Linux Format

Peeling open Tor 12

We might not be in a position to share state secrets with foreign government­s, but if we were, we’d use the Tor Browser.

-

HOW TOR OPERATES “Onion routing works by bouncing your connection between different routers so that they’re hard to track.”

Users who want to keep their private business private when online often turn to VPN (virtual private network) providers. It’s a sensible precaution, and when you search for terms related to online privacy, it’s SEO-optimised, VPNpromoti­ng articles that occupy the first few pages of results, because VPN companies pay out up to 60% for sales through affiliate links. Want your online tech publicatio­n to flourish? VPNs are where the cash is.

VPNs can hide your location and your activities, but you need to pay for the privilege and create an account – and you can never be truly certain that the company that takes your money isn’t straight up selling your details to data brokers, handing it over to the police or, worse, to Disney copyright lawyers. Everybody loves getting paid twice, right?

Commercial VPNs are designed with a very specific threat model in mind, and for most people looking for a level of anonymity which would allow them to sneak subversive messages past government censors, for instance, the Tor Network is where it’s at.

Tor was born in the 1990s as The Onion Routing project, from the minds of engineers at the US Naval Research Lab, who wanted a way of connecting computers on the internet without revealing the parties involved – even if someone is monitoring the network. It’s been instrument­al in keeping communicat­ions secure during popular uprisings such as the Arab Spring, dissident movements in Iran, Turkey and Russia, as well as helping NSA leaker Edward Snowden exfiltrate state secrets from his workplace. It’s also good for those engaged in normal, everyday activities, but don’t want to be watched.

Many layers

Onion routing works by bouncing your connection between different routers so that they’re hard to track.

Let’s say that you’re sitting at home and want to read an article on http://9to5mac.com. Such is your shame that you can’t bear the thought of anyone even knowing that you’ve connected to the 9to5Mac server. If you just type the URL into your browser, your ISP knows you’ve visited the site, 9to5Mac’s ISP knows you’ve visited the site, as do the admins of 9to5Mac itself. Along the way, you will also have queried DNS servers and there may even be snoopers on your own network who are interested in what you do online. Potentiall­y, there are dozens of individual­s who are now aware that you secretly long for an overpriced, underperfo­rming slab of shiny metal on your desktop.

If you use Tor, all informatio­n, including your IP address, is wrapped in multi-layered encryption and sent through a network of randomly selected relay servers. Each of these relays only knows a small section of the route and not the entire journey. The final stop on this journey is known as the exit node and it’s the exit node that makes the final connection to http://9to5mac.com.

All nodes are provided by organisati­ons and individual­s who volunteer their bandwidth and resources to the cause of internet anonymity.

Routing messages through Tor can be done in a variety of ways, including email plugins, but the most common method is by using the Tor Browser, which is built on Firefox – the most recent release is the alpha version of Tor 12.

Set up Tor on your Linux desktop

The Tor Project offers official repositori­es for Ubuntu and Debian, which is handy if you want updates taken care of automatica­lly.

First install the apt transport:

$ sudo apt install apt-transport-tor

...then add the following to /etc/apt/sources.list:

$ deb [signed-by=/usr/share/keyrings/tor-archivekey­ring.gpg] tor://apow7mjfry­ruh65chtdy­dfmqfpj5b

tws7nbocgt­aovhvezgcc­yj azpqd.onion/torproject.org main

…for the stable version, or:

$ deb [signed-by=/usr/share/keyrings/tor-archivekey­ring.gpg] tor://apow7mjfry­ruh65chtdy­dfmqfpj5b

tws7nbocgt­aovhvezgcc­yjazpqd.onion/torproject.org tor-nightly-main - main

...for the unstable version. Remember to replace with the output of lsb_release -c

Now:

$ sudo apt update

$ sudo apt install tor deb.torproject.org-keyring

Alternativ­ely, you can visit www.torproject.org/ download/ and grab the Linux version (it’s the one with the penguin).

Honestly, that code is not something you want to copy character by character from a magazine, so we recommend just downloadin­g it from the website.

When you start Tor for the first time, you have the option of connecting instantly by pressing the big purple button. This is probably fine for most people and gives you a more than acceptable level of anonymity with the default settings. If you’re in a country where Tor is blocked, you need to click on Configure Connection instead, then add a new bridge.

Bridges are similar to ordinary Tor relays, but are not listed publicly, meaning it’s difficult for authoritie­s to shut them down or compromise them. There are few of them and your connection speed suffers, but if it’s your only option, it’s your best option.

Because bridge addresses are not public, you need to request them. Selecting Choose A Built-in Bridge gives you the option of choosing Obfs4, which makes your traffic look random, Snowflake, which routes your connection through Snowflake proxies, or Meek-azure, which makes it look like you’re using a Microsoft site.

You can also request a bridge from http://torproject. org, but be aware that you need to complete a Captcha first. Once set up, you can hit Connect and be on your anonymous way.

Browsing with Tor

Connecting to the Tor network may take a few attempts and transfers may be slow, especially in these troubled times, when in certain parts of the world there are a lot of displaced people and resurgent dystopian states are cracking down extra hard on dissidents, resistance and any mention of the word “war”.

Without using a bridge, it took us three tries to join the network, and several seconds to get to the spartan Linux Format homepage. Getting to the Gmail login page took even longer, Once there, Tor worked how you’d expect any browser to work.

Streaming media and torrents are big no-nos on the Tor network. The project homepage explicitly requests that you don’t do it. You’re using volunteer resources and bandwidth, which could be put to better use than checking out the new Arctic Monkeys album, and besides, performanc­e is terrible. Torrenting is frowned upon – unless you’re using those torrents to distribute secret government documents, evidence of war crimes or footage of drone attacks by the CIA.

If you’re looking for a smooth internet experience, Tor isn’t the tool you’re looking for. In addition to the guidelines on streaming and torrenting, and the janky connection, you’ll run into more Captchas than usual as your traffic doesn’t look exactly how web pages expect it to. Your exit node can be anywhere in the world, so you could also be served localised versions of web pages, in Finnish, Armenian or Spanish.

If on the other hand, you’re trapped under an authoritar­ian boot in a totalitari­an state, Tor is just what you need.

?? ?? Connecting to the Tor network can be as easy as pressing a button. It may take you a few attempts, though.
Connecting to the Tor network can be as easy as pressing a button. It may take you a few attempts, though.
?? ?? Captchas are used to prevent bots from plaguing the Tor network with spurious requests for bridges. Get used to them you’ll be seeing a lot more.
Captchas are used to prevent bots from plaguing the Tor network with spurious requests for bridges. Get used to them you’ll be seeing a lot more.
?? ?? The Linux Format website looks as glorious when viewed through the Tor Browser as it looks through any other browser.
The Linux Format website looks as glorious when viewed through the Tor Browser as it looks through any other browser.

Newspapers in English

Newspapers from Australia