57c6644238026f23a741e2418fb893a86f60611f
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

1) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
2) 
3) <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
4) <head>
5)   <title>Tor: Overview</title>
Roger Dingledine clean up my meta and br tags

Roger Dingledine authored 20 years ago

6)   <meta name="Author" content="Roger Dingledine" />
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

7)   <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
8)   <link rel="stylesheet" type="text/css" href="default.css" />
9) </head>
10) 
11) <body>
12)   <div class="menu" id="side">
13) <!--    <img id="logo" src="tor.jpg" alt="cute tor gate" /> -->
Roger Dingledine clean up my meta and br tags

Roger Dingledine authored 20 years ago

14)       <a href="index.html">Home</a> <br />
15)       <a class="current">Overview</a> <br />
16)       <a href="download.html">Download</a> <br />
17)       <a href="documentation.html">Documentation</a><br />
18)       <a href="contribute.html">Contribute</a> <br />
19)       <a href="design.html">Design</a> <br />
20)       <a href="developers.html">Developers</a> <br />
21)       <a href="research.html">Research</a> <br />
22)       <a href="people.html">People</a> <br />
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

23)   </div><!-- #side -->
24)   <div class="main" id="main">
25) 
26) <h2>Tor: an anonymizing overlay network for TCP</h2>
27) 
28) <p>
29) Traffic analysis can be used to infer who is talking to whom over a
30) public network. For example, Internet packets have a header used for
31) routing, and a payload that carries the data. The header, which must be
32) visible to the network (and to observers of the network), reveals the
33) source and destination of the packet. Even if the header were obscured
34) in some way, the packet could still be tracked as it moves through the
35) network. Encrypting the payload is similarly ineffective, because the
36) routing information is all an observer needs.
37) </p>
38) 
39) <p>
40) Knowing the source and destination of your Internet traffic allows
41) somebody to track your behavior and interests, impacting your checkbook or
42) even threatening your job or physical safety.
43) </p>
44) 
45) <p>
46) Individuals, corporations, and governments all have an interest in
47) traffic analysis protection. Individuals want to protect themselves and
48) their family members from remote websites, or connect to resources such
49) as news sites or instant messaging services that are blocked locally.
50) User groups such as the German "Diabetes People" organization recommend
51) Tor for their members' online privacy and security.  Activist groups such
52) as the Electronic Frontier Foundation are publicizing Tor as a mechanism
53) for maintaining civil liberties online.  Corporations such as Google and
54) Wal-Mart are investigating Tor as a safe avenue for competitive analysis
55) or to try out new experimental projects without associating their name
56) with the project.  A branch of the U.S. Navy uses Tor for open source
57) intelligence gathering at its headquarters, and one of their teams used
58) Tor while deployed in the Middle East recently.
59) </p>
60) 
61) <p>
62) Tor helps to reduce the traffic analysis risk by distributing your
63) transactions over several places on the Internet, so no single point can
Roger Dingledine clean up my meta and br tags

Roger Dingledine authored 20 years ago

64) link you to your destination. To make private connections in Tor, a client
65) incrementally builds a path or <em>circuit</em> of encrypted connections
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

66) through servers on the network, extending it one step at a time so that
67) each server in the circuit only learns which server extended to it and
68) which server it has been asked to extend to.  The client negotiates a
69) separate set of encryption keys for each step along the circuit.
70) </p>
71) 
72) <p>
73) [Insert snazzy onion diagram here.]
74) </p>
75) 
76) <p>
77) Once a circuit has been established, the client software waits for
78) applications to request TCP connections, and directs these application
79) streams along the circuit.  Many streams can be multiplexed along a single
80) circuit, so applications don't need to wait for keys to be negotiated
81) every time they open a connection.  Because each server sees no
82) more than one end of the connection, a local eavesdropper or a compromised
83) server cannot use traffic analysis to link the connection's source and
84) destination.  The Tor client software rotates circuits periodically
85) to prevent long-term linkability between different actions by a
86) single user.
87) </p>
88) 
89) <!--
90) <p>
91) Many protocols, not just web.
92) </p>
93) -->
94) 
95) <p>
96) Tor also makes it possible for the clients to be hidden. Using Tor
97) "rendezvous points," other Tor clients can connect to these hidden
98) services, each without knowing the other's network identity. These hidden
99) websites let users publish material without worrying about censorship.
100) </p>
101) 
102) <p>
103) Of course, Tor can't solve all privacy problems itself. Tor focuses on
104) protecting the <em>transport</em>. You need to use other protocol-specific
105) software, such as Privoxy for web browsing, to clean identifying
Roger Dingledine try out a better takeaway m...

Roger Dingledine authored 20 years ago

106) information like browser type and characteristics, and you need
107) to use other common sense: don't provide your name or other
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

108) revealing information in web forms. Also, like all anonymizing networks
109) that are fast enough for web browsing, Tor does not provide protection
110) against end-to-end timing attacks: if your attacker can watch the traffic
111) coming out of your computer, and also the traffic arriving at your chosen
112) destination, he can use simple statistics to discover that they are part
113) of the same circuit.
114) </p>
115) 
116) <p>
Roger Dingledine try out a better takeaway m...

Roger Dingledine authored 20 years ago

117) Anonymity is threatened as never before by trends in law, policy, and
118) technology that are undermining our ability to speak and read freely
119) online without revealing who we are. Rather than trusting to laws to
120) maintain our rights, Tor aims to give people the power to make their own
121) decisions about their privacy. Providing a usable anonymizing network on
122) the Internet today is an ongoing challenge, both in terms of providing
123) usable software that meets users' needs, and also in terms of keeping the
124) network up and able to handle all the users; but we're making progress
125) at finding a good balance to provide both usability and security. Please
126) do what you can to help out.
Roger Dingledine first cut of new website

Roger Dingledine authored 20 years ago

127) </p>
128) 
129)   </div><!-- #main -->
Roger Dingledine decide on a format for cont...

Roger Dingledine authored 20 years ago

130)   <div class="bottom" id="bottom">
131)      <i><a href="mailto:tor-webmaster@freehaven.net">Webmaster</a></i> -
132)      $Id$
133)   </div>