Computer Security: Surf Anonymously with Tor

Whenever you communicate online, send e-mails, or visit websites, your network address is included with every transmission. This address points back directly to your machine, or the proxy that provides access to your machine. With Traffic analysis, your communication on the web can be tracked. Why is that bad you ask?

According to Wikipedia, Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence or counter-intelligence, and is a concern in computer security…

Traffic analysis is also a concern in computer security. An attacker can gain important information by monitoring the frequency and timing of network packets. A timing attack on the SSH protocol can use timing information to deduce information about passwords since, during interactive session, SSH transmits each keystroke as a message.[6] The time between keystroke messages can be studied using hidden Markov models. Song, et al. claim that it can recover the password fifty times faster than a brute force attack.

Tor was originally created by the Naval Research Center and is now run by a non-profit organization. It provides anonymity on the web by creating a virtual connection between you and the website you are connecting to. The virtual connection is through a host of encrypted relay systems. Your computer sends your information to the first relay, the information is then bounced around a series of relays in a virtual circuit then the final connection to the target website is through an exit relay.  The website records your visit as from the exit relay and not your direct machine.

As the information is traveling between encrypted relays, it is very hard to intercept and read. Also, as each relay only communicates with the one it is connecting to, the messages are very hard to decipher the originating source.

Who uses Tor? A lot of people, ranging from average users, overseas corporate users and reporters to military and law enforcement. It is very slow at times, as it can bounce your communication through foreign countries, but it does an effective job of masking your IP address. It is neat to go to http://www.Google.com and see what language it is in. Read more about Tor here.

Try it out, I find the easiest way on windows to use it is to install it following the instructions on the Tor website, installing Firefox and using the Tor Button add-in for Firefox to turn it on and off.

Just a side note, information can be intercepted at the exit node, and also the US Government can and does monitor both the entrance and exit nodes. So do not think that it will protect you if you have nefarious reasons for surfing anonymously. Also, I would not order online with credit cards or use important passwords through Tor as exit proxies are run by people volunteering their time and server space.

 

~ by D. Dieterle on February 17, 2010.

One Response to “Computer Security: Surf Anonymously with Tor”

  1. […] View post: Computer Security: Surf Anonymously with Tor « CYBER ARMS […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: