonymity however, which is why most VPN providers do not support this function.
Depending on whether you use Tor, VPN, or a combination of the two, sites and networks can see different information about you. Check the table below to find a solution that best suits your needs.
|Only Tor||Tor first, then VPN||VPN first, then Tor||VPN only|
|Local network or ISP can read your traffic||No||No||No||No|
|Local network knows your location||Yes||Yes||Yes||Yes|
|Local network or ISP sees you are a Tor user||Yes||Yes||No||N/A|
|Tor entry nodes can see your location||Yes||Yes||No||N/A|
|Tor exit nodes can read your traffic||Yes||No||Yes||N/A|
|VPN can read your traffic||N/A||Yes||No||Yes*|
|VPN knows your location||N/A||No||Yes||Yes*|
*Note: A trustworthy VPN service provider never stores any information about your traffic. You can find out if your VPN provider logs your data by reading their terms of service agreement.
How to securely share files using Tor
While you shouldn’t (and often can’t) use the Tor network to hide your torrent traffic, the Tor network provides you with one of the most convenient ways to share files with other people. It’s called OnionShare and was developed by Micah Lee. In addition to its security, it is much more convenient than sending email attachments and or using Dropbox.
With Onionshare, you just select the file on your computer and a link to it is generated. You can then share this link with the intended recipient, via any application. You and the recipient will need to keep the Tor browser open during the entire process. Sharing files using Tor ensures that the sender and recipient never know each other’s locations.
Onionshare is the one truly anonymous file sharing method. Take note, however, that anyone with the link will be able to download the file, so you should share the link in an encrypted fashion, for example with OTR (Off-The-Record).
There is also a neat option that allows you to close the server after the item has been downloaded. That way you can be absolutely certain that the item is only accessed once. If your contact received it, you can be sure no one else did.
Privacy tools for whistleblowers
SecureDrop (originally called DeadDrop) is software that makes it easier to safely leak information to the press over the Tor network. It was originally developed by Aaron Swartz and is currently being maintained by the Freedom of the Press Foundation. It has been adopted by ProPublica, The Intercept, and The Guardian, among others.
SecureDrop runs on a server belonging to a journalist or news organization that is only reachable via Tor. The whistleblower can upload any kind of document to this server, for which they receive a code. This unique code can later be used to submit more information or communicate securely and anonymously with the journalists.
Tor for Android
Orbot, the Tor browser for Android, can be found in the Google Play store and the Guardian Project official app repository. You can also use Orbot as a proxy to configure other apps, such as Chat Secure, to route traffic through the Tor network. This combination gives you similar protections as using the Tor messenger on desktop.
Tor for iOS
Tor is not officially available on iOS devices, but the Tor Projects recommends iOS users to use the Onion Browser instead. Some apps, such as the Zap Bitcoin wallet also come with Tor capabilities included.
Tor for Tails
The Amnesic Incognito Live System is an operating system based on Linux that you can run from a DVD or USB stick. It comes pre-installed with the most important encryption software, like Pretty Good Privacy (PGP) and OTR. It will route all your traffic through the Tor network by default. This makes it far easier to remain truly anonymous, and it also mitigates threats of bugs or attacks.
You can easily carry it with you and it does not need to be installed on the computer you are running. The Amnesic Incognito Live System lets you safely and easily maintain a separate identity on your own computer or a public device.
Is Tor perfectly safe?
While the Tor network is generally considered secure, it should not be overestimated in regards to what it does. Applications like the Tor Browser and TAILS come pre-configured to route your traffic through the Tor network and minimize your risk of leaking personal information, but there are still many ways in which your identity might be compromised by a malicious third-party entity.
If an attacker is able to gain control of a large portion of the network, they could perform network analysis to correlate traffic on the entry nodes with traffic on the exit nodes. The attacker could then work out who is viewing what content.
This is especially risky for operators of big and popular sites on the dark web who want to keep their location anonymous. The more traffic they attract, the easier it is for an adversary to figure out where their traffic is going.
How to contribute to Tor
While the Tor network is still primarily funded by the United States government, it relies on the efforts of activists and volunteers to stay secure. Additional resources to the project will make it more balanced and less dependent on government and military support. You can help out by doing any of the following.
- Use Tor. You will get internet privacy yourself, and also help to establish the network as an important tool for everyday users.
- Join the Tor community. It’s a platform with useful resources on how you can contribute your skills.
- Become a Tor developer. It is worth major street cred to build on top of the leading anonymity network! You can help bring in whatever skill you have to increase the Tor Project’s security, documentation, and features.
- Donate to the Tor project. The Tor project accepts Paypal, Dwolla, and Bitcoins. There is still so much to be done!
- Donate to a node provider.
- Run a relay. If you have extra bandwidth available, you can run a relay from home or your own server.
Alternatives to the Tor browser
Tor is not the only project attempting to make the internet a safer and more anonymous space, although it is by far the most tested and used.
Here are other projects committed to maintaining your internet privacy, security, and freedom:
- Ultrasurf is a proxy system for Windows. It is used primarily to evade censorship, although it also offers some privacy protection with the use of encryption. Like Tor, it is also largely funded by the United States government. Unlike Tor, the source code is not open.
- Freegate is another proxy system for Windows, used to evade censorship. The Freegate network is called Dynaweb and is also funded by the U.S. government.
- Java Anon Proxy is an open-source proxy network written in Java. It was developed by a group of researchers in German universities. Users should be wary of using it though. Java Anon Proxy contains a feature which allows law enforcement to issue surveillance orders for certain servers. Such features carry risk of abuse similar to that possible on unsecured networks, and call the advertised anonymity features into question.
- GTunnel is a product by the Canadian NGO, Garden Networks. It is aimed at circumventing censorship rather than protecting your Internet privacy. Unfortunately, GTunnel is no longer actively developed.
How to use Tor
Did you know getting started with Tor is as easy as 1-2-3? Following these short steps and you’ll be enjoying the internet anonymously in no time!
1. Download the Tor browser
Download the file and save it. Installation is quick and easy.
In Windows, double-click the .exe file and select a destination folder. This can also be a USB stick.
In Mac OS X, you have to double-click the .dmg file and drag the containing file into a separate folder, such as the application folder or USB stick.
In Linux, you have to unpack the .tar.xz file with the command below.
tar -czvf tor-browser-linux64-[…].tar.xz
2. Start the Tor browser
When you start the Tor browser for the first time, you will be asked how you want to connect. If you are unsure if your network requires further configuration (mostly it doesn’t), click on continue. Otherwise, click on “configure” and answer the questions.
Pro Tip: If Tor does not connect, or if you do not want your ISP to know you are using Tor, connect to your VPN first, then open the Tor Browser.
3. Browse the Web anonymously
Want to learn more about Tor? Check out ExpressVPN’s collection of articles below!
Does using Tor help keep your chats private? You bet. Explore how you can keep your messages private and anonymous.
A public library in New Hampshire took on The Department of Homeland Security and won. Read ExpressVPN’s interview with IT manager Chuck McAndrew.