- Parked Tesla Model S bursts into flames in shocking video Today 3:12 PM
- Fortnite is getting an Avengers Endgame event Today 2:44 PM
- The living are facing the end of the world in the latest ‘Game of Thrones’ Today 2:37 PM
- The best Korean beauty toners for your skincare routine Today 2:33 PM
- Warren’s plan to cancel student debt stimulates the bad-take economy Today 2:27 PM
- Video shows Easter Bunny punching man on sidewalk Today 2:09 PM
- The 7 best lubes for when you wanna do butt stuff Today 2:00 PM
- 11 best sex toys under $35 to blow your mind Today 1:30 PM
- Twitch streamer inadvertently documents all the times she was sexually, verbally harassed on vacation Today 1:12 PM
- Raptors coach Nick Nurse becomes a relatable meme Today 1:12 PM
- Man wears bandage that blends in with his skin tone, and Twitter has all the feelings Today 12:55 PM
- The 8 best Korean sunscreens to add to your bag Today 12:15 PM
- New ‘Avengers: Endgame’ commercials drop a few big spoilers Today 11:58 AM
- 11 party games for people sick of playing Cards Against Humanity Today 11:45 AM
- Curvy Wife Guy makes the most Curvy Wife Guy pregnancy announcement Today 11:31 AM
Online anonymity is hard. Understanding how it works isn’t.
No matter what you’ve heard about the Tor network, the basics of the service are simple: Tor keeps anyone who uses it safe, secure, and anonymous on the Internet.
Originally created by the U.S. Navy, Tor can be used to browse the Web anonymously, send and receive private communications, or make other computer software anonymous by integrating it with Tor software.
Tor’s reputation, however, is less straightforward. Many equate the anonymity the network provides with those who decide to use it for illegal purposes. From terms like “Dark Net” and ”Deep Web” to who actually uses the privacy software, here’s everything you need to know about Tor.
What Tor does and where to get it
Tor is developed and maintained by the Tor Project. You can download the latest version of the Tor software here.
Once you have Tor, it’s as simple to use as Chrome or Firefox. (In fact, the Tor browser is a tweaked version of Firefox.) You can view most websites as you would with any other browser—the main difference is that now those websites won’t know who you are. You won’t be identified and tracked the way that you are around the Internet with other browsers.
Tor lets you do plenty of other stuff, too. Using the Tor browser or working with other programs, you can chat anonymously or share files without giving up your identity. One of the most interesting uses of Tor is accessing so-called hidden services, anonymous websites that only exist within the Tor network. In the same way that Tor hides your identity, a hidden service website’s location and the identity of its owner is also hidden thanks to Tor’s technology.
What is the Dark Net and Deep Web?
When anyone talks about Tor, it’s crucial to understand a few key definitions.
People often confuse the Deep Web and Dark Net. Adding further confusion is that these names are not used universally. Some call the Dark Net the Dark Web or the Deep Web the Deep Net. We use Dark Net and Deep Web. Here’s what each term truly means:
The Deep Web is information on the Internet that is not available by standard search engines. This is a vast stretch of cyberspace because it includes private databases, administrative portals, emails, archives, and more. The Dark Net is a subsection of the Deep Web.
The Dark Net or Dark Web are networks like Tor, I2P, or FreeNet that can only be accessed using specialized software and are often motivated by hiding certain data. When you’re talking about the Dark Net, the “normal Internet”—the one you used to access this article—is known as the Clear Net.
What’s a hidden service?
Tor has many uses, including allowing a person to browse the normal Internet (Clear Net) from behind an anonymized connection.
A hidden service, however, is an anonymized website that’s accessed over that anonymous Tor connection. Consider it an extra layer on Tor’s protective onion.
Hidden services range from blogs to forums to black markets to Facebook itself.
Anyone can run their own hidden service, allowing them to host a Web service (maybe a site or a server) while benefiting from the anonymity Tor provides. Try Tor’s own instructions if you’re interested in the most up-to-date advice.
Important: There is no such thing as perfect security anywhere, including Tor or its hidden services. There’s a lot to learn about successfully running hidden services without giving yourself away. As with any technology, the more complex a service, the easier it can fail.
Who uses Tor and why
Tor’s user base is diverse and, by design, it’s virtually impossible to know everyone who is on the network. Tor’s foundational purpose is to allow everyone, from spies to political dissidents, to surf the Web in such a way that no one can know who they are.
Now, thousands of normal computer users utilize Tor in order to protect themselves from ads, tracking, and surveillance. Journalists use Tor to protect their sources and themselves. Both law enforcement and criminals use Tor in order to hide what they’re doing online. Businesses protect their Internet traffic using Tor. In countries like Iran and China, Tor is used to evade censorship and surveillance.
How Tor works
Tor works by encrypting a user’s traffic and then sending it through a “virtual tunnel” to three randomly selected relays (other Tor-connected computers) in the Tor network before finally reaching the final destination, like dailydot.com. While other proxy services exist, Tor is far more secure and private.
Each relay only “knows” the location of the relay before it and the next relay so that it can pass on the data, but no one relay knows both the user and her destination. That means the data cannot be traced or read thanks to strong encryption. At least, that’s the goal.
Can Tor be broken?
Repeat after me: There is no such thing as perfect security.
Tor is subject to the same laws of the universe as any other technology. It’s excellently built, all technologists agree on that, but do not presume Tor to be perfect or even close to it. That thought has spelled trouble before.
Even when Tor works exactly as designed, there are potential pitfalls that can erase your anonymity.
The best—but also perhaps most difficult—move is to have a computer dedicated entirely to Tor that doesn’t cross over with your everyday machine, the one you use for Facebook and banking. Very few people can successfully compartmentalize like this, but it’s an extra layer of safety if you can.
Because of Tor’s origins within and continued connections to the U.S. military, there’s been much skepticism directed towards it throughout the years. If the Tor Project gets money from the U.S. government every year—which it does—wouldn’t that government insert a backdoor so it could spy on Tor’s users?
Tor is open source, which means that every line of code that makes the program run is available for you to read right here. That code is written and audited by security professionals to make sure Tor does what they say it does: Keep users safe and secure from everyone, even the U.S. government.
Despite understandable skepticism about the project’s connections to the U.S. government, no one has ever spotted a backdoor in Tor. On the contrary, no critic has ever really criticized the code in significant ways. The world’s top security professionals swear by Tor.
Still, Tor is not perfect—no computer program is, and Tor has had vulnerabilities that affect users’ privacy in the past—but there’s little reason to seriously suspect that Tor does anything except provide some of the most comprehensive protection an Internet user can get.
But even when Tor is firing on all cylinders, it is not a panacea. Tor is a big step toward privacy, but there’s plenty more you can do, like using end-to-end encrypted messaging while also using Tor.
Illustration by Max Fleishman
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.