Page Nav

HIDE

Grid

GRID_STYLE

Classic Header

{fbt_classic_header}

Breaking News

latest

How Does Tor Browser work?

June 24, 2020

How Does Tor Browser Work? You were using most definitely the deep web every day without necessarily knowing it, but that for this whic...

How Does Tor Browser Work?

You were using most definitely the deep web every day without necessarily knowing it, but that for this which is the dark web, it was simply impossible for you to go there without you to account for it since it was not accessible from a browser without configuration special. Today, we're going to talk about this whole darknet story a little more detail, and we go in particular talk about TOR and its operation! Because already know that darknet and dark web are two different things! Well, then, a darknet, what is it? Well, it's a bit of a network particular that can take many forms, but whose purpose is always the same: way or another, we look for it to maximize anonymity.

how-does-tor-browser-work
How Does Tor Browser work?

They do not all allow access to classic web, and they do not allow not even all to access the dark web. Some are used for example only transfer of files! These networks are so-called networks superimposed simply because they are based on a network that already exists and this network, I think his name should speak to you. Internet, basically what it means is that these darknets are based on the internet, and that is where the data. The darknet is a kind of layer placed above the network, and the purpose of this layer is to provide some anonymity.

For example, we can make sure that the sites we visit can not not know our IP address. It can avoid being tracked, but also to avoid certain restrictions because you have to know that with your IP, it's easy to know in which country you are!In this case, however, geographical restrictions, we still have a problem: OK it'snot your IP that will be seen by the site it will be another one, but nothing tells you that the latter will not be that of a PC that is in the same country. For that, it will rather use a VPN, but we'll talk about it a little later in the video. But as I just told you, even if the sites you visit are not going to see your IP to you, they will still see one. And she does not fall from the sky. So we'll try to see how it works in the particular case of the TOR darknet, so to get an idea of ​​who this address is may belong! Yeah, because that would be comical to see the cops tumbling at the neighbor because his IP would have been used for stuff not very charlie! So for those who do not know it, TOR, or The Onion Router, is one of that famous darkness, and that's probably actually the most known.

The first version of TOR was released in 2002, so as you can see, the project is not very young! But that does not prevent not to be regularly updated, mainly to improve security and anonymity. It's a darknet that allows a lot of things, with his dark web, but also a possible access to the classic web of way anonymous. The network is decentralized, and is based on the use of servers listed is public. But these servers have something that is not common: they are hosted by people volunteers who wish to participate in this by making other users benefit their material resources and their connection. These servers will serve as relays, and one of them will be the exit point of your request. This is the reason why they are called nodes. For each transmission of data, the route borrowed will be chosen randomly, to avoid any recurrence.

And the beauty of the thing is that in fact, even the nodes themselves do not know of the complete course. All they know is who sent the data (you or the previous node) and to whom they send them (the next node or the final recipient). But here we could say, ok, it's beautiful all that, but if I want to hide not only my identity but also the data that I'm passing through, does that to get them through as many people as possible it would not be just the worst idea of ​​the world? Well yes, the more there is the world through which it passes, at most I have chances that at least one of these people may have bad intentions! Well yes, it's indeed more likely to come across malicious people if our data pass through 100,000 unknowns before finally reaching their destination.

But the thing is we do not care! Because in all that, there is a very strong element important that I have not spoken to you yet: these famous data are encrypted! Impossible for the nodes to intercept your words Fortnite password! But that's not all. Because eventually if all we wanted it was sending our data so encrypted, bah finally we would not need to bother with all this because after all, that's what the HTTPS is for, with his encryption avoiding anyone not to intercept your traffic but just be able to read it! As we saw before, here we go through several nodes. And that's especially to keep the sender of the unknown message. But how does it work? Because we saw that the path taken was random, but if it was each knot that chooses the next node, then it would be enough malicious node in the chain and the viola would only have to choose at random.

The next knot, which of course would not malicious either. Yeah, except it's not like that it works! It's the sender of the message, so you actually, who will choose the path taken from the start! And when I say you, I mean your computer hub, do not worry, no need to be bac +10 traffic management to do everything it. From there, once the route of your known data, we will go to the stage encryption. And be careful, we're not talking about a simple encryption. You will finally encrypt your data as many times as there are nodes through which they will transit. And we will end up with some kind of doll Russian encryption. Imagine that each of these Russian dolls locked and that the keys are held by each of the nodes. The first will open the doll the most to outside, then pass the baby to the knot next, and so on.

Now replace the "Russian doll" onion, and you should understand this famous logo! This process is called a routing in onion, and it allows some anonymity since as said before, no node knows the complete path data. But as each node knows the previous one, it is possible to send data back to the sender, these data will simply follow the path in the opposite direction. On the other hand, the first node knows you, and the last node knows the recipient as well as the data you sent(since he opened the last Russian doll to return to this analogy). That's why if you want to be still more careful, it is essential to navigate only on sites in HTTPS, so that the data is encrypted once more, and therefore the last node can not read them. But that will not stop the entrance node to know your IP address, even if it has no idea of ​​the content you are giving him send. To hide the latter, you can use a VPN, which will add an extra layer of security by doing pass your data through a secure tunnel. From the entrance node, it's the VPN server that sends him data, and impossible to know who is behind, so you're anonymous that way too!

However, it remains a major risk in this story: the sites on which you make can you unmask otherwise than by your IP address. In other words, TOR or not TOR, if a site wants information on you, he will not stop there. I will take as an example Facebook. This is an example that I find quite funny because as I said in the video on the dark web, it turns out that they decided to upload their site under a domain in. We'll talk about this extension a little later in the video but what I mean that's because they want to facilitate access to their site anonymously. So be careful, I'm not saying it'snot well eh, on the contrary, it's even commendable from them. What I mean is that your anonymity, Well, it remains limited to what you do with it.

Because anonymity level, Facebook. Onslow better! We all know that they hunt our habits and they are trying to recover as much data as possible. But now, we know it. Or at least we imagine it. What is important is that they are giving it all up more or less voluntarily. The problem is we do not want to share everything. And some sites will not interfere with wait for your permission, and just go try to retrieve info about you in your back. For the most obvious, we can find tracking scripts. Some may be less malicious than others, for example, we find everywhere to know your preferences on sales sites, or from where you come. But others can be a little less harmless than that. That's why TOR works with a browser made to measure. It's a modified version of Mozilla Firefox, with predefined settings and preinstalled extensions, always for the same purpose to maximize our anonymity.

For example, in these extensions, we find the famous HTTPS Everywhere, which will push the use of HTTPS on all sites who take charge, for the reason that I mentioned earlier. We will also find NoScript, which goes simply block the execution of scripts, to avoid tracking. Using this kind of browser dedicated can have other benefits. Because you have to know that these scripts canto be vicious. For example, do you knew it's possible to spot you thanks to the extensions you use? Good ok, everyone does not have 36,000 extensions like me, but the possible combinations are still huge! And coupled to other things, such as installed fonts, screen size, or a whole bunch of other things innocuous, and well it is possible to create what's called a fingerprint of your browser, and it turns out that this footprint is extremely specific, point that it can be almost impossible to find another person with the same!

That's why having a similar browser for all users of the network, bah it's a great idea! And that's also why he is not recommended to use this famous browser in full screen, you will have the same right to a warning if you try! Yeah, because by doing that, you leave potentially leaking the resolution of your screen. And even if it seems innocuous, as we have seen, just little things like that right left and that's it, you're stuck! Some websites allow you to test this famous imprint of your browser, I invite you to try, that is cold in the back! Well, we talked about all things security and anonymity on the user side, we've seen how were your data hidden andhow your IP address was kept secret, now we will see how it works on the other side. Imagine that tomorrow you wake up in North Korea, and you want to create a forum to speak freely about things forbidden by the dictatorship. Create a server, host your site, put it online, and there is a good chance that your next outing on the street islands in a tragic accident due to causes unpredictable and natural. Why? And simply because to access to your site, we need the address IP of the server that hosts it.

And this address, ben it is related to you! And as much to walk on the internet, just a VPN to be sure to hide his IP, as much to host a server, it's not the even! Well yes, send a letter anonymously, it's not so complicated. On the other hand, send a letter without knowing the recipient's address is good more complicated! To do that in real life, we could imagine having an intermediate person, by whom the mail could transit. It's a little what's going on Tor with so-called hidden services. These services are only accessible from a .onion address. With a classic website, once the address back in the browser, the DNS will give the IP address that matches the name domain, we send the request to this address, and that's it. With onion, it's a bit more complicated only that. At the time of the creation of the hidden service, knots are randomly selected as points entrance for the service.

This information is then recorded somewhere so that when you will want to access the site, you will knowledge of these nodes, which is called entry points. You can then choose one at random, and send him a request. This request will contain the address of another node, which will be a meeting point for your exchanges, as well as an element that will authenticate the server when he comes to talk to you, in name mode secret agent code. The entry point will transfer this asks the server without telling him who she comes. So the server will decide whether or not to hold the account. Let's imagine he's nice, and he takes it into account. He has in this application the address of the point of appointment. He can send a message! But as you will not believe the first pin come and want to be sure that the message that comes to you comes from of this server, well he'll go there famous secret code that you sent him and so he is the only one to have in his possession (as I recall, all intermediate steps do not have access content because everything is encrypted!) And how to be sure that we have encrypted the message with the key of the good server?

And quite simply because the address of the site flows from this key, and it is so easy to spot if this last does not match! Hence the fact that most addresses in. Onion be like nothing! They are random (since the key is itself random). And for those that are readable "normally", well it's just software that has been used to generate keys randomly until you find one that gives a hash(and therefore an address) that does not want anything say! In short, it's not the simplest thing, but what is certain is that it is very effective! Well after that there is still a negative point to all that. When you access a classic website using TOR, we go through 3 intermediate nodes. and when you access a site in. Onion, it's double because the server wants him too to be anonymous. And as we have seen, the knots can be anywhere geographically. So potentially your data can go around the world 3 times before arriving at the server, then again 3 times for the answer.

In other words, we are not sure what is there faster, it can even be really slow! That's why it is sometimes more suitable to use a VPN, which in addition to allowing you to choose the server you want you connect and so the country in which you want to look like, will you allow to sail with a much higher speed! For example, imagine wanting to look at a series on Netflix but that the latter is not available from France. Well with a VPN, not only will you be able to make believe that you are in a country in which the series is available, Yeah well played to you. With the latter, you will be able to connect from another country without any problem and so bypass the restrictions of the one in which you are located.

So certainly already basic it can be nice to watch movies that are not released only in the US but to come back on our video topic this will allow you to have an extra layer of anonymity protection, since before reaching your location to you, well NordVPN will be part of intermediaries of connection, and so someone who will remount your login logs will have a lot more difficult to know who you are really! The latter is available on PC & Smartphone unlimitedly, and you can benefit at -75% if you subscribe for 3 years, which amounts to € 2.62 per month! And certainly, it can be tempting to look at free VPN in this genre of cases, but do not forget that you put part of your anonymity in the hands of this VPN, and when it's free, you know what they say.

Related Posts

No comments

Please do not enter any spam link in the comment box.

Subscribe to: Post Comments (Atom)