11 Do’s and Don’ts of Tor Network

By . Filed in Web 2.0

The Onion Router aka TOR is a free software and open network that allows people to improve their privacy and security on the Internet. There is nothing better than Tor when the fear of ongoing large-scale surveillance by NSA haunts those concerned about the privacy of their digital communications. Tor secretly routes your system’s Internet traffic over several places on the Internet, thus hiding the real source of the communication, and securing your personal identity.

Tor itself can’t guarantee your privacy and security if you’re not concerned enough. It’s like carrying an umbrella. You can have it with you but there’s no protection from the rain if you don’t use it correctly. In the same manner, you need to know and understand Tor’s usage tips and guidelines to keep your privacy and security in complete control.

Fortunately, we have compiled a list of tips and tricks for using Tor to strictly protect your online communications. Keep on reading to learn how to better protect your digital identity and information using Tor.

1. Do use Tor

Anyone concerned about online privacy should never trust the people at the back of the Internet such as internet service providers, government agencies, web service providers, etc. Tor network is well known for providing online anonymity, and that’s the biggest reason why you should use it.

Tor can be used for any and all kind of sensitive browsing including, but not limited to, reporting abuse or corruption; serious business activities; inter-state or inter-country communications; publishing anonymous posts; sharing personal secrets with family and friends, etc.

2. Don’t use Windows

Windows is simply not the best choice of platform to use Tor in an attempt to improve one’s Internet privacy because of the security bugs and vulnerabilities present in the system may compromise your privacy, even when using Tor.


(Image source: whonix.org)

That is why you shouldn’t be browsing websites through Tor on Windows systems. You should consider running Tor-configured Linux systems such as Tails and Whonix, or you can set up Tor on any of your favorite Linux distribution.

3. Do Update your System

Tor client is simply a software which runs on top of your operating system. That means Tor is only as safe and secure as the system running the Tor client. You must regularly, or preferably daily, update Tor client, Tor-secured applications (browsers, instant messaging clients, email clients, etc.), and the operating system of your computer.

If an attacker is able to get hold of your computer’s operating system, then even running Tor can’t protect you or your digital communications. Always keep your system up-to-date for Tor usage.

4. Don’t use HTTP Websites

The Onion Router, as the name suggests, is only a traffic router and not a tool to encrypt the network traffic throughout the Internet. That means Tor anonymizes the origin of your network traffic and encrypts everything inside the Tor network, but it doesn’t encrypt your Internet traffic outside the network.

This implies that the exit nodes of the Tor network can read your Internet traffic if it’s in the form of plain unencrypted data. That is why you should always use end-to-end encryption such as SSL or TLS when doing sensitive online communications, and that requires you to use HTTPS websites.

You should also consider using add-ons such as HTTPS Everywhere to automatically switch to HTTPS-mode browsing for supported websites.

5. Do Encrypt your Data Storage

Tor does anonymize your Internet traffic’s origin location but it does nothing in securing your digital data on your computer. Security of your data on your system can only be achieved when the information is encrypted using strong cryptographic algorithms.

LUKS or TrueCrypt can be used to encrypt your data to protect you from various threats. LUKS offers a reasonably safe data protection on Linux systems while TrueCrypt also proves to be handy in protecting your data.

6. Don’t use Tor Browser Bundle

Tor Browser Bundle should not be used to protect one’s online privacy and security. FBI’s recent takedown of Freedom Hosting (an anonymous web-hosting service running as a hidden service on the Tor network) was possible due to vulnerabilities in the Tor Browser Bundle.

That is why you shouldn’t use Tor Browser Bundle for browsing websites anonymously through Tor.

7. Do disable JavaScript, Flash and Java

Tor cannot protect your data with active content such as JavaScript, Adobe Flash, Java, QuickTime, ActiveX controls, VBScripts, etc. because these binary applications run with your user account’s privileges, and may access and share your data.

JavaScript is a powerful browser language which websites can use to track you in ways which is not possible to protect using Tor. Java and Adobe Flash run in virtual machines which may ignore your system’s configured proxy settings, and thus bypass Tor’s protection to share your data directly with the websites.

Moreover, they may also store cookies and site’s data separately from the browser and operating system, which may be hard to detect and delete. By disabling these technologies in your system using Tor, you can achieve a greater level of protection.

8. Don’t use P2P

P2P is unwanted in Tor network because it is simply not built for peer-to-peer file sharing. Exit nodes of the network are set up to block file sharing traffic. You abuse Tor network if you download torrents and it slows down other users’ browsing. Moreover, using Tor with BitTorrent is not secure and is a threat to your online anonymity.

Due to the insecure design of BitTorrent clients, using Tor with them doesn’t make you anonymous because those clients send your IP address directly to the tracker and other peers, thus compromising your anonymity.

9. Do delete Cookies and site’s Local Data

Tor does route your network traffic through many relays in order to protect you from traffic analysis. It hides your real identity from the websites using network packets to prevent them from gathering information about you. But websites may use workarounds such as cookies and local data storage to track your online activities, analyze your Internet usage, and detect your real identity.

That is why, you must always drop cookies and site local data while using Tor to protect your privacy. You can also consider using add-on such as Self-Destructing Cookies to automatically delete cookies.

10. Don’t use your Real Email

You should not use your real email on websites while using Tor. Tor is used to protect online privacy and hide real identity. How can you hide your real identity if you’re giving out your real email on the websites? It’s like going to a mask party but wearing your name tag on your costume.

If you’re really privacy-conscious and don’t want to leave your mark anywhere on the Internet while using Tor, then you must consider a virtual identity which includes no matching information from your original, real-world identity.

11. Don’t use Google

You should not use Google to search the Internet if you care for your privacy. Google is known for collecting information on users’ browsing and search data to facilitate the growth of its ads revenue.

You should consider using alternatives such as Startpage and DuckDuckGo. These services offer search results without logging your IP address and storing cookies on your computer. In simple words, these search engines are anonymity-compliant services, and that is why you should use them while using Tor instead of Google.

Final thoughts

Anonymity is not easy when everyone is after your privacy. Tor, in spite of many known vulnerabilities and weaknesses, is still the best tool we have to protect us from malicious people and organizations. Tor can protect your digital privacy and you can browse the Internet without revealing the real you!

Technology itself can’t simply protect you if you’re not willing to strictly follow the rules and comply with the regulations. Human error may disable your identity protection and reveal your information to the outside world. What good is the alarm and CCTV system in your home if you forget to turn it on?

You need to use Tor and duly comply with the usage rules to completely protect your online privacy. Just follow the above given Do’s and Don’ts of the Tor network for better personal security online.

Author:

Ashutosh is a tech enthusiast who is interested in software technologies. He is a supporter of open source software. Apart from tech he loves the movies and reading novels.

Advertisement

Comments are closed. Contact Us.