Today we continue Professor Bill Buchanan’s Something to Hide series with a look at the anonymous browser Tor
T - Tor
The Web traces a wide range of information, including user details from cookies, IP addresses, and even user behaviour (with user fingerprints). This information can be used to target marketing to users, and also is a rich seam of information for the detection and investigation of crime. The Tor network has long been a target for defence and law enforcement agencies, as it protects user identity and their source location, and is typically known as the dark web, as it is not accessible to key search engines such as Google.
Obviously Tor could be used to bind to a server, so that the server will only talk to a client which has been routed through the Tor network, which would mean that search engines will not be able to find the content on them. This is the closed model in creating a Web which cannot be accessed by users on the Internet, and only by those using Tor. If then users trade within the dark web servers with Bitcoins, there will be little traces of their transactions.
With the Tor network, the routing is done using computers of volunteers around the world to route the traffic around the Internet, and with every hop the chances to tracing the original source becomes reduced. In fact, it is rather like a pass-the-parcel game, where game players randomly pass to others, but where eventually the destination receiver will eventually receive the parcel. As no-one has marked the parcel on its route, it’s almost impossible to find out the route that the parcel took.
The trace of users access Web servers is thus confused with non-traceable accesses. This has caused a range of defence agencies, including the NCA and GCHQ, to invest methods of compromising the infrastructure, especially to uncover the dark web. A strange feature in the history of Tor is that it was originally sponsored by the U.S. Naval Research Laboratory (which had been involved in onion routing), and its first version appeared in 2002, and was presented to the work by Roger Dingledine, Nick Mathewson, and Paul Syverson, who have since been named, in 2012, as one of Top 100 Global Thinkers. It since received funding from Electronic Frontier Foundation, and is now developed by The Tor Project, which is a non-profit making organisation.
Thus, as with the Rights to remain private, there are some fundamental questions that remain, and it a target for many governments around the World. In 2011, it was awarded the Free Software Foundation’s 2010 Award for Projects of Social Benefit.
Figure 8 shows a Web browser application setup for Tor. It uses onion routing and also the HTTPS protocol to secure the accesses. With Tor, too, the path between the two communicating hosts is also encrypted, which creates a tunnel between them. To focuses more on the security of the communication over the Internet, and less on the preserving the anonymity of the user. It is, though, often used for proxy accesses to systems, where a user wants to hide their access. Within the log on the server, the only trace of the user will be in the exit node used by the Tor network.
Figure 8: Tor Web browser
Tomorrow – the final part of our Something to hide series: VPN’s and Proxies. Bill also adds his conclusion and thought on detection avoidance.