The Onion Router protocol is a largely used tool by plenty of people seeking to maintain anonymity in an otherwise peering world. Surfing anonymity, email anonymity, real anonymization attempts to hide away when we don't want the world to see us. The TOR network has offered up quite a good deal of these anonymous options in the past, but with one clear flaw that compromised the entire anonymity gaining endeavor, plain text protocols.
HTTP vs HTTPS, Telnet vs SSH, SSL vs nothing, really is what it all breaks down to, but it doesn't really sound problematic until you think about the exit nodes. TOR onion routing protocol consists of a bunch of servers forwarding information around to redirect traffic out from a different exit and entrance point than where it should be coming from, this acts through a proxy server, well more like a bunch of proxy servers. A person in Detroit could have their traffic bounced through three servers and have their information seem as if it were popping out in Moscow. All sounds well and good, but the exit nodes are owned by individuals and not companies, TOR routing protocol is an open source project maintained by a community and not the TOR foundation.
With exit nodes being owned and maintained by individuals, all traffic filtered through their systems, and as a previous post stated these individuals can be held liable for the information trafficked through them, but this also means that information passed through them can be gathered and looked through. TOR will only allow as much anonymity as the end user tries to obtain. By making a purchase on an HTTP, or logging in on a website that's non-SSL, internet anonymity is completely surrendered.As with most great things we also must consider one other thing, people are jerks. Hacking a hacker or an outright newb is a huge goal that most of the hacking community attempts to do. If one can compromised another who thinks they are completely safe and anonymous bwowith their browsing history, well as history dictates they will become compromised. Many of these exit nodes are run by malicious individuals attempting to compromise those who seek a certain level of anonymity.
How exactly can they become compromised? By using plain text protocols over a node that's being sniffed for any reason what so ever. If the anonymity seeking individual logs into a website that isn't encrypted, their login credentials can become gathered by a malicious person with ill intent. Imagine trying to use telnet into a secure network environment over TOR, the entire network itself is at risk. Using Telnet in the first place is a bad situation, but the over all outcome can become catastrophic.
Not always is the sniffer implemented with ill intent in mind, sometimes the host is just looking out for their own best interests. From those I've talked to, most of the traffic is some form of Bit Torrent, or encrypted traffic, but with the possibility of horrible intentions that some TOR users have, the owner of the exit node can be held liable. Script kiddies trying to get their rocks off by doing something they shouldn't is another huge traffic user.
To be clear TOR onion routing does not give complete anonymity, the exit node that forwards information to the internet is the biggest crutch. It can't guarantee anonymous browsing, or anonymous anything for that matter, as we have to rely on the general user base to turn a blind eye.Even though TOR is a layered approach to surfing the net and the dark net and deep web, it is only a layer in and of itself when it comes to actually being anonymous when searching the deep web. Before we can rely on TOR to become anonymous, you'd need to implement a VPN connection OVER the TOR routing protocol. This will encrypt the TOR traffic decreasing the potential of the traffic being at risk to a sketchy exit node. Decryption of SSL or TLS traffic is a lot harder than just obtaining out right plain text information. With the slew of never ending traffic, the desire to decrypt that traffic is less likely as well.
Is TOR secure? No absolutely not, in no way shape or form will you be promised 100% certain anonymous surfing and browsing. Will it help? In some cases sure but don't rely on it by itself to be the tool that'll be the savior of anyone's anonymous online presence. Implement a private VPN over TOR to have heightened online anonymity. Not a guarantee, but its better than nothing.
If you plan on using TOR without a VPN tunnel, always be weary of the potential issues. But if you do want to download TOR, you can follow this link and get it for free. Just consider using a VPN as well before using it for browsing purposes.
If you have any problems, comments, questions, or concerns let me know in the comment section below, and as always be safe my goblins.
I think this was a great expansion to the post I made previously (http://www.goblinbyte.com/2015/07/in-tor-we-trust.html). Well done!
ReplyDeleteHa I totally meant to add that yesterday, sorry I got wrapped up in a few other tasks. But yes Jimmy's post about TOR was my inspiration for this post. Thanks Jimmy.
Delete