Home > Computing > A beginner’s guide to Tor: How to navigate…

A beginner’s guide to Tor: How to navigate through the underground Internet

We live in an era of free-flowing data, where any person with an Internet connection has seemingly all the information in the world at their fingertips. Yet, while the Internet has greatly expanded the ability to share knowledge, it has also made issues of privacy more complicated, with many worrying their own personal information, including their activity on the Internet, may be observed without their permission. Not only are government agencies able to track an individual’s online movements, but so too are corporations, who have only become bolder in using that information to target users with ads. Unseen eyes are everywhere.

In this climate of data gathering and privacy concerns, a browser called Tor has become the subject of discussion and notoriety. Like many underground phenomena on the Internet, it is poorly understood, shrouded in the sort of technological mysticism that people often ascribe to things like hacking or bitcoins.

RelatedYou can now read ProPublica on the Dark Web

Tor is software that allows users to browse the Web anonymously. Developed by the Tor Project, a nonprofit organization that advocates for anonymity on the internet, Tor was originally called The Onion Router because it uses a technique called onion routing to conceal information about user activity. Perhaps ironically, the organization receives the bulk of its funding from the United States government, which views Tor as a tool for fostering democracy in authoritarian states.

Why the Internet isn’t secure

To understand how Tor is able to protect a user’s identity as they browse the Internet, it seems prudent to discuss exactly how the Internet works. The Internet is, at its most basic, the series of connections between computers across great distance. In the beginning, computers were isolated, unable to communicate with each other. As the tech got more advanced, engineers were able to physically link computers together, creating early networks. These networks still required the computers to be relatively near each other, however. Eventually, advances in fiber optics enabled networks to connect across continents, allowing for the Internet to be born.

Some computers house the data stored on the Internet, including web pages like Google. These computers are known as “servers.” A device used to access this information, such as a smartphone or PC, is known as a client. The transmission lines that connect clients to servers come in a variety of forms, whether fiber optic cables or wireless signals, but they are all connections.

Although clients initiate connections to get information from servers, the flow goes both ways. Data is exchanged across the Internet in packets. These packets contain information about the sender and the destination, and certain individuals and organizations can use this data to monitor who is doing certain things or accessing certain information on the Web.

It is not just the server that can see this data. Traffic analysis is big business, and many organizations, both private and governmental, can monitor the messages flowing between clients and servers. How, then, does Tor keep the user’s information secret?

How Tor has the answer

There are two key aspects to onion routing. First, the Tor network is composed of volunteers who use their computers as “nodes.” As mentioned earlier, during normal browsing, information travels across the Internet in packets. When a Tor user visits a website, however, their packets do not simply travel to that server. Instead, Tor creates a path through randomly assigned nodes on that the packet will follow before reaching the server.


The other important aspect of onion routing is how the packets are constructed. Normally, a packet will include the sender’s address and the destination, not unlike a letter. When using Tor, the packet is wrapped in successive layers of packets, like a nesting doll.

Anatomy of an onion packet. Original message is in black

When the user sends the packet, the top layer tells it to go to Router A, the first stop on the circuit. When it is there, Router A takes off the first layer. The next layer tells Router A to send the packet onward to Router B. Router A does not know the ultimate destination, only that the packet came from the user and went to B. Router B peels off the next layer, seeing that the next stop is Router C. The process continues until the message reaches its destination. At each stop, the node only knows the available information: the last place the packet was, and the next place it will be. No node knows the complete path, and neither would anyone who observes the message being sent from a node.

How to get Tor

In keeping with the ideological aims of the Tor Project, Tor is free to use. Simply download and install the browser, which is a modified version of Firefox available for Windows, Mac OS X, and Linux. For mobile browsing, there is also an Android app called Orbot. Note that while the Tor browser is already configured to work properly, users on networks with firewalls or other security systems may experience difficulties. Moreover, careless Internet usage can still compromise one’s anonymity. Tor’s website has a comprehensive list of things to avoid doing while using the browser, as well as fixes for any problems that arise.

The Deep Web and Tor’s hidden services

Tor is valuable as a tool to protect the user’s privacy, but that is not its only function. The other, more infamous use for Tor is as a gateway into the Deep Web, the massive portion of the Web that is not indexed by search engines. The term “Deep Web” is thrown around in popular discourse, often in tones reserved for bogeymen. There are good reasons for this, but most of the Deep Web is fairly mundane. It is merely all the information that cannot be easily accessed through a Web search, which is a lot of data, actually.

The Internet, to use an old but apt cliche, is like the ocean. Like the surface of the world’s oceans, the surface of the Internet is mapped out, easily found via Google search. The bulk of the world’s oceans lie beneath the surface, however. The bulk of the Internet (around 80 percent) comprises pages unknown to most people, locked behind passwords and protocols.

Silk Road

Silk Road, one of the most famous (and sordid) sites on the Tor network

Tor allows web pages, like clients, to protect their anonymity, by configuring a server to connect with clients at a Tor relay in between. The server does not need to provide the IP address, and the user does not need it, instead using an “onion address,” a 16 character code that clients enter in place of a traditional URL. The hidden pages on the Tor network comprise one of the most famous darknets, networks only accessible through specific protocols. A phrase like darknet conjures up images of shady dealings, and not without cause; some of the most notable hidden sites are used for trafficking illegal goods, such as the Silk Road, a popular site for selling drugs which was shut down by the FBI in 2013.

Who uses Tor, and why?

Anonymity is Tor’s bread and butter, and as such it is probably impossible to ever get a comprehensive view of its userbase. There are certain trends that become apparent, however, and some Tor advocates are especially vocal about their reasons for using the service.

Tor has become popular with journalists and activists in countries with restrictions on the Internet and expression. Countries like China are known for censoring their citizens’ access to the Web; Tor provides a way around this control. For whistleblowers, Tor provides a safe avenue to leak information to journalists. In fact, Edward Snowden released information on the NSA’s PRISM program to news organizations via Tor. One doesn’t need to be a freedom fighter to appreciate Tor, however. Many academics and ordinary citizens endorse Tor as a tool to keep privacy and freedom of expression alive in the Information Age.

Despite the Tor Project’s good intentions, Tor has developed a bad reputation in the mainstream press, and not without cause. Just as large cities, with growth and prosperity, attract criminals, the growth of Tor and the cover it provides has made the network a refuge for unsavory individuals.

To be fair, the fact that Tor allows such communities to grow is troubling. However, it is important to note that criminal activity on Tor is a consequence, not a goal, of the Project’s commitment to freedom of expression.

Limitations, hazards, and general safety

While Tor is useful for browsing the Web anonymously, it is not without problems. Naturally, this has drawn attention from government organizations like the NSA and FBI, who consider Tor a target of particular interest.

While the Tor network is quite secure from traffic analysis, the Tor browser, like any other, is vulnerable to attacks and exploits. The Tor browser is, specifically, a modified version of Firefox, and as such is vulnerable to the same kinds of attacks as Firefox. By infecting an individual user’s computer with malware, one can track their activity and even remotely access their device.

Merely using Tor can make one an attractive target for the government, even if you only use the network for legal purposes. Leaked NSA documents have revealed that they particularly focus on “dumb users,” people using Tor who may not be knowledgeable about Internet security and through whom the NSA can gain footholds in the Tor network. Given access to enough nodes, the NSA (or anyone else) could observe packets traveling and shedding layers, from which point they could reconstruct the path traveled.

There is no way to be completely secure on the Internet, and Tor does not change this. But by taking reasonable precautions, it is possible to minimize the risks of browsing with Tor.

First, it is important to disable most scripts and plugins, such as Flash, which can operate independently of browser setting and even transmit data about users. Torrenting, a file-sharing process in which multiple people download different pieces of a file, sharing the bits they have already downloaded until the file is complete, is also something to be avoided. Torrent programs must broadcast your IP address so that peers can connect to you and share files, thwarting the entire point of onion routing.

Finally, anyone browsing Tor’s hidden services should be careful about what they click on. While many pages are socially acceptable or at the very least legal, such as sites for whistleblowers or Bitcoin exchanges, others are havens for disturbing, even criminal behavior. The cover of darkness helps rebels and monsters alike, and even naively stumbling onto a webpage containing illicit content could land you in legal trouble.