tor-webwml.git

1) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
2) 
3) <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
4) <head>
5)   <title>Tor: Overview</title>

6)   <meta name="Author" content="Roger Dingledine" />

7)   <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
8)   <link rel="stylesheet" type="text/css" href="default.css" />
9) </head>
10) 
11) <body>
12)   <div class="menu" id="side">
13) <!--    <img id="logo" src="tor.jpg" alt="cute tor gate" /> -->

14)       <a href="index.html">Home</a> <br />

15)       <a href="howitworks.html">How it works</a> <br />

16)       <a href="download.html">Download</a> <br />
17)       <a href="documentation.html">Documentation</a><br />
18)       <a href="contribute.html">Contribute</a> <br />
19)       <a href="developers.html">Developers</a> <br />
20)       <a href="research.html">Research</a> <br />
21)       <a href="people.html">People</a> <br />

22)   </div><!-- #side -->
23)   <div class="main" id="main">
24) 

25) <h2>Tor: Overview</h2>

26) 
27) <p>

28) Tor is a network-within-a-network that allows people and groups to
29) improve their privacy and security on the Internet.  It also enables
30) future software developers to create new kinds of communication tools
31) that have built-in privacy features.  Tor can provide the foundation for
32) a whole range of applications that allow organizations and individuals
33) to share information over public networks without compromising their
34) privacy.

35) </p>
36) 
37) <p>

38) Individuals can use Tor to shield themselves and their family members
39) from being tracked by remote websites.  They can also use it to connect
40) to resources such as news sites or instant messaging services that are
41) blocked by their local Internet service providers (ISPs).

42) </p>
43) 
44) <p>

45) Groups such as the German "Diabetes People" organization recommend Tor
46) for safeguarding their members' online privacy and security.  Activist
47) groups like the Electronic Frontier Foundation (EFF) are supporting
48) Tor's development as a mechanism for maintaining civil liberties online.
49) Corporations are investigating Tor as a safe way to conduct competitive
50) analysis, and are considering using Tor to test new experimental projects
51) without associating their names with these projects. A branch of the
52) US Navy uses Tor for open source intelligence gathering, and one of its
53) teams used Tor while deployed in the Middle East recently.

54) </p>
55) 
56) <p>

57) The variety of people who use Tor is actually part of what makes it
58) so secure.  The more populous and diverse the user base for Tor is,
59) the more your anonymity will be protected.
60) </p>
61) 
62) <h3>Why We Need Tor</h3>
63) 
64) <p>
65) Using Tor protects you against a common form of Internet surveillance
66) known as "traffic analysis."  Traffic analysis can be used to infer
67) who is talking to whom over a public network.  Knowing the source
68) and destination of your Internet traffic allows others to track your
69) behavior and interests.  This can impact your checkbook if, for example,
70) an e-commerce site uses price discrimination based on your country or
71) institution of origin.  It can even threaten your job and physical safety
72) by revealing who and where you are.
73) </p>
74) 
75) <p>
76) How does traffic analysis work?  Internet data packets have two parts:
77) a data payload, and a header used for routing.  The data payload is
78) whatever is being sent, whether that's an email message, a web page, or an
79) audio file.  Even if you encrypt the data payload of your communications,
80) traffic analysis still reveals a great deal about what you're doing and,
81) possibly, what you're saying.  That's because it focuses on the header,
82) which discloses source, destination, size, timing, and so on.
83) </p>
84) 
85) <p>
86) A basic problem, for the privacy minded, is that the recipient of your
87) communications can see who sent them by looking at headers.  So can
88) authorized intermediaries like Internet service providers, and sometimes
89) unauthorized intermediaries as well.  A very simple form of traffic
90) analysis might involve sitting somewhere between sender and recipient on
91) the network, looking at headers.
92) </p>
93) 
94) <p>
95) But there are also more powerful kinds of traffic analysis.  Some
96) attackers spy on multiple parts of the Internet and use sophisticated
97) statistical techniques to track the communications patterns of many
98) different organizations and individuals.
99) </p>
100) 
101) <h3>The Solution: a Distributed, Anonymous Network</h3>
102) 
103) <p>
104) Tor helps to reduce the risks of both simple and sophisticated traffic
105) analysis by distributing your transactions over several places on the
106) Internet, so no single point can link you to your destination.  The idea
107) is similar to using a twisty, hard-to-follow route in order to throw off
108) somebody who is tailing you -- and then periodically erasing your
109) footprints.  Instead of taking a direct route from source to
110) destination, data packets on the Tor network take a random pathway
111) through several servers that cover your tracks so no observer at any
112) single point can tell where the data came from or where it's going.
113) </p>
114) 
115) <p>
116) To create a private network pathway with Tor, the user's software or
117) client incrementally builds a circuit of encrypted connections through
118) servers on the network.  The circuit is extended one hop at a time, and
119) each server along the way knows only which server gave it data and which
120) server it is giving data to.  No individual server will ever know the
121) complete path that a data packet has taken.  The client negotiates a
122) separate set of encryption keys for each hop along the circuit to ensure
123) that each hop can't see what these connections are as they pass through.

124) </p>
125) 
126) <p>
127) [Insert snazzy onion diagram here.]
128) </p>
129) 
130) <p>

131) Once a circuit has been established, many kinds of data can be exchanged
132) and several different sorts of software applications can be deployed
133) over the Tor network.  Because each server sees no more than one hop in
134) the circuit, neither an eavesdropper nor a compromised server can use
135) traffic analysis to link the connection's source and destination.  Tor
136) only works for TCP streams and can be used by any application with SOCKS
137) support.
138) </p>
139) 
140) <p>
141) For efficiency, the Tor software uses the same circuit for connections
142) that happen within the same minute or so.  Later requests are given a
143) new circuit, to keep people from linking your earlier actions to the new
144) ones.

145) </p>
146) 

147) <h3>Hidden Services</h3>
148) 

149) <p>

150) Tor also makes it possible for users to hide their locations while
151) offering various kinds of services, such as web publishing or an instant
152) messaging server.  Using Tor "rendezvous points," other Tor users can
153) connect to these hidden services, each without knowing the other's
154) network identity.  This hidden service functionality could allow Tor
155) users to set up a website where people publish material without worrying
156) about censorship.  Nobody would be able to determine who was offering
157) the site, and nobody who offered the site would know who was posting to it.

158) </p>

159) 
160) <h3>Staying Anonymous</h3>

161) 
162) <p>

163) Of course, Tor can't solve all anonymity problems.  It focuses only on
164) protecting the transport of data.  You need to use protocol-specific
165) support software if you don't want the sites you visit to see your
166) identifying information.  For example, web proxies such as Privoxy can
167) be used while web browsing to block cookies and withhold information
168) about your browser type.

169) </p>
170) 
171) <p>

172) Also, to protect your anonymity, be smart.  Don't provide your name
173) or other revealing information in web forms.  Be aware that like all
174) anonymizing networks that are fast enough for web browsing, Tor does not
175) provide protection against end-to-end timing attacks: if your attacker
176) can watch the traffic coming out of your computer, and also the traffic
177) arriving at your chosen destination, he can use statistical analysis to
178) discover that they are part of the same circuit.
179) </p>
180) 
181) <h3>The Future of Tor</h3>
182) 
183) <p>
184) Providing a usable anonymizing network on the Internet today is an
185) ongoing challenge.  We want software that meets users' needs.  And we
186) also want to keep the network up and running in a way that handles
187) as many users as possible. Security and usability don't have to be at
188) odds: as Tor's usability increases, it will attract more users, which
189) in turn will increase security for everyone. We're making progress,
190) but we need your help.  Please consider <a
191) href="cvs/tor/doc/tor-doc.html#installing">installing</a> a <a
192) href="cvs/tor/doc/tor-doc.html#server">server</a>
193) or <a href="contribute.html">volunteering</a> as a <a
194) href="developers.html">developer</a>.

195) </p>
196) 
197) <p>

198) Anonymity is threatened as never before by trends in law, policy, and
199) technology that are undermining our ability to speak and read freely

200) online without being forced to reveal who we are.  With each new user
201) and server, we enhance Tor's ability to restore people's control over
202) their privacy.

203) </p>
204) 
205)   </div><!-- #main -->

206)   <div class="bottom" id="bottom">
207)      <i><a href="mailto:tor-webmaster@freehaven.net">Webmaster</a></i> -
208)      $Id$
209)   </div>