TOR, or The Onion Router, is a worldwide network of servers that let people anonymously browse the internet. The United States Naval Research Laboratory developed it in the 1990s. It was intended for protecting the data transmitted online by United States intelligence. The developers released it in 2004 under a free license. A non-profit organization, known as The Tor Project, was then founded to maintain the network, and develop online privacy tools.
At present, TOR is used to for both legal and illegal purposes. Its users include normal individuals, criminal enterprises, hacktivists, and law enforcement agencies.
TOR users utilize TOR to hide their traffic from internet service providers, websites, and advertisers. It lets them bypass country censorship restrictions, hide their IP address, and disassociate their browsing activities from their identity.
The Onion Router disguises a device’s identity by encrypting and passing its traffic through its different servers. The servers are randomly selected for every session started by a user. Each server encrypts the data between relays with a multiple layer protocol. Entry relays are kept confidential which prevent ISPs from blocking users from accessing the network.
Sender and receiver IP addresses are encrypted in every relay between TOR servers. This prevents any hacker or program snooping for addresses or identifying network users.
Tor users relay their connection to the network by activating an application on their smartphones. For desktops, users can use an extension for their browsers or the Tor browser.
Government intelligence and security agencies can identify TOR users in the internet. This raises a red flag for them to have a closer look at their activities.
Furthermore, these agencies can exploit the browser. Once they do so, they do not have to break through the protocol to reveal the identifying information of its users. One example of this was the FBI’s arrest of a known facilitator of illegal online content. They injected a browser into the TOR browser. The malware revealed the IP addresses of those who accessed the site containing said content.
This presents a glaring vulnerability to TOR’s network. Although there has been no way to break the network so far, the browser required to access it has been shown to be vulnerable to attacks. Once an individual’s TOR browser is compromised, they might as well not use TOR’s network for anonymity.
As seen in how state agencies crackdown on offending users, the weak point of TOR is its browser. Malware can infect it and reveal the device’s IP address. Extensions, online accounts, and personal online behavior can compromise the anonymity provided by the TOR network.
This vulnerability arises from TOR’s design. Since access to the network is done through the browser, one can say it has the same vulnerabilities as a browser-based VPN. It might encrypt and hide traffic from the browser but anything else in the device can be tracked.
This is where a VPN can be useful. Unlike TOR, a VPN can protect traffic coming from the entire device. If it is installed in the router being used, all traffic passing through the ISP used is hidden and encrypted. Using it together with TOR solves the vulnerabilities the network has.
TOR is not a foolproof way to anonymize one’s internet traffic. It can even be more complicated than simply using a VPN alone. A VPN provides all the protection that TOR provides. But, if one must use TOR, it is advised to use it with an active virtual private network. This will not only plug the browser’s vulnerabilities but also provide anonymity to all traffic from the device.