If you want to browse through a vast sea of unindexed internet, aka the Deep Web, you will have to use something called Tor, otherwise you won’t be able to access the Deep Web.
So, what is Tor and why do I need it?
Tor stands for The Onion Router. You’ll soon see why the onion and not some other veggie.
It provides fairly good level of online anonymity, privacy and security to the user.
If you’ve ever stumbled upon a 16-character alpha-semi-numeric hashes followed by .onion, and tried to open it in your regular browser; it returned the “This webpage is not available” result, right? This address can only be accessed by Tor browser, specially designed to provide a safe and private environment.
Tor browser bundle can be downloaded for free here https://www.torproject.org/download/download-easy.html.en. There is no need for installation; you simply extract it anywhere on your computer and run it.
If you open the extracted folder with Browser folder in it, you will notice that the actual application is called Firefox, and that’s what Tor browser actually is – a modified Firefox browser with a set of plugins installed.
However, if you try to install any other plugin you might compromise your anonymity online, and it is not advisable to make any changes in settings unless you know exactly what you are doing.
Don’t even enable scripts or flash player, because those applications demand direct internet connection, not via Tor network, which will compromise your IP address and other information and make you an easy target for hackers.
Tor network can also be used for online chatting. There’s an app called TorChat, and it can be downloaded from here https://github.com/prof7bit/TorChat. Many journalists use it for interviews with their confidential sources or whistleblowers.
To put it briefly…
…Tor is essential; there are no two ways about it. If you wish to browse the deep web, you will have to use Tor. However as I mentioned, it will also protect your anonymity by passing your computer through several relays.
The main drawback that I see with it is that it can lull you into a false sense of security. For anonymous browsing, it’s an excellent first step, but it’s not the only one you need to take.
For more protection, I would strongly advise using Tor within a VPN service that allows P2P (peer to peer) networking.
Without this, while the sites you visit can’t be seen, any eavesdroppers will be able to see that you are using Tor. While that is not illegal by any means, it does stand out, so you lose some of the anonymity you fought to get.
Other non-important drawbacks include not being able to run torrents over Tor, and not being able to use browser plugins.
How deep down the rabbit hole do you wish to go?
Those were really the basics of Tor browser and Tor network and these would probably suffice if you only wish to explore and experiment with it.
But if you want to know the core mechanics behind Tor network and the way it provides the anonymity and privacy, I’ll be happy to get into more details about it.
Before going into any details about Tor, let me first cover how the regular internet works.
Let’s say that Alvin for example wishes to send a message to Barbara, or visit Barbara’s webpage. When Alvin sends his message, a data package is created,containingAlvin’s message, his and Barbara’s IP addresses.
This data package travels directly from Alvin’s to Barbara’s computer, making it an easy target for anyone who wishes to intercept the message or learn the information about Alvin or Barbara.
Spooky, isn’t it? Even if your messages aren’t confidential at all; why would you allow anybody to have access to you messages? It’s insane.
So, if you want to keep your privacy intact, I suggest using Tor, even for browsing that is not related to Deep Web.
How it works?
Well, as mentioned earlier, here is the detailed explanation for the choice of a veggie. Tor stands for The Onion Router and Tor Network is a series of connected routers.
When using Tor, Alvin’s data package would firstly be encrypted, and then sent through three routers, called nodes, before the data package reaches Barbara.
Mathematical Cryptography comes first
Remember that data package that was created when Alvin sent his message to Barbara? Now using Tor, that data package is encrypted – not once, but three times.
Mathematical encryption basically means that you take a set of information, Alvin’s message, and together with the encryption key you put it in a box.
When opening the box without the decryption key, the message looks totally different than the original data package. It can look like some other message or like a random messed-up code.
To decrypt the code you simply put in reverse – take the encrypted data package and the decryption key, put them in the box together, and you get the original message when you open the box. Simple, right?
Now, Tor takes this encrypted data package and encrypts it twice more, both times using different encryption keys.
Journey through a tunnel
As mentioned earlier, Tor is a series of routers connected to form a tunnel. They’re “a set of relays volunteering their resources to forward traffic for Tor users.” Now let’s see how they work.
After encrypting the data package 3 times, it’s ready for sendoff. Unlike regular network, the data package is not going directly from Alvin to Barbara.
Its first stop is the entry node – the first router or node as they call it.
In order for the data package to reach the entry node it must be addressed to it, right? So, the package contains information about the receiver and the sender, in other words Alvin and the entry node.
Once the data package reaches the entry node it’s being decrypted only one time. One layer of encrypted information peels and the other will be peeled when it reaches the middle node.
Once the data package reaches the middle node the process repeats – one more layer of encryption down.
It kind of reminds the onion layers, no? The package that reached the middle node contains a different set of information about the sender and the receiver: the sender is the entry node and the receiver is the middle node.
Now, Alvin’s message is sent to the last router, the exit node. The last layer of encryption is peeled at the exit node.
The information of the data package that exit node has received is again – different. It contains info about the middle node as the sender and the receiver – the exit node.
Once the message has been decrypted at the exit node, it is finally ready for Barbara.
Barbara gets the message that Alvin sent her, but the information about the sender and receiver is different.
Barbara knows it came from Alvin, because he probably signed it, but if anybody intercepts the message and tries to find out who sent it to Barbara, the data package will only give him information about the exit node as the sender.
The only possible way to reconstruct the journey of the message is to have access to all routers and have all three decryption keys.
So, now that you know how Tor works, if you still feel you need more protection, try using VPN with Tor, but that’s the story for another time.