We are still actively working on the spam issue.

Difference between revisions of "Tor"

From InstallGentoo Wiki
Jump to: navigation, search
(Reasons Against: changed to Controversy)
(Suggestions)
Line 45: Line 45:
  
 
There are a few things to keep in mind while using the Tor Browser Bundle:
 
There are a few things to keep in mind while using the Tor Browser Bundle:
 +
=== Correct usage ===
 +
Make sure the Tor Browser Bundle is configured correctly so that you're not leaking any information unknowingly. There are a number of websites you should use [https://check.torproject.org/ this] simple webpage that checks if you're using Tor or not. If you view the webpage in the Tor Browser Bundle, it should say: "Congratulations. This browser is configured to use Tor." [https://tor.stackexchange.com/questions/190/why-does-check-torproject-org-sometimes-tell-me-im-not-using-tor-when-i-am There are a few cases] when the website will give you a false positive, but for the most part, if everything is configured correctly, it should more often than not tell you that the Tor Browser Bundle is configured to use Tor. If not (for example, if you view the webpage in Firefox, Chrome, or other browsers not configured to use Tor), it should say: "Sorry. You are not using Tor." This website should be the first tool you check to make sure you're using the Tor Browser Bundle correctly.
  
* '''Make sure the Tor Browser Bundle is configured correctly''' so that you're not leaking any information unknowingly. There are a number of websites you should use:
+
=== Javascript ===
** [https://check.torproject.org/ Are you using Tor?] is a simple webpage that checks if you're using Tor or not. If you view the webpage in the Tor Browser Bundle, it should say: "Congratulations. This browser is configured to use Tor." [https://tor.stackexchange.com/questions/190/why-does-check-torproject-org-sometimes-tell-me-im-not-using-tor-when-i-am There are a few cases] when the website will give you a false positive, but for the most part, if everything is configured correctly, it should more often than not tell you that the Tor Browser Bundle is configured to use Tor. If not (for example, if you view the webpage in Firefox, Chrome, or other browsers not configured to use Tor), it should say: "Sorry. You are not using Tor." This website should be the first tool you check to make sure you're using the Tor Browser Bundle correctly.
+
By default, [[JavaScript]] is enabled. There are a [https://www.torproject.org/docs/faq.html#TBBJavaScriptEnabled few reasons for this]; first and foremost, disabling JavaScript breaks a large number of websites in the clearnet, especially newer websites, as web developers have become reliant on using JavaScript for added usability and functionality. The other reason is, using NoScript to disable JavaScript globally but only whitelisting a few websites creates a unique fingerprint (everyone who uses NoScript this way whitelists different websites), which harms your anonymity. If usability is not a concern for you, '''I suggest simply disabling JavaScript altogether'''. Type about:config into the address bar of the Tor Browser Bundle, type "javascript.enabled" in the search bar that appears, and double click the setting to set it to "false." If you would like to be extra safe, you can also click the NoScript icon (the big "S" next to the address bar) and select "Forbid scripts globally."
  
* '''By default, [[JavaScript]] is enabled.''' There are a [https://www.torproject.org/docs/faq.html#TBBJavaScriptEnabled few reasons for this]; first and foremost, disabling JavaScript breaks a large number of websites in the clearnet, especially newer websites, as web developers have become reliant on using JavaScript for added usability and functionality. The other reason is, using NoScript to disable JavaScript globally but only whitelisting a few websites creates a unique fingerprint (everyone who uses NoScript this way whitelists different websites), which harms your anonymity. If usability is not a concern for you, '''I suggest simply disabling JavaScript altogether'''. Type about:config into the address bar of the Tor Browser Bundle, type "javascript.enabled" in the search bar that appears, and double click the setting to set it to "false." If you would like to be extra safe, you can also click the NoScript icon (the big "S" next to the address bar) and select "Forbid scripts globally."
+
=== Change default settings ===
 
+
When using the background daemon, make sure to modify the torrc. The tor package in most repositories allow you to use it as a proxy. The package repositories (usually) don't have the browser. This package is just a daemon so you can proxy applications, such as [[Tox]] or [[IRC]]. It is recommended you use the following config in {{ic|/etc/tor/torrc}}:
* '''When using the background daemon, make sure to modify the torrc'''. The tor package in most repositories allow you to use it as a proxy. The package repositories (usually) don't have the browser. This package is just a daemon so you can proxy applications, such as [[Tox]] or [[IRC]]. It is recommended you use the following config in {{ic|/etc/tor/torrc}}:
 
  
 
{{bc|
 
{{bc|

Revision as of 05:38, 9 February 2016

Tor is the name of several related and interconnected projects, all centered around providing you with anonymity and privacy online. In the simplest sense, Tor is the name of a free software project that protects your privacy online by bouncing your communications around a distributed network of computers (called "relays") run by volunteers all around the world. This network of relays is called the Tor Network.

The Tor Browser Bundle is a web browser (forked from Firefox) that is pre-configured to protect your anonymity online. It includes related projects like Vidalia, TorButton and others that make browsing anonymously simple. The Tor Browser Bundle is the only recommended way to use Tor.

Finally, The Tor Project is a 501(c)(3) non-profit (charity) organization that maintains and develops the Tor software and related projects.

An outdated (but still useful) guide to setting up Tor.

Common misconceptions

Please watch the video 'The Tor Network' by Jacob Applebaum and Roger Dingledine at the 30c3 (Chaos Communication Congress) in Hamburg, Germany (link here). Applebaum and Dingledine are two of Tor's key people, and this talk will clear up any skepticisms and misconceptions you have.

Please also take a look at Tor's Frequently asked questions.

  • Tor is illegal to use

It might be in places like North Korea or ISIS-controlled Syria. In places like Rwanda or the USA it might make you a target of "law enforcement" authorities that don't give a fuck about law and are more concerned with silencing enemies of The System. In places like Germany, Norway, Venezuela, Russia or any other reasonably sane country, you'll be perfectly fine.

  • The deep web is a dangerous place to browse, and you get hackers and viruses attacking you there

The deep web or dark net are really just terms that are used in scaremongering. What they really refer to, is all the networking that can't be accessed via Google. Think about this for a second: this includes company and school intranets; hell, any network that you have to log in to to access is included here. Once you realise this, you realise that it's not as bad as once thought. It's also not as big.

  • There's nothing but child porn and illegal stuff on Tor

Firstly, people will continue to do this stuff regardless of whether or not Tor exists; people do it on the internet and in real life anyway, so this doesn't count. Secondly, Tor is also used by reporters, protesters, police officers, soldiers, and other people who just want to browse anonymously.

  • It's too slow to stream/torrent over

Tor's speed comes from how many resources are provided by generous people. Also, Tor is not for torrenting over.

  • I'll get arrested or get into trouble with my ISP or someone else for running Tor

You will only need to worry about this if you are running a Tor exit node. There are also some excellent resources created by the Tor staff; give them a read:

You may also be interested in the Tor Metrics pages which will show you how common the use of Tor is in your country:

Suggestions

There are a few things to keep in mind while using the Tor Browser Bundle:

Correct usage

Make sure the Tor Browser Bundle is configured correctly so that you're not leaking any information unknowingly. There are a number of websites you should use this simple webpage that checks if you're using Tor or not. If you view the webpage in the Tor Browser Bundle, it should say: "Congratulations. This browser is configured to use Tor." There are a few cases when the website will give you a false positive, but for the most part, if everything is configured correctly, it should more often than not tell you that the Tor Browser Bundle is configured to use Tor. If not (for example, if you view the webpage in Firefox, Chrome, or other browsers not configured to use Tor), it should say: "Sorry. You are not using Tor." This website should be the first tool you check to make sure you're using the Tor Browser Bundle correctly.

Javascript

By default, JavaScript is enabled. There are a few reasons for this; first and foremost, disabling JavaScript breaks a large number of websites in the clearnet, especially newer websites, as web developers have become reliant on using JavaScript for added usability and functionality. The other reason is, using NoScript to disable JavaScript globally but only whitelisting a few websites creates a unique fingerprint (everyone who uses NoScript this way whitelists different websites), which harms your anonymity. If usability is not a concern for you, I suggest simply disabling JavaScript altogether. Type about:config into the address bar of the Tor Browser Bundle, type "javascript.enabled" in the search bar that appears, and double click the setting to set it to "false." If you would like to be extra safe, you can also click the NoScript icon (the big "S" next to the address bar) and select "Forbid scripts globally."

Change default settings

When using the background daemon, make sure to modify the torrc. The tor package in most repositories allow you to use it as a proxy. The package repositories (usually) don't have the browser. This package is just a daemon so you can proxy applications, such as Tox or IRC. It is recommended you use the following config in /etc/tor/torrc:

#### /etc/tor/torrc
FetchDirInfoEarly 1
sandbox 1
KeepalivePeriod 150
CircuitPriorityHalflife 0
ExcludeSingleHopRelays 1
CircuitIdleTimeout 1000
CircuitBuildTimeout 30
ClientOnly 1
GeoIPExcludeUnknown 1
NewCircuitPeriod 10
MaxCircuitDirtiness 300
EnforceDistinctSubnets 1
StrictNodes 1
UseEntryGuards 1
UseEntryGuardsAsDirGuards 1
FastFirstHopPK 0
AllowSingleHopCircuits 0
Tor2webMode 0
DNSPort 64
RunAsDaemon 1
ControlPort 9051
CookieAuthentication 1


# These settings are optional, but ensure you have added
# security from possible government intrusion
ExcludeNodes {US},{UK},{GB},{NZ},{CA},{AU},{CN},{TW}
EntryNodes {DE}
ExitNodes {RU}

After this, run the command sudo chattr +i /etc/tor/torrc to make sure it can't be changed. Now that you have done this, preform sudo service tor restart, then on anything that you want proxied, set it to localhost (or 127.0.0.1) for the address, 9050 for the port, and the type of proxy it is, SOCKS5. If you are proxying DNS, such as in Jitsi, it again is localhost (or 127.0.0.1) for the address, but 64 for the port. If you wish to use a different port for either of these, adjust your torrc file correspondingly. Please note that the ControlPort is not a proxy port, but a port for other applications to control tor if you want it to, such as the package tor-arm.

Controversy

Some people are against Tor due to the fact of how the network operates. The way Tor operates is through a series of relays (which is the Tor Project's word for nodes). Anyone can host these relays. Due to this fact, the NSA, or another spy agency, can allegedly monitor the internal and external connections to and fro the Tor network.

One must consider that the NSA would have a finite amount of Bandwidth, and would only be allowed to host such things in the United States. Therefore, the likely-hood of the NSA spying on the users is little to none. Furthermore, the connection is (mostly) encrypted between these nodes. Connecting to a Tor site (.onion) within the Tor network (through what is called an Internal Node) is generally considered safe as the connection is encrypted. However, connecting to clearnet services through the Tor network is dangerous because as it leaves the network (through what is called an Exit Node), the connection becomes less encrypted, and can be viewed by the owner of the node.

External links