So far, we have talked about assessing your threat model and what a VPN can and can’t do for you. This time, we’ll talk about something you may have heard of by various names: the Dark Web, the Deep Web, and so forth. Most of those references are usually talking about a technology originally developed by a small team in the US Navy that has revolutionized Internet anonymity: The Onion Router, otherwise known as Tor.
Ok, ok…I know it’s a weird name but there’s a reason it’s called the Onion Router. First let’s take a quick look at how the regular Internet works. When your computer wants to talk to another one (say, your favorite website), the information has to get from your computer to the other one that can be located anywhere in the world. This is called “routing”, and without getting too deep it’s simply a bunch of devices that know how to get your data (your web page request) from point A to point B, and send a reply (the resulting web page) back the same direction. They do this by neatly wrapping that data in a container called a packet; think of the packet as an envelope with a destination address and a return address, containing information. Every device on the Internet has a specific and unique address; no two devices can successfully share a single address (at least not directly). the routers of the Internet know where those addresses are connected to the network and send the envelope (packet) by passing the packet to the next router in the network, which then forwards that to the next, and so on until it gets to the right place. The packet addresses remain in place so the routers know how to handle the data. The reply generally goes back the same way, but may follow different routes through different routers. The upshot is that the destination device knows what your specific Internet address is so it can reply back; this is part of how web sites track you, and it’s how websites know roughly where you are geographically without GPS data handy.
Here’s where Tor comes in. It’s called the “Onion” router because the same sorts of routers that drive the regular Internet (called the “ClearNet” in Tor circles) do some extra tricks to disguise your whereabouts. When you use Tor, your data gets “wrapped” in an additional layer (hence, the idea of an onion) before it gets passed to the first router in the link; like stuffing an envelope inside another envelope with a different source and destination address. The next router remembers the address of that envelope, unwraps it, and then re-wraps it in another uniquely addressed envelope; this address is not the same as the original source. It then gets passed to the next router, which repeats this process. At this point, anyone intercepting that data cannot tell where it originated from; they can only tell which router it came from. There’s no way for them to know where that router got it from because any given router only knows the immediate last router and the immediate next router in the circuit. This process continues until the data gets to the destination; the reply goes back by the exact same route, because only the routers that make up the original link (called a “circuit”) know where to send the data next. By the time your data gets to the destination, your location cannot be determined from the network address like it can on the ClearNet; it just points back to the previous router.
Sounds great, right? Well, it’s good for hiding your location, sure. It has been used for years by dissidents, journalists protecting sensitive sources, and criminals trying to evade capture alike. The latter category is where the “Dark Net” gets its unsavory reputation from; they are by far the largest user base for Tor. Black market sites abound, selling everything from drugs to guns to illegal pornography. Pedophiles routinely use Tor to exchange illegal child porn, and many drug deals are made every day; the infamous “Silk Road” market that made worldwide news a couple of years ago was a Tor-based drug market. They would have continued relatively unmolested by law enforcement, if not for the stupidity of one of the site’s users who exposed too much information about himself and some of the site owners in a forum monitored by law enforcement; while there are some technical cracks that can be exploited by someone with enough resources and time to de-anonymize Tor traffic, it takes a tremendous amount of effort and luck to crack it that way. However, Tor makes everyone anonymous, especially cops. No anonymity is perfect when human beings are involved; things you say or do can still identify you or your location.
Now with that caveat, how would one use Tor, anyway? There are a few ways to do that; the authoritative place to start is with the Tor Project. They offer a couple of options, mainly browsers that run on Windows, Mac, Android, and iOS devices. For the really dedicated tech types, you can get the router source code from there and compile it on your favorite platform to create a node on the Tor network; fair warning though. Some jurisdictions have outlawed Tor “relays” and “exit nodes” as these devices are called. Be aware that if you live in one of those jurisdictions, it is impossible to disguise the fact that you’re part of the Tor network from your ISP. They won’t be able to see the data, but they can definitely see the tunnel and it’s unmistakable. Don’t try it at work, either: most businesses actively monitor for Tor traffic and their Network Security guys will instantly pounce if they detect it.
There is also another noteworthy option for more technically-inclined users: The Amnesiac operating system, otherwise known as Tails. It’s called that because it is intended to be a “portable” system: it is designed to boot and run from a USB thumb drive. You simply shut down a regular computer, plug in the Tails thumb drive, and boot from the thumb drive. Tails has all the tools you’d normally find on a computer (word processor, spreadsheet, web browser, and so forth) but once you shut the computer down and remove the thumb drive, there is no trace left that you were ever using Tails (hence, “Amnesia”). There are ways to make files persistent so you can save them to the thumb drive, but Tails won’t access any permanent storage on the computer at all, even if you want to. Tails is probably the most complete end-to-end Tor solution known, and its portable nature makes it very attractive for people who want to keep their whereabouts unknown.
What are the downsides? Tor isn’t foolproof; for one, it doesn’t encrypt data within the Tor network; the Tor tunnel is encrypted from the ClearNet similar to a VPN, but anyone on Tor can see your data if additional steps aren’t taken to encrypt it. Tor also isn’t invisible: Tor tunnels are distinctive from VPNs to network monitoring and security devices, so they’ll see the tunnel immediately. Sometimes just the fact that someone is using Tor is suspicious enough to attract attention. Tor is also only as good as the end user in maintaining anonymity: if you’re going on Tor message boards and IRC chat rooms talking about that restaurant you went to in such-and-such a place, well, you’re busted. You have no way of knowing who any of those other folks in that chat room or on that board are, and if one of them wants to find you they can gather vital de-anonymizing information that way. Tor is also notoriously shy: websites and services are sometimes very hard to find. There’s no giant indexing service like Google or Duck Duck Go per se, although there are some that attempt to maintain lists of updated links. The topology of Tor makes it nearly impossible to keep indexes up-to-date, and if a site doesn’t want to be found it won’t. Sometimes you just have to know the exact address (which is often a dizzyingly-long string of characters) to find something. Finally, the very organizations you might be interested in hiding from (i.e. the Federal Government) definitely have the access, resources, and time to successfully penetrate and de-anonymize Tor traffic through a variety of methods. You may be safer from local law enforcement, but don’t count on it.
So to recap: Tor is a way to hide your location and identity by using a parallel “Internet” called the Dark Net/Dark Web/Deep Web, etc. It’s pretty good at that, but not foolproof. It’s readily available in various forms and relatively easy to use if you know where you want to go on Tor, not so much if you don’t know where to go. Use it with caution and it’ll serve you well.