Speaking of Tor, besides the superhero, what comes to mind is the browser that allows us to access the deep web, how striking it is to many. However, this is not works over the conventional internet, it does over a network of the same name, the so-called Tor network, which is special and is the one that is truly in charge of preserving our identity; the browser, despite being the best known, is only an access tool.
The Tor networkAs such, it has plenty of time. However, its greater knowledge and the facilities to connect to it are something quite new, which does not reach two decades. Its operation is very interesting and, above all, useful, in a way that is increasingly used.
If you are interested in knowing more about her, what are its characteristics, how to access and navigate through it and what do you expose yourself If you do, keep reading because we will see everything.
What is Tor the anonymous network?
Tor is a distributed network that overlaps the internet and that it has a low latency launched in 2002 and that continues to be updated continuously. Its main characteristic is not reveal the identity of users when there is an exchange of messages between them, conducting a routing or routing that allows the information to be sent in the most appropriate way according to the needs of the user and, of course, the characteristics of the network in question.
Another feature, besides the anonymity of the user (the IP), is the secret of the information that is managed, that is kept whole. Its operation is based on an onion routing, which causes messages to travel to the destination through a large number of onion routers so that the trail is lost.
This is similar to the one that occurs in a peer-to-peer network, although it is not one of them. There are individuals and organizations that donate the bandwidth and processing capabilities of their equipment. As the participating nodes are distributed, and they are completely changing on each occasion, we find a network that, in general, is not attacked, as it is very difficult to knock down.
On the other hand, we have that, although it calls itself the anonymous network, the truth is that it is not infalliblewell even though resists attacks and is flexible, it’s not perfect.
- It is an anonymous network.
- It is superimposed on the internet.
- It works through volunteer nodes.
- The information is encrypted to keep it complete.
- It travels through various nodes.
- Difficult to attack.
As a curious fact, know that this type of network operation was designed so that the communications of the US Navy were more protected, although it later became public domain and free of charge.
How does Tor really work?
The operating system is called, as we have seen, “routed onion”, of English “Onion Routing“, which works to ensure data privacy and user anonymity. The routing work that is commonly done to check websites, the one you have done with your computer or mobile to read this, is straightforward.
This means that the device has made a direct connection to our servers, creating a simple route computer-router-router ISP-servers. Many data packets are sent on this path, and if someone were to intercept them, they would know where they are traveling from and where they are going.
What onion routing does is send data packets through a non-direct path, making use of several nodes, which correspond to the systems of other users that connect and that assign their resources to enable such information exchanges.
The path followed, considering a computer A that sends messages and another B, that receives them, is as follows:
- Once inside the anonymous Tor network, A makes a calculation on the route to B, having to go through some nodes along the way.
- There is a node directory with which A will get the public keys of which you will use.
The message is encrypted, using asymmetric encryption, like an onion, layer by layer.
- First, the key of the last node to use, so that this is the only one that can decrypt the message. On the other hand, we find instructions necessary for the information packet to arrive Where corresponds.
- Once encrypted, it is sent to the first node.
- This deciphers it and follow the instructions given.
- The packet is encrypted again to reach another node, and thus node to node until reaching the penultimate.
- The further you go, the more protected you are by the various layers of routing provided by the different nodes. It is worth mentioning that in this process the IP is constantly being changed.
- The last node, the output node, is the one that sends the message to computer B.
With this process, the data that is transmitted is not known. We only have the first connection node, which knows where the message comes from, and the last one, which knows where it is going. In fact, the rest of the nodes do not even know at what point they are participating. So much so that even the existence of spy nodes would not be useful to get the information it is distributing
How to securely connect and use the anonymous Tor network?
Until not too long ago, connecting to this network brought with it quite a few inconveniences, it was not a precisely fast or light process, requiring the installation of various software that would act as a proxy.
To put a solution to that appear Tor Browser, What is it a multiplatform browser specifically designed to be used, with total ease, precisely in the anonymous Tor network. All you have to do is:
- You will be able to choose the appropriate executable based on your operating system, its version, the language, etc.
- Install it like you do with any other software. You will be asked for a hosting path, you will be asked about creating a shortcut, etc. It is not difficult or out of the ordinary.
- Start it. Double click on the folder that has been created and then on the launchable browser, “Start Tor Browser”. A window will open.
- Connect to the network. Do so by clicking on the “Connect” button (if you have downloaded and installed it in Spanish).
- At that moment the browser will open, which you can start using from now on.
About navigation, point out some little things (you can visit this article about Tor browser) to know in detail what it is, how it works, how to configure it, etc):
- You have various configuration options to graduate your privacy and security. These are very effective but it is advisable to only use them if you know how to do it. As in any browser, you have these options in your menu bar.
- Nowadays you have a default browser and you can choose to have any other, as you usually do with Google, Yahoo !, Bing, Edge or another. In them you can do the searches you want and the main results will be those that are not indexed on the “normal” internet, that is, those that we cannot access regularly will appear because they do not appear in conventional search engine searches.
- There is another navigation method with Tor which is exclusive to it and which is based precisely on site encryption. This consists of creating spaces (services) with domain .onion and with names that are a set of 16 automatically generated characters. In this way, no one enters by chance Instead, you must know the name of these services, known as “onion services”, which have added protections and are hidden in terms of location and IP.
Dangers and risks when browsing the Deep or Dark Web and how we can protect ourselves
When you go to get to work, do not forget the following considerations to keep you always safe, we are going to see some interesting points that we have to take into account:
Don’t even think about accessing your profiles on social networks, accounts on any type of platform or on your own website (the login id can be given in many ways), nor can you visit them. In the latter case it would be more difficult for you to be related to navigation but it is still possible.
Also, if you have a website with little traffic, the normal thing is that it is not in the distributed network and that an output relay identifier of administration appears. They can enter our account, obtain information from it, carry out transactions on our behalf, suspend them …
Don’t use personal information either
Never use any type of information related to you, neither your name nor your telephone, postal address, names of friends (even if they do not include surnames), old email addresses (If you need an account for something, create a temporary one with an application of the type TempMail) …
Identity forgery would be the best thing that could happen to you if someone managed to get hold of your personal information.
Don’t even talk about the deep web on your sites
Confess that you have visited the deep web, and more on giving data about what has been done, it will only serve to someone can relate your activity to your identity. Do not even think about linking to invisible sites, because you can easily know where they come from.
Use a single identity
The “lies have very short legs” is not an exaggeration. If they invent several profiles it is more than likely that these will eventually become related somehow.
When you have to send information, make sure to encrypt it right first. For this, it is essential to make good use of the browser and use add-ons such as HTTPS Everywhere, which ensures the safety of the information.
Don’t alternate Tor with open WiFi
They must be used at the same time so that our MAC cannot be related (the identification address of your team) with the activity you have carried out.
Not even with direct Internet connections
If we are two things at the same time it is possible that we get confused and we end up being wrong when sending data on a network that is not.
Don’t use Tor over Tor
Use only one input and one output to the network, they are the only thing you need. Creating more than one does not improve security, quite the contrary.
Don’t use Bridges
These are the network relays that are not listed with the intention that they are not blocked by ISPs.
Do not modify the Tor access settings
The default configuration of the access utilities is usually very adequate. For that reason, if you are not sure how to do it, it’s better to keep the preset parameters. It would be possible that, instead of improving your security, create big gaps that end up making it possible for them to track your activity.
Avoid double authentication
The double authentication methods require, in some way, of a relationship between authentication and some personal information, necessary to achieve it.
Do not open received files
Files on the deep web or dark web are full of malware so the best thing is that you do not download anything and, if you do it by mistake, do not open what you have received.
If you have any questions, leave them in the comments, we will answer you as soon as possible, and it will also be of great help to more members of the community. Thank you! 😉