What is the Tor Network and Browser, and how do you safely utilize them?

I address all of your concerns regarding the Tor network, including if it is legal, who uses it, and how to get started.

Latest Posts:

Every question you’ve ever wanted to ask about Tor but were too frightened to ask

If you’re interested in online privacy, you’ve almost certainly heard about Tor (The Onion Router). The Tor Network (or simply “Tor“) is an implementation of a concept created in the mid-1990s by the US Navy. It provides users with increased online anonymity by encrypting internet traffic and routing it across a network of nodes.

Most likely, you have a slew of questions regarding this project that you’d like to get addressed before diving in. However, given the negative perceptions many people have of Tor and related projects, it’s reasonable that potential users are frightened of discussing their interests.

I’ll ask (and answer) those questions for you in this post. I’ll cover all you need to know about Tor, including its anonymity, legality, and if you still need to connect to a VPN when using Tor.

Tor: What is it and how does it work? Tor: What is it and how does it work?

The Tor network, frequently abbreviated as “Tor,” is a volunteer-run system that contributes to the anonymity of internet use.

When a user connects to Tor (typically using the Tor browser), their outbound internet traffic is diverted randomly through at least three nodes (referred to as relays) before reaching its destination (the website the user wants to visit). Your computer is connected to an entrance node, and the exit node is the final node traffic flows through before reaching its destination (the website you want to visit). Incoming traffic is similarly redirected.

A basic explanation of how Tor operates (Source: EFF via Wikimedia)

Apart from traversing numerous nodes, the traffic is encrypted many times. It loses a level of encryption at each node but is never completely decrypted until it reaches its destination from the exit node.

Each node has an encrypted IP address that serves as its identifier. The destination website only sees the IP address of the final node, also known as the exit node.

The Tor network now consists of approximately 7,000 relays (nodes) and 800 bridges. While bridges and relays are comparable, they are not mentioned in the Tor directory. These are often used by those who are unable to connect to the Tor network via conventional means, such as if it has been blocked. Additionally, they can be used if a website or application attempts to prevent traffic from a discovered Tor node.

What is the Tor Network and Browser, and how do you safely utilize them?
What is the Tor Network and Browser, and how do you safely utilize them?

Does Tor conceal your IP address?

While connected to the Tor network, your activity cannot be linked to your IP address. Similarly, your Internet Service Provider (ISP) will be unable to see the contents of your traffic, including the website you are accessing.

Your ISP will detect that you are connected to a Tor entry node, while the website you are viewing will simply display the Tor exit node’s IP address.

How to utilize Tor: A Beginner’s Guide

Tor is most easily accessed via the Tor browser. This application is based on Firefox and may be downloaded and installed on your computer.

Versions for macOS, Windows, and Linux are available. After downloading and installing, you’ll be able to visit clearnet and.onion websites directly from your browser.

In rare instances, access to the Tor browser may be restricted. As previously said, utilizing a bridge should resolve this issue. This was previously somewhat complicated but has been simplified significantly in the newest edition. To begin, you’ll need to locate a bridge and configure it using the Tor browser.

Is Tor truly anonymous?

It’s extremely difficult, if not impossible, to achieve complete anonymity online, but Tor can undoubtedly assist you. All of your communication will appear to originate from a Tor exit node, and so will have the node’s IP address allocated to it. Because the traffic was encrypted, it cannot be traced back to you.

One challenge, however, is trusting the operator of the exit node. If you visit an unencrypted (non-HTTPS) website, the node operator may be able to monitor your behavior and view your data. They may collect information about the pages you visit, your login credentials, the content of your messages or postings, and the searches you conduct. Although such information cannot be traced directly to you or even to the entry node.

It’s worth mentioning that using the Tor browser protects only the traffic that passes through that connection; it does not anonymize any other applications running on your machine (although many can be configured to the Tor network via other means). Additionally, your ISP is still able to determine if you are utilizing Tor. To increase your anonymity, you can utilize a VPN in conjunction with the Tor browser.

What is the darknet, and what does Tor have to do with it?

If you’re familiar with the term “clear net,” it refers to the area of the internet that can be accessed freely, that is, without using Tor or another browser. On the flip side, there is the deep web. This comprises stuff that is not indexed by search engines, such as out-of-date content, private files, and websites that have been designated as inaccessible to search engines.

The darknet is also a subset of the deep web. Typically, this content is only accessible through the use of specialized programs such as Tor. Although the darknet has some respectable websites, it is best known for being a haven for unlawful behavior.

Tor allows you to access the open internet, but it also allows you to access darknet websites, notably those ending in.onion. These are websites that are only accessible using the Tor browser and include the extension.onion in their URL. Additionally, they are referred to as “Tor concealed services.”

They are not indexed by search engines and may be difficult to locate if you are unfamiliar with the area. Tor preserves the operators of.onion websites’ anonymity, making it impossible to determine who is behind them. Naturally, the darknet’s combination of operator and user anonymity makes it ideal for illicit behavior.

The infamous AlphaBay marketplace’s (now-seized) website was a.onion domain. (Source: Department of Justice of the United States of America via Wikipedia)

Having said that, there are a plethora of reputable websites that use the.onion extension. VPNs, for example, are oriented toward privacy-conscious customers, and some, such as ExpressVPN, offer.onion versions of their websites. You may even create your own.onion website using the Tor browser.

What would motivate someone to utilize Tor?

As previously stated, Tor is frequently associated with criminal behavior and people seeking access to the dark web. As a result, it is frequently assumed that anyone using Tor is up to no good. On the contrary, privacy-conscious users can utilize Tor for everyday browsing on clearnet sites, assisting in the maintenance of user anonymity and privacy while online.

There are a plethora of reasons why the average internet user might want to increase their anonymity. These include preventing ISPs and third parties from gathering data on online activities, circumventing censorship, protecting the privacy of children, and investigating taboo subjects such as birth control or religion.

Additionally, there are numerous vocations in which maintaining an anonymous internet persona might be necessary or beneficial. Among those who lawfully use Tor are the following:

  • Journalists
  • officers of the law
  • Activists
  • Whistleblowers
  • Executives in business
  • Bloggers
  • Militaries
  • IT specialists

Although Tor does not track what users do online, it does provide aggregate statistics on user locations. You may view graphs by country and read about events that may have influenced significant changes in user numbers.

For instance, the graph above depicts the number of US consumers who connected over the last year. Tor offers notes about upgrades, outages, and key events such as government blockades in dated commentary beneath each graph.

Is it legal to use Tor?
Is it legal to use Tor?

Is it legal to use Tor?

Tor’s nature makes it a popular choice for criminals looking to reach some of the darker corners of the darknet and perform criminal activity. This includes the purchase or sale of illicit products or services, as well as participation in forums that promote hate speech and extremism.

However, as said above, there are numerous reasons why non-criminals could desire to utilize Tor. Indeed, using Tor is entirely legal, even if it has been or is now restricted in specific countries. Additionally, there is still a stigma associated with it, so you should generally avoid assuming you can use it without incident.

ISPs have been accused of throttling Tor users’ bandwidth and even contacting consumers to inform them not to use the Tor browser. Users may be questioned by ISPs about the websites to which they are connected via Tor.

Authorities may develop suspicions about Tor users and launch investigations into their behavior solely on that basis. Although there have been no reports of fines or prosecutions for using Tor.

Is there a disadvantage to utilizing Tor?

Tor is widely used – over 2 million users are currently connected to relays at any given moment.

However, it does have some drawbacks. The following are the primary disadvantages of using Tor:

Is there a disadvantage to utilizing Tor?
Is there a disadvantage to utilizing Tor?

Moderate speeds
ISPs are capable of detecting
Administrators of networks have blocked it.
Consider each of these in greater depth.

Moderate speeds

The primary disadvantage of utilizing Tor is its slowness. Because traffic is not proceeding directly to its destination, it will slow down. Additionally, the traffic moving between the nodes may be slower than the speed of your standard internet connection, reducing the overall speed.

Additionally, the available volunteer nodes are insignificant in comparison to the volume of traffic moving across the network. Congestion that results will impede travel, particularly during peak periods.

As a result of these concerns, the primary purpose of Tor is for general surfing. It is incompatible with streaming, torrenting, or any other activity that demands a large amount of bandwidth.

ISPs are capable of detecting

Another disadvantage is that your ISP will be able to detect your Tor usage. While it will not be able to read the contents of your communication, the fact that it has detected your use of Tor may have some consequences. As previously stated, even using Tor raises suspicions among ISPs and the government. One way around this is to utilize a VPN that includes Tor (more on that below).

Administrators of networks have blocked it.

Tor is frequently prohibited by network administrators. A workaround is to employ bridges that are not identifiable as Tor nodes. If the blockage is more sophisticated and employs deep packet inspection, an additional tool, such as Pluggable Transports, may be required (see below). This will disguise your Tor traffic as ordinary traffic, allowing you to circumvent the ban.


While this has not been confirmed, there have been allegations that incriminating information has been discovered via traffic analysis on Tor. One such example is the 2013 shutdown of the Silk Road. Silk Road was a marketplace accessible via the Tor network that facilitated the sale of an estimated $1 billion worth of drugs, as well as other unlawful goods and services.

There have been numerous ideas on how the FBI discovered the offenders, but the case suggests that the Tor network’s anonymity mechanism has flaws.

Additionally, there are the aforementioned rumors about exit node monitoring to be concerned about. Bear in mind that these reports do not appear to have been independently verified and should therefore be regarded with suspicion.

Is Tor compatible with mobile devices?

The Tor browser is only available for Windows, Mac OS X, and Linux, which may be disappointing if you’re hoping to connect to the Tor network via a mobile device.

You’re in luck if you’re an Android user. Orbot is a free proxy application that routes all of your traffic over the Tor network.

Additionally, there is an Android browser named Orfox that is based on Firefox.

If you’re an iOS user, things are a little more complicated. While there is a reasonably popular free Onion Browser app for iOS, it is not as safe as Orfox and does not provide a fantastic user experience. It is possible to manually connect to the Tor network, but you must first jailbreak your smartphone.

Is a VPN still required when utilizing Tor?

Tor, on the other hand, is more concerned with anonymity, whereas a VPN is more concerned with privacy.

While using Tor encrypts all of your traffic, your ISP can still detect that you’re connected to Tor. Furthermore, the Tor entry node can view your genuine IP address.

All of your traffic is encrypted when you use a VPN, and your ISP cannot know which websites you visit. It does not view anything other than encrypted communication to and from a VPN server. However, even if your VPN service claims not to, it is capable of reading your traffic. As a result, any VPN provider must constantly be trusted, whereas Tor is “trustless.”

In an ideal world, you’d prefer that your ISP is unaware that you’re using Tor, that Tor entry nodes are unaware of your IP address, and that you do not need to trust your VPN provider not to monitor or track your behavior. Utilizing a VPN in conjunction with Tor helps solve these concerns. There are two ways to accomplish this: via Tor over VPN or via VPN over Tor. The primary distinction here is which device you connect to first.

Tor in lieu of VPN

This is the technique I propose, and you’ll quickly understand why. Tor over VPN requires that you first connect to the VPN and then use the Tor browser. It’s straightforward and effective.

Before it reaches the Tor entry node, your traffic will pass through the VPN server. This implies that the VPN server can only determine that you’re connected to Tor and cannot determine the destination of your communication. Returning to your ISP, it sees simply that you’re connected to a VPN server. This implies that your ISP will not be able to determine if you are connected to a Tor entry node.

Numerous highly regarded VPN services, including NordVPN, include access to the Tor network as part of their service. You establish a connection to a dedicated server, and all of your internet traffic is routed through the Tor network. This, however, should probably be reserved for use with applications other than web browsers. With so many identifiers in browsers like Chrome and Firefox, it may be difficult to maintain anonymity even when connected to the Tor network. Thus, for browsing purposes, connecting to a VPN and then launching the Tor browser is probably still the best option.

VPN with Tor

This configuration is a little more complicated and does not provide any additional anonymity. Your traffic is routed through Tor first in this situation. Your ISP can still see that you’re connected to Tor, the Tor entry node can see your real IP address, and you must continue to trust your VPN because it can see where your traffic is going.

One issue that VPN over Tor resolves is that the Tor exit node cannot see the website you are viewing. Rather than that, it detects that you are connecting to a VPN server. One disadvantage is that the Tor exit node operator may be able to read your VPN login details. Additionally, websites that ordinarily restrict Tor traffic will be unblocked with this configuration.

Additionally, see Why you cannot always trust the ostensibly finest VPN providers.

Is Tor available in China?

Any anonymity solution that enables users to circumvent censorship is bound to be unpopular with the relevant regimes. China, of course, is well-known for its extensive internet censorship and aggressive attempts to prevent its citizens from accessing the Tor network. For many years, this country has been cracking down on Tor connections and shows no indications of relenting.

A quick search of relevant subreddits reveals that users in China are having little success, if any, connecting to Tor. The majority of relays, as well as numerous bridges, appear to be blocked. China’s efforts are said to involve evaluating Tor bridge servers and shutting down those associated with successful attempts.

And China is not alone in this. Other countries, such as Russia and Venezuela, make a concerted effort to prevent their people and visitors from using the Tor network.

Is it possible for me to assist with the Tor network?

As I previously stated, the Tor network is maintained by volunteers who administer the various nodes. If you are passionate about Tor and wish to contribute to its acceleration, you can join the force and volunteer as well. In fact, all you need is a spare computer or server that can act as a node. The Tor website has instructions for setting up a relay.

Take note that there may be consequences for doing so. Anyone known to be associated with the Tor network will almost certainly face scrutiny at some time. Your ISP or a law enforcement agency may interrogate you about your participation in the project.

As previously stated, while the majority of Tor activity is legal, some of it is not. As a result, it is very conceivable for your IP address to be associated with criminal activities. Additionally, if you are running an exit node, the likelihood of being questioned increases, as these IP addresses are visible to destination websites.

What is the purpose of the Tor Messenger system?

Tor Messenger is one Tor-related project that you may be familiar with. This free software was created to be used in conjunction with established networks such as Facebook, Twitter, and Google Talk. All Tor Messenger traffic is routed over Tor, and Off-The-Record chat is used to encrypt user communications.

Tor Messenger is comparable to Instabird in terms of interface. Although one of Tor Messenger’s key issues has arisen as a result of Instabird’s discontinuation of development. This, in addition to other concerns, such as metadata breaches and a lack of resources, has resulted in the termination of the Tor Messenger project’s development.

What further projects are associated with Tor?

The Tor network is not solely comprised of the Tor browser. Numerous more initiatives have been launched to supplement the network. I already mentioned.onion websites, the Tor instant messaging system, and a number of Android projects, but here are a few additional projects you may encounter:

Atlas: This is a web application that displays information on the Tor network’s many relays and bridges. You may conduct searches to learn about bandwidth, exit policies, and uptime.

Nyx: Previously known as Arm, Nyx is a command-line monitor for users who manage Tor relays. It will display information such as bandwidth use and connection logs in an easy-to-read style.

Onionoo: This is a web-based protocol that gives information on Tor network relays and bridges. Unlike Atlas, it was not designed to provide data directly to humans, but rather to connect to other programs and websites (such as Atlas).
OONI: The Open Observatory of Network Interference (OONI) offers free software tests, among which are those for detecting website and instant messaging app blocking. Additionally, you can detect the banning of programs used to circumvent restrictions, such as Tor.

Pluggable Transports: Pluggable Transports (PTs) simulate regular traffic between a client and a bridge. This is advantageous for circumventing censors who employ deep packet inspection to identify Tor traffic flows.
Shadow is an open-source project that offers users a Tor simulation for the purpose of testing.

Tails: The Amnesic Incognito Live System (Tails) is a live operating system that can be booted from a DVD or USB flash drive. It is based on Debian and routes traffic via Tor.
TorBirdy: This application is optimized for usage with the Mozilla Thunderbird email client. TorBirdy protects your privacy and configures Thunderbird for use with Tor.
Tor2web: Tor2web enables users to connect to Tor Onion Services without requiring them to utilize the Tor browser. However, it will not provide you with anonymity; rather, it will grant you access to.onion websites.

Mohammed jorjandi

Mohammad Jorjandi (born on 20 November 1980 in Zahedan) is a cybercrime expert, one of the first Iranian hackers, and the director of the Shabgard security group. He was arrested by the Iranian Ministry of Intelligence in 2010 for hacking the website of Azad University to insult Ayatollah Hashemi Rafsanjani and also accessing emails that contained confidential information while doing a Penetration test on IRIB. He spent several months in Evin Prison. After his release, he was hired by the Central Bank of Iran as the director of Kashef (Bank Emergency Network Security Control Center). After some time, He was fired from Central Bank due to his case in the Ministry of Intelligence. He immigrated to the United States from Iran in 2015. After his immigration, he started studying cyber security, a branch of cybercrime, and created a social media called "Webamooz", to investigate cybercrimes in Iran. Jorjandi published large cases of cybercrimes committed in Iran in Webamooz. He was one of the first people to investigate the illegal gambling network in Iran and ever since he has attracted people's attention to himself and his media. Jorjandi currently resides in Alexandria, Virginia, USA, and works for a cybersecurity company.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button