Close open doors, and open closed minds

SVG Diagram of the "Onion Routing" P...

Image via Wikipedia

Encryption of data is a great start in addressing privacy concerns. It hides what is being said. Who is saying it is still visible though. You are not anonymous, and you are being tracked.

Many parties have a stake in providing, using, observing or even preventing anonymous surfing and participation. These stalkers range from multinational corporations to national governments to disenfranchised individuals.

Tor is here to stay

An alpha version of the software was announced in 2002, and the second generation Onion Router came alive in 2004. The building of Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005. The Tor Project continues to develop the Tor Software with a diverse base of financial support.

For the purposes of hiding the data request and data response, Tor is an excellent choice. Don’t slack though. There are other ways someone can find out. Javascript in a web page can still read your IP address, or, space cadetting, you enter your personal information and submit it through Tor. 😉

Onion Routing Stalking

Tor is a network of systems run by volunteers in various locations that allows people and groups to relay communications. The internet address of the sender and the recipient are not both readable at any step along the way and in intermediate links in the chain, neither piece of information is readable. As a result, stalkers cannot directly identify who is communicating with whom. That’s the theory.

Herrmann and his fellow researchers say there’s a partial flaw in this arrangement, however. A potential eavesdropper on the end user’s own network still has the ability to analyze the patterns of data being returned, and in many cases will be able to develop a reasonable guess about the source of the communication.

An attacker—perhaps an ISP instructed by law enforcement or a government to engage in such surveillance—would first have to develop a list of potential sites that the target might be visiting, or that it was interested in monitoring. It would then run the Tor system itself, testing the way these sites appeared when accessed through Tor, developing a database of “fingerprints” associated with the sites of interest. ~ Flaws in Tor anonymity network spotlighted

Different online destinations will carry different susceptibility to fingerprinting. The more the destination stands out from the crowd (the higher its entropy is), the more easily it can be discerned.

Tor is still the most promising approach, but …

  • regularly download or request more than one site at a time to obfuscate patterns. That makes it very difficult for eavesdroppers to discern.
  • disable/clear HTTP cookies regularly.
  • change IP address between visits to easily discernable destinations.
  • ensure no trace of a browsing session is left on your disk.

And then there are rogues of course

“I suppose you won’t be able to find one of your famous Clues on the thing?”
“Shouldn’t think so, sir. Not with all these fingerprints on it.”
“It would be a terrible thing, would it not, if people thought they could take the law into their own hands . . .”
“Oh, no fear of that, sir. I’m holding on tightly to it.”
Lord Vetinari plunked the axe again. “Tell me, Sir Samuel, do you know the phrase Quis custodiet ipsos custodes??”
It was an expression Carrot had occasionally used, but Vimes was not in the mood to admit anything. “Can’t say that I do, sir,” he said. “Something about trifle, is it?”
“It means ‘Who guards the guards themselves?’ Sir Samuel.”
“Who watches the Watch? I wonder?”
“Oh, that’s easy, sir. We watch one another.”
~ Terry Pratchett

There are rogue Tor exit nodes that will attempt to steal your information. This is a real threat.

Enable and pay attention to all of your browser’s security warnings. It is part of your reconnaissance. Heed the signals. A page is not secure if your browser couldn’t completely verify the security certificate. Only submit personal information from a secure page to a secure page.

Don’t use Tor for everything. I use Tor for reading, and only on occasion for specific other things.


For Linux, install the tor, privoxy and  vidalia packages, and the TorButton. (For other platforms, have a look at the installation guides.)

The latest release of Tor can be found on the download page. If you’re using Ubuntu, don’t use the default packages: use Tor’s deb repository instead.

Privoxy is a web proxy with advanced filtering capabilities. Privoxy has application for both stand-alone systems and multi-user networks. It has a very flexible configuration and can be customized to suit individual needs and tastes.  The hardest part of getting it all to work exactly as you want it is the privoxy configuration. 🙂

Vidalia allows you to start and stop Tor, view the status of Tor at a glance, and monitor Tor’s bandwidth usage. Vidalia also makes it easy to contribute to the Tor network by helping you setup a Tor server, if you wish.

Order of processes

Tor’s default settings make it autorun when you start up your machine, and as a result Privoxy can’t control Tor because it’s already running, while what we want is for Vidalia to start the Tor process, so that Privoxy can.

Do not forget to:

$ sudo update-rc.d tor disable
update-rc.d: warning: tor start runlevel arguments (none) do not match LSB Default-Start values (2 3 4 5)
update-rc.d: warning: tor stop runlevel arguments (none) do not match LSB Default-Stop values (0 1 6)
 Disabling system startup links for /etc/init.d/tor ...
 Removing any system startup links for /etc/init.d/tor ...
 Adding system startup for /etc/init.d/tor ...
   /etc/rc0.d/K20tor -> ../init.d/tor
   /etc/rc1.d/K20tor -> ../init.d/tor
   /etc/rc6.d/K20tor -> ../init.d/tor
   /etc/rc2.d/K80tor -> ../init.d/tor
   /etc/rc3.d/K80tor -> ../init.d/tor
   /etc/rc4.d/K80tor -> ../init.d/tor
   /etc/rc5.d/K80tor -> ../init.d/tor

Torbutton for Firefox and Chrome

No other addon or addon combination provides a more safe, private, and anonymous way to use the Tor network. For Chrome, read this.

The next major release of Torbutton will feature tor:// and tors:// urls so that you can give your friends URLs that their Torbutton-enabled browser will automatically switch into Tor for, cookie-culler style cookie permissions and protections management, enhanced referrer spoofing, and integration with Firefox 3.5’s Private Browsing Mode (mostly so that other extensions are aware that you want privacy for their actions during Tor usage too – Private Browsing Mode actually borrows heavily from Torbutton’s feature set).


Posted on February 25, 2011, in Tools and tagged , , , , , , , , . Bookmark the permalink. 3 Comments.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s