We are still actively working on the spam issue, the wiki may be restored to an earlier date and account creation may be disabled.

Tor

From InstallGentoo Wiki
Jump to: navigation, search

Tor is the name of several related and interconnected projects, all centered around providing you with anonymity and privacy online. In the simplest sense, Tor is the name of a free software project that protects your privacy online by bouncing your communications around a distributed network of computers (called "relays") run by volunteers all around the world. This network of relays is called the Tor Network.

The Tor Browser Bundle is a web browser (forked from Firefox) that is pre-configured to protect your anonymity online. It includes related projects like Vidalia, TorButton and others that make browsing anonymously simple. The Tor Browser Bundle is the only recommended way to use Tor.

Finally, The Tor Project is a 501(c)(3) non-profit (charity) organization that maintains and develops the Tor software and related projects.

An outdated (but still useful) guide to setting up Tor.

Common misconceptions

Please watch the video 'The Tor Network' by Jacob Applebaum and Roger Dingledine at the 30c3 (Chaos Communication Congress) in Hamburg, Germany (link here). Applebaum and Dingledine are two of Tor's key people, and this talk will clear up any skepticisms and misconceptions you have.

Please also take a look at Tor's Frequently asked questions.

Tor is illegal to use

Clock.gif
Clock.gif
DEVELOPING

This section/page details a currently developing event. During this time, misinformation may be produced, and changes may be made frequently. Please keep this in mind when reading this section and/or page.

Warning: The USA recently made a decision in secret that makes everyone who uses Tor and similar systems a suspicious individual. It also says that any person using Tor is not applicable to the Fourth or Fifth amendment of the US Constitution, as use of Tor is probable cause. You can read more about this here. Use tor for everything in protest. It has until December to be repealed.

It might be in places like North Korea or ISIS-controlled Syria. In places like Rwanda or the USA it might make you a target of "law enforcement" authorities that don't give a fuck about law and are more concerned with silencing enemies of The System. In places like Germany, Norway, Venezuela, Russia or any other reasonably sane country, you'll be perfectly fine.

If you do live in a country that blocks Tor access, you can download Tor through the millions of mirror sites that exist. When using Tor, you can also use a bridge if they block (or monitor) tor network connections.

The deep web is a dangerous place to browse, and you get hackers and viruses attacking you there

The deep web or dark net are really just terms that are used in scaremongering. What they really refer to, is all the networking that can't be accessed via Google. Think about this for a second: this includes company and school intranets; hell, any network that you have to log in to to access is included here. Once you realise this, you realise that it's not as bad as once thought. It's also not as big.

There's nothing but child porn and illegal stuff on Tor

Firstly, people will continue to do this stuff regardless of whether or not Tor exists; people do it on the internet and in real life anyway, so this doesn't count. Secondly, Tor is also used by reporters, protesters, police officers, soldiers, and other people who just want to browse anonymously. Thirdly, there is that on clearnet just the same as on tor. Think of this: Everyday, drug smugglers use roads to transport their drugs. Does that make the roads themselves illegal?

Another thing to note is that a large number of child pornography hidden services are based in Russia, where the legal age of consent is 12. This makes it legal in its country of origin, however international law makes it complex to where you probably will get arrested if you view such content with intent. If you view it by accident (such as clicking a random link that was posted to a hidden services thread), you have not committed a crime if you can prove that was the reason. Usually they won't find you anyway though.

It's too slow to stream/torrent over

Tor's speed comes from how many resources are provided by generous people. Also, Tor is not for torrenting over. Torrenting over tor not only leaks your IP address, but it also slows the network for literally everyone else.

I'll get arrested or get into trouble with my ISP or someone else for running Tor

You will only need to worry about this if you are running a Tor exit node. There are also some excellent resources created by the Tor staff; give them a read:

You may also be interested in the Tor Metrics pages which will show you how common the use of Tor is in your country:

Suggestions

There are a few things to keep in mind while using the Tor Browser Bundle:

Correct usage

Make sure the Tor Browser Bundle is configured correctly so that you're not leaking any information unknowingly. There are a number of websites you should use, such as this simple webpage that checks if you're using Tor or not. If you view the webpage in the Tor Browser Bundle, it should say: "Congratulations. This browser is configured to use Tor." There are a few cases when the website will give you a false positive, but for the most part, if everything is configured correctly, it should more often than not tell you that the Tor Browser Bundle is configured to use Tor. If not (for example, if you view the webpage in Firefox, Chrome, or other browsers not configured to use Tor), it should say: "Sorry. You are not using Tor." This website should be the first tool you check to make sure you're using the Tor Browser Bundle correctly.

Javascript

By default, JavaScript is enabled. There are a few reasons for this; first and foremost, disabling JavaScript breaks a large number of websites in the clearnet, especially newer websites, as web developers have become reliant on using JavaScript for added usability and functionality. The other reason is, using NoScript to disable JavaScript globally but only whitelisting a few websites creates a unique fingerprint (everyone who uses NoScript this way whitelists different websites), which harms your anonymity. If usability is not a concern for you, we suggest simply disabling JavaScript altogether. Type about:config into the address bar of the Tor Browser Bundle, type javascript.enabled in the search bar that appears, and double click the setting to set it to false. If you would like to be extra safe, you can also click the NoScript icon (the big "S" next to the address bar) and select Forbid scripts globally.

Change default settings

Warning: The usefulness of this configuration is disputed. See talk page for discussion.

When using the background daemon, make sure to modify the torrc. The tor package in most repositories allow you to use it as a proxy. The package repositories (usually) don't have the browser. This package is just a daemon so you can proxy applications, such as Tox or IRC. It is recommended you use the following config in /etc/tor/torrc:

#### /etc/tor/torrc
FetchDirInfoEarly 1
sandbox 1
KeepalivePeriod 150
CircuitPriorityHalflife 0
ExcludeSingleHopRelays 1
CircuitIdleTimeout 1000
CircuitBuildTimeout 30
ClientOnly 1
GeoIPExcludeUnknown 1
NewCircuitPeriod 10
MaxCircuitDirtiness 300
EnforceDistinctSubnets 1
StrictNodes 1
UseEntryGuards 1
UseEntryGuardsAsDirGuards 1
FastFirstHopPK 0
AllowSingleHopCircuits 0
Tor2webMode 0
DNSPort 64
RunAsDaemon 1
ControlPort 9051
CookieAuthentication 1

# This next section is optional, but hardens your
# connection greatly

# Uncommenting this line is very secure, but may
# prohibit you from accessing .onion sites hosted in
# these countries
#ExcludeNodes {US},{GB},{NZ},{CA},{AU},{CN},{TW}
EntryNodes {DE}
ExitNodes {RU}

After this, run the command sudo chattr +i /etc/tor/torrc to make sure it can't be changed. Now that you have done this, preform sudo service tor restart, then on anything that you want proxied, set it to localhost (or 127.0.0.1) for the address, 9050 for the port, and the type of proxy it is, SOCKS5. If you are proxying DNS, such as in Jitsi, it again is localhost (or 127.0.0.1) for the address, but 64 for the port. If you wish to use a different port for either of these, adjust your torrc file correspondingly. Please note that the ControlPort is not a proxy port, but a port for other applications to control tor if you want it to, such as the package tor-arm.

Controversy

Alleged NSA takeover

Warning: The information in this seciton is disputed. See the talk page for discussion.

Some people are against Tor due to the fact of how the network operates. The way Tor operates is through a series of relays (which is the Tor Project's word for nodes). Anyone can host these relays. Due to this fact, the NSA, or another spy agency, can allegedly monitor the internal and external connections to and fro the Tor network.

One must consider that the NSA would have a finite amount of Bandwidth, and would only be allowed to host such things in the United States. Therefore, the likely-hood of the NSA spying on the users is little to none. Furthermore, the connection is (mostly) encrypted between these nodes. Connecting to a Tor site (.onion) within the Tor network (through what is called an Internal Node) is generally considered safe as the connection is encrypted. However, connecting to clearnet services through the Tor network is dangerous because as it leaves the network (through what is called an Exit Node), the connection becomes less encrypted, and can be viewed by the owner of the node.

You can also disable the ability to use nodes based in America, The United Kingdom, and the rest of the US allies, thus preventing tor from using possible NSA (or similar agencies') nodes.

External links