tor-webwml.git

1) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
2) 
3) <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
4) <head>
5)   <title>Tor: Overview</title>

6)   <meta name="Author" content="Roger Dingledine" />

7)   <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
8)   <link rel="stylesheet" type="text/css" href="default.css" />

9)   <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />

10) </head>
11) 
12) <body>
13)   <div class="menu" id="side">
14) <!--    <img id="logo" src="tor.jpg" alt="cute tor gate" /> -->

15)       <a href="index.html">Home</a> <br />

16)       <a href="howitworks.html">How it works</a> <br />

17)       <a href="download.html">Download</a> <br />
18)       <a href="documentation.html">Documentation</a><br />
19)       <a href="contribute.html">Contribute</a> <br />
20)       <a href="developers.html">Developers</a> <br />
21)       <a href="research.html">Research</a> <br />
22)       <a href="people.html">People</a> <br />

23)   </div><!-- #side -->
24)   <div class="main" id="main">
25) 

26) <h2>Tor: Overview</h2>

27) 
28) <p>

29) Tor is a network-within-a-network that allows people and groups to
30) improve their privacy and security on the Internet.  It also enables
31) future software developers to create new kinds of communication tools
32) that have built-in privacy features.  Tor can provide the foundation for
33) a whole range of applications that allow organizations and individuals
34) to share information over public networks without compromising their
35) privacy.

36) </p>
37) 
38) <p>

39) Individuals can use Tor to shield themselves and their family members
40) from being tracked by remote websites.  They can also use it to connect
41) to resources such as news sites or instant messaging services that are
42) blocked by their local Internet service providers (ISPs).

43) </p>
44) 
45) <p>

46) Groups such as the German "Diabetes People" organization recommend Tor
47) for safeguarding their members' online privacy and security.  Activist
48) groups like the Electronic Frontier Foundation (EFF) are supporting
49) Tor's development as a mechanism for maintaining civil liberties online.
50) Corporations are investigating Tor as a safe way to conduct competitive
51) analysis, and are considering using Tor to test new experimental projects
52) without associating their names with these projects. A branch of the

53) U.S. Navy uses Tor for open source intelligence gathering, and one of its

54) teams used Tor while deployed in the Middle East recently.

55) </p>
56) 
57) <p>

58) The variety of people who use Tor is actually part of what makes it
59) so secure.  The more populous and diverse the user base for Tor is,
60) the more your anonymity will be protected.
61) </p>
62) 
63) <h3>Why We Need Tor</h3>
64) 
65) <p>
66) Using Tor protects you against a common form of Internet surveillance
67) known as "traffic analysis."  Traffic analysis can be used to infer
68) who is talking to whom over a public network.  Knowing the source
69) and destination of your Internet traffic allows others to track your
70) behavior and interests.  This can impact your checkbook if, for example,
71) an e-commerce site uses price discrimination based on your country or
72) institution of origin.  It can even threaten your job and physical safety

73) by revealing who and where you are. For example, if you're travelling
74) abroad and you connect to your employer's computers to check or send mail,
75) you can inadvertently reveal your national origin and professional
76) affiliation to any local observing the network, even if the connection

77) is encrypted.

78) </p>
79) 
80) <p>
81) How does traffic analysis work?  Internet data packets have two parts:

82) a data payload and a header used for routing.  The data payload is

83) whatever is being sent, whether that's an email message, a web page, or an
84) audio file.  Even if you encrypt the data payload of your communications,
85) traffic analysis still reveals a great deal about what you're doing and,
86) possibly, what you're saying.  That's because it focuses on the header,
87) which discloses source, destination, size, timing, and so on.
88) </p>
89) 
90) <p>

91) A basic problem for the privacy minded is that the recipient of your
92) communications can see that you sent it by looking at headers.  So can

93) authorized intermediaries like Internet service providers, and sometimes
94) unauthorized intermediaries as well.  A very simple form of traffic
95) analysis might involve sitting somewhere between sender and recipient on
96) the network, looking at headers.
97) </p>
98) 
99) <p>
100) But there are also more powerful kinds of traffic analysis.  Some
101) attackers spy on multiple parts of the Internet and use sophisticated
102) statistical techniques to track the communications patterns of many
103) different organizations and individuals.
104) </p>
105) 
106) <h3>The Solution: a Distributed, Anonymous Network</h3>
107) 
108) <p>
109) Tor helps to reduce the risks of both simple and sophisticated traffic
110) analysis by distributing your transactions over several places on the
111) Internet, so no single point can link you to your destination.  The idea
112) is similar to using a twisty, hard-to-follow route in order to throw off
113) somebody who is tailing you -- and then periodically erasing your
114) footprints.  Instead of taking a direct route from source to
115) destination, data packets on the Tor network take a random pathway
116) through several servers that cover your tracks so no observer at any
117) single point can tell where the data came from or where it's going.
118) </p>
119) 
120) <p>
121) To create a private network pathway with Tor, the user's software or
122) client incrementally builds a circuit of encrypted connections through
123) servers on the network.  The circuit is extended one hop at a time, and
124) each server along the way knows only which server gave it data and which
125) server it is giving data to.  No individual server will ever know the
126) complete path that a data packet has taken.  The client negotiates a
127) separate set of encryption keys for each hop along the circuit to ensure
128) that each hop can't see what these connections are as they pass through.

129) </p>
130) 
131) <p>
132) [Insert snazzy onion diagram here.]
133) </p>
134) 
135) <p>

136) Once a circuit has been established, many kinds of data can be exchanged
137) and several different sorts of software applications can be deployed
138) over the Tor network.  Because each server sees no more than one hop in
139) the circuit, neither an eavesdropper nor a compromised server can use
140) traffic analysis to link the connection's source and destination.  Tor
141) only works for TCP streams and can be used by any application with SOCKS
142) support.
143) </p>
144) 
145) <p>
146) For efficiency, the Tor software uses the same circuit for connections
147) that happen within the same minute or so.  Later requests are given a
148) new circuit, to keep people from linking your earlier actions to the new
149) ones.

150) </p>
151) 

152) <h3>Hidden Services</h3>
153) 

154) <p>

155) Tor also makes it possible for users to hide their locations while
156) offering various kinds of services, such as web publishing or an instant
157) messaging server.  Using Tor "rendezvous points," other Tor users can
158) connect to these hidden services, each without knowing the other's
159) network identity.  This hidden service functionality could allow Tor
160) users to set up a website where people publish material without worrying
161) about censorship.  Nobody would be able to determine who was offering
162) the site, and nobody who offered the site would know who was posting to it.

163) </p>

164) 
165) <h3>Staying Anonymous</h3>

166) 
167) <p>

168) Of course, Tor can't solve all anonymity problems.  It focuses only on
169) protecting the transport of data.  You need to use protocol-specific
170) support software if you don't want the sites you visit to see your

171) identifying information. For example, you can use web proxies such as
172) Privoxy while web browsing to block cookies and withhold information

173) about your browser type.

174) </p>
175) 
176) <p>

177) Also, to protect your anonymity, be smart.  Don't provide your name

178) or other revealing information in web forms.  Be aware that, like all

179) anonymizing networks that are fast enough for web browsing, Tor does not

180) provide protection against end-to-end timing attacks: If your attacker

181) can watch the traffic coming out of your computer, and also the traffic
182) arriving at your chosen destination, he can use statistical analysis to
183) discover that they are part of the same circuit.
184) </p>
185) 
186) <h3>The Future of Tor</h3>
187) 
188) <p>

189) Providing a usable anonymizing network on the Internet today is an
190) ongoing challenge. We want software that meets users' needs. We also
191) want to keep the network up and running in a way that handles as many
192) users as possible. Security and usability don't have to be at odds:
193) As Tor's usability increases, it will attract more users, which will
194) increase the possible sources and destinations of each communication,
195) thus increasing security for everyone.

196) We're making progress, but we need your help.  Please consider

197) <a href="cvs/tor/doc/tor-doc.html#installing">installing</a> a <a
198) href="cvs/tor/doc/tor-doc.html#server">server</a>

199) or <a href="contribute.html">volunteering</a> as a <a
200) href="developers.html">developer</a>.

201) </p>
202) 
203) <p>

204) Ongoing trends in law, policy, and technology threaten anonymity as never
205) before, undermining our ability to speak and read freely online. These
206) trends also undermine national security and critical infrastructure by
207) making communication among individuals, organizations, corporations,
208) and governments more vulnerable to analysis. Each new user and server
209) provides additional diversity, enhancing Tor's ability to put control
210) over your security and privacy back into your hands.

211) </p>
212) 
213)   </div><!-- #main -->

214)   <div class="bottom" id="bottom">
215)      <i><a href="mailto:tor-webmaster@freehaven.net">Webmaster</a></i> -
216)      $Id$
217)   </div>