Menu
homeMicrosoft

Intelligence agencies can easily figure out the real names of Tor users. Why it is still possible to ban Tor in the country and how it will work

The FBI easily carried out a successful operation and detained Harvard University student Eldo Kim, who sent a message about a bomb in the university building. Please note that Tor did not help the “miner” and now the joker faces up to 5 years in prison and a fine of 250 thousand dollars.

Find TOR user

A student mined the university

The 20-year-old student admitted that he wrote the letter in hopes of avoiding the final exam; to be sure, he duplicated the threatening letter to the university security department and the university newspaper. Although he was successful here: due to the evacuation, all morning exams were postponed, but now the guy had more serious problems.

Tor will not save you from being detected by intelligence agencies

Kim took steps to avoid identification. He set up an anonymous email address and used the Tor anonymization service. However, it was still possible to calculate it. Judging by the testimony of FBI agents in documents filed for the court, the intelligence agency obtained a list of users of the local computer network in the university dormitory. They studied the traffic and determined which students were using the Tor service. As you know, Tor traffic can be identified by characteristic features. The FBI then questioned all the users of the anonymous network one by one. There weren't too many of them, so identifying the culprit turned out to be quite easy.

Public Wi-Fi is better than Thor

One might argue that the student was unlucky to be sending the message from a student computer. If he had done this from public Wi-Fi, passing the traffic through some third-party machine, then the FBI's method would not have worked.

Tor won't save you from the police

However, history demonstrates the weakness of relatively rare information security tools, writes renowned cryptographer Bruce Schneier. “The same thing that allows you to hide your involvement makes you a prime suspect.” The FBI didn't have to hack Tor, they simply used standard police techniques to identify the sender of the email. In other words, even the most powerful cryptographic protection has a weak point - the person himself. If you can't break the code, you can always break the person.

ISPs identify Tor users

Similar methods for identifying Tor users are suitable for use at the level of any provider. Don't be surprised if intelligence agencies already have a list of Tor users in every city.

Is it possible to track a person if he uses Thor?

As easy as pie. Firstly, intelligence agencies have black keys in use in operating systems. This means that the user can sit behind Tor and consider himself completely safe, while his real IP address is leaked via a parallel line. Secondly, Thor guarantees safety only if the rules are strictly followed. Are you 100% sure you know these rules? For example, you cannot enable JavaScript. But some sites don't work without it. Turn it on - and your IP is already known to everyone.

Tor does not hide IP

Very often, a site requires JavaScript to be enabled and refuses to work further until the user fulfills this requirement. Well, know that if you have enabled JavaScript execution in Torah, then your IP is no longer a secret to a third-party site.

Is it possible to identify a VPN user?

Can. This is more difficult to do than identifying a TOR user. But the fact is that setting up a VPN is a very complex process and mistakes often happen here. Recently a study was conducted on this topic. It turned out that approximately 40% of existing VPN services make it quite easy to calculate user IPs - due to gross configuration errors.

What is the Tor browser for?

To hide your IP address when visiting websites. The second task of the Tor browser is to provide access to those sites that have been blocked in Russia.

As you probably already know, we have introduced Internet censorship in Russia. Now any unwanted site can be blacklisted, and providers will be required to block access to it. So there is no guarantee that your favorite sites will not be blocked at some point. Judging by the experience of other countries, social networks and blog services, such as LiveJournal and Twitter, were primarily at risk.

What to do in this case? The simplest answer that comes to mind is to use proxy servers. For non-techies, I will say that this is a server that redirects through itself all user requests to the site and gives the user data from the blocked site.

For example, you want to open a blocked site. You send a request to a certain IP address where the server of a blocked site is located, and since this site is on the black list, the provider does not transmit the request to this server, as a result, the blocked server does not respond to you either and you cannot open its pages .

Then you do things differently. You find some proxy server and ask it to open a blocked site. In this case, from the provider’s point of view, you communicate only with this proxy server, and this server (which is located abroad) communicates with the blocked site and transfers its data to you.

But this method is very unsafe. Firstly, no one is stopping Big Brother from periodically blocking well-known proxy servers, then you won’t be able to communicate with them either. Secondly, when transmitting confidential data through a proxy server, you only rely on the honesty of the owner of this proxy server. After all, if your site with mail is blocked, then you will have to transfer the password from the mailbox first to the proxy server, and only then it will redirect it to the mail server. No one guarantees that the owner of the proxy server will not save this password for his own needs.

What is Tor

For now, let’s put aside the option with a proxy server as a last resort and consider other alternatives. One option is to use the Tor program. Its essence is that not one server, which is easy to block, but many servers are used as proxy servers. The servers are often the computers of other users of the Tor network. Moreover, each transmitted packet passes not just through one proxy server, but through several servers selected at random. In this way, they achieve anonymity of data transfer, since it is very difficult to track the entire chain that a packet passed from server to server (let’s say carefully). Tor is primarily positioned as an anonymizer, when your real IP address is not transmitted to the server, but it can also bypass censorship.

What about password security? All data transmitted via Tor from server to server is encrypted. Thanks to this, you do not know who is transmitting what data through your computer. True, there is one “but” here. The fact is that the last node through which traffic passes, and which communicates directly with the site server, already works with decrypted data, so in principle it is possible to intercept traffic at this last node. However, this last node does not know for which client it is currently redirecting traffic, in addition, you can periodically change the chain through which packets are transmitted from you to the site server. But we must remember that from a security point of view, Tor is still not a panacea.

If you feel sorry for your Internet channel, then you don’t have to turn on the Tor server, but use only the Tor client, which will redirect traffic from your computer to the final site server through a chain of intermediate servers.

Since now traffic reaches you not through good servers with wide channels, but through users who, in principle, can even use modems, the speed of work via Tor is usually noticeably lower, but you have to sacrifice something for security.

Working with Tor

From the user's point of view, Tor works as a local proxy server, that is, a proxy server that is installed not by some kind uncle, but directly on your computer.

Working with Tor is very simple, the client and server programs can run on different operating systems, there is even a version for Android. But in this post we will talk about Tor Browser - a browser build based on Firefox with a pre-installed Tor proxy server and some extensions. Thanks to this, you don’t have to go into the settings every time and enable Tor when you need anonymity, or disable it when you have nothing to hide, but need high data transfer speeds. The program has support for the Russian language (however, sometimes there are phrases that are not translated), so from now on I will use the Russian names of the settings.

The downloaded archive contains three programs: Tor itself, Vidalia, a program for visually configuring Tor, and the Tor Browser.

As soon as you run the executable file, the Vidalia program will immediately launch, it will connect you to the Tor network (if everything goes well, a green onion will appear in the tray), then the Tor Browser will open and you will see something like the following window:

By default, the Tor Browser comes with the HTTPS-Everywhere extensions to use the HTTPS protocol by default wherever possible, NoScript to disable scripts on sites, and Torbutton for quick access to Tor settings.

Pay attention to the IP address shown in the window. This is not your real IP, but essentially the IP of the last node in the chain of transmitted data. That is, for sites you will be visible precisely under this IP address. You can easily change this IP address using the Torbutton extension (you need to select the New Identity menu item):

The same effect can be achieved through the Vidalia program window by clicking the “Change Identity” button. When you change your identity, the entire chain through which data is transmitted changes.

You can check that you are visible under this IP address, for example, on the website http://2ip.ru/. Here is an example of a screenshot with information about me from this site when accessing through Tor:

It’s a pity, however, that Tor Browser uses an outdated version of Firefox - Firefox 10 (at the time of writing these lines, the latest version of Firefox is 13.0.1).

In principle, immediately after installing Tor Browser, you can use it and not think about the settings, but it’s better to look there and at least switch yourself to one of the relay modes, then you will not only use the Tor network, but will also help other users by skipping through other people's traffic. To access these settings, in the Vidalia control panel window, you need to click the “Repeater” button.

There is a switch in the settings window on the “Share” tab. If it is set to "work as a client only", then you will selfishly use the network without helping it yourself. If the switch is in the “Relay traffic within the Tor network (not an output relay)” mode, then your computer will be used as an intermediate link when exchanging encrypted traffic. If the switch is in the "Relay Tor network traffic (output relay)" position, then your computer will be used directly to exchange traffic with the site server. This is already more dangerous for you, since it is your IP address that will be registered on various sites. There were cases when the German authorities tried to prosecute the owners of such end repeaters, but, as far as I know, they were never able to prove anything.

If you are ready to become an output relay, then in the same window you will have access to the “Exit Rules” tab, where you can choose which network services users can connect to through you (by default, all checkboxes are unchecked):

There is also a fourth mode called “Help blocked users access the Tor network.” This mode is used if you want to help residents of countries where authorities are trying to block Tor. Such countries include, for example, China. In fact, “they block Tor” is a loud word, they block well-known public Tor servers, and since it is impossible to block all users who can act as a server, it is enough to find one of them and the path to information will be open. In this case, an identifier will be generated for you, with which the owners of Tor clients will be able to find your server (in this case, you will be called a bridge):

True, they say that China has learned to block not only public servers, but also such bridges (China has learned to block Tor traffic). In this mode, you can even see which countries' users have used you as a bridge:

In this case, you can use the “Automatically distribute my bridge address” checkbox.

If you are on the other side of the Great Firewall of China and want to access the Tor network, then you must go to the “Network” tab, check the box “My provider blocks access to the Tor network,” and add a bridge known to you in the field that appears.

Where you look for bridges is a separate issue, which is covered in a small section in the Tor help. The help (which, by the way, is also translated into Russian, although it’s a little crooked in places) suggests asking your friends to organize a bridge for you or looking for public bridges. A list of such bridges can be found at https://bridges.torproject.org, the list is updated every few days. You can also send an email to [email protected] with the line “get bridges” in the body of the letter, then in response they will send you the address of one bridge. But at the same time, you must send letters from the address @gmail.com or @yahoo.com. However, I was never able to connect to Tor through the bridge. Perhaps he just did it at the wrong time.

It would also be correct if in the settings window you select the speed of your Internet connection so that the program more accurately selects the traffic passed through you.

If you're an active Tor user, you might be interested in looking at the traffic that passes through you. To do this, in the Vidalia window, click on the “Traffic Graph” button. As a result, you will see something like the following picture.

Or you can look at the network map.

Another interesting thing is that Tor is very sensitive to the nodes that are connected to you. If you want to close Tor, the program will warn you that some nodes are connected to you and ask if you give them time to reconnect to other nodes so as not to interrupt traffic. If you agree to wait a few seconds, Tor will be put into a disconnected state where no new nodes will connect, but Tor will finally close when the nodes connected to you find a replacement for you. Of course, you can refuse to wait this time and close Tor immediately.

That's all I wanted to tell you about the Tor network, I hope you will start using it, because the more users on the network, the greater its bandwidth. In addition, the longer you are online, the faster sites will open for you, just don’t forget to share traffic if you have the opportunity.

Some other time we’ll talk about other anonymous and distributed networks, in particular I’d like to talk about Freenet, GNUnet, I2P, Turtle F2F and Osiris.

Tor is an ecosystem of projects built on a network of computers through which information is transmitted in a manner similar to peer-to-peer networks, but in encrypted form. The name Tor comes from the abbreviation The Onion Router - an “onion router system”, so named because of the many layers of encryption that look like the scales of an onion.

Explaining how Tor works is not an easy task. This is most clearly demonstrated by a video prepared by the Massachusetts Institute of Technology.

The MIT video demonstrates how information is transferred from one computer to another (for example, from a Tor browser user to a website owner) and back, encrypted on each node of the Tor network and changing the IP address from which the request is made. Computers on a network that act as proxy servers are called relays. Due to the use of several “layers” of encryption, it is very difficult or even impossible to find out what kind of data was originally transmitted.

However, in addition to decrypting a packet of encrypted data, there are other ways to find out who made the request: for example, when using the popular SSL and TLS encryption protocols, service information remains in the request - for example, about the operating system or about the application that sent the data or is waiting to receive it. However, in Tor, this information is “cut” from the data packet, anonymizing the sender.

In addition, each time a random sequence of computer nodes is selected to deliver data, the number of which in the Tor network numbers in the thousands - this makes it impossible to determine that several different requests are sent by the same person.

How to use Tor

To use the Tor network, you need to install one of the applications, a complete list of which is listed on the Tor Project website.

In 2006, Vidalia appeared - the first application from the Tor ecosystem that establishes a secure connection through the Tor network on a computer, which became popular due to its simple graphical interface. Then, in 2006, for many users Vidalia was the “torus”. With Vidalia, you can configure other applications to transfer data in encrypted form.

In 2007, Vidalia was integrated into the Tor Browser Bundle, a software package that for simplicity is called the Tor Browser. Now the Tor Browser Bundle is the most popular product in the entire ecosystem, because it allows you to access the Internet without any additional settings: you just need to download the application and run it without special installation.

The Tor browser is based on Firefox. Its security has been tested countless times by volunteers and enthusiastic developers—more than any other product in the Tor ecosystem.

In June 2014, the GNU/Linux-based Tails operating system appeared, which can run from a flash drive and “mimic” Windows XP so as not to attract unnecessary attention when working from a public place. Tails has a built-in Tor browser, an email client with encryption support, an office suite, and graphic editors.

Criticisms and disadvantages of Tor

The problem with Tor is that it only provides proper security if the applications you use are properly configured to work with it. For example, Skype will not work correctly through Tor by default, and Flash is disabled by default in the Tor browser, since it can connect to remote servers on its own, not through Tor, thus giving away the user's identity.

The creators of Tor warn that it is dangerous to open even the popular .doc and .pdf document formats when connecting through their network, because they can also load content (such as images) from external sources when opened in third-party programs not configured for Tor. In addition, you cannot use torrents in Tor: firstly, they greatly overload the network, and secondly, due to the peculiarities of the BitTorrent protocol, connections are made through it directly, and not through a network of volunteer computers that anonymize the traffic.

Due to the design of the network, where information is transferred between many computers with different connection speeds and different communication bandwidths, the overall speed of the Tor network has been at the dial-up level for a long time. Because of this, most sites on the darknet still have a primitive design and try not to use images too much so as not to overload the network.

In the fall of 2014, Tor was criticized for a possible security hole after the arrest of the owner of the “revived” online store Silk Road 2.0, which was accessible only through an anonymous network. Another 17 people and about 400 websites were arrested, and the confiscation of computers that served as Tor relays was also reported.

The investigation, which was carried out by Europol in cooperation with the FBI and other intelligence agencies, did not reveal exactly how the arrested persons and computers were found. The Tor network began to be criticized for its vulnerabilities and possible connections with the government, which almost caused a split in its community. However, there were also those who drew attention to the mathematical approach to encryption algorithms: even if connections with the government really exist, it will not be possible to deceive science.

Who makes Tor

Despite the enormous popularity of the Tor network and its products, only about a dozen people work on their development. Initially, the creation of the Tor network in the early 90s was undertaken by the US Navy Research Laboratory, and until 2010 it was an active sponsor of the project.

At various times, various government and para-government organizations, including SRI International and DARPA, provided money for the support and development of Tor, which is why many opponents of the project got the impression that it was subordinate to the US government.

In 2006, the Tor Project received a grant from the foundation of eBay founder Pierre Omidyar, and since 2007, the development of the project has also been sponsored by Google. Ford, the non-profit Freedom of the Press Foundation, Human Rights Watch and one of the American Internet providers, which transferred money anonymously, also donated money.

Anonymous donations also came from more than 4,600 people, so in theory, a person in any of the world's governments could be a sponsor of Tor's work.

What do the State Duma and Roskomnadzor want to achieve?

On February 5, the chairman of the relevant State Duma committee, Leonid Levin, proposed to develop a bill according to which access to anonymous Tor networks would be limited. According to Levin, anonymizers (sites that hide the user’s IP address when browsing other sites or using Internet services) and means of accessing Tor should be blocked without a court order.

According to the deputy, such a law will prevent the dissemination of prohibited information, and will also counter the commercial spread of viruses and illegal access to information. In other words, Levin believes that Tor is used to organize a shadow market for the sale of exploits and other hacking services.

Later that day, Levin’s idea was supported by Roskomnadzor, citing the fact that Tor and other anonymizers allow you to bypass website blocking. According to department press secretary Vadim Ampelonsky, it is possible to solve the problem of blocking anonymizers, but he did not specify how exactly it is planned to do this.

The next day, Ampelonsky told Lenta.ru that in his understanding, the Tor ecosystem is a breeding ground for crime. A representative of the department compared the anonymous network with the Moscow district of Khitrovka, which existed in pre-revolutionary times and was cleared of thieves' dens under the Soviet Union.

There was such a district in Moscow in the last and century before last - Khitrovka. The criminal bottom, the habitat of social waste. Why did the Russian monarchy tolerate Khitrovka within walking distance from the place where the august crowned kings? It is not known for certain, but apparently, having all the ghouls in one place, it was easier to control them.

Here Tor is a global cyber hack. Created and managed by someone we know. What did the Soviet government do with Khitrovka? Read from Gilyarovsky.

Vadim Ampelonsky, press secretary of Roskomnadzor

The speeches of Levin and Ampelonsky are not the first attempts to raise public discussion around the ban on Tor and anonymizers. In June 2013, the Izvestia newspaper reported that the Public Council under the FSB was preparing recommendations on the need to ban anonymous networks. Although the Public Council under the FSB later denied the report on the development of recommendations, in August Izvestia again reported on a legislative initiative to block Tor and anonymizers.

Then the FSB said that on the Tor network, attackers were selling weapons, drugs, and counterfeit credit cards. Director of the Safe Internet League Denis Davydov also supported the idea of ​​blocking Tor, considering the network a place “for communication between pedophiles, perverts, drug dealers and other freaks.”

Why is there no point in trying to block TOR?

According to Irina Levova, director of strategic projects at the Internet Research Institute, Roskomnadzor will not be able to distinguish encrypted traffic going through Tor from IP telephony, banking transactions or even online video. The agency may try to block sites that distribute programs for accessing the Internet via Tor, but users can use other anonymizers that have not yet been blocked to download them.

This happened in 2013 in Iraq, when the government blocked the Tor Project website along with Facebook, Twitter, Google and YouTube out of fears that they could be used for self-organization by the extremist group "Islamic State" (ISIS). Then activists began launching mirror sites with installation and use instructions in Arabic, which could even increase the number of Tor users.

In 2011, owners of Internet services accessed via an encrypted connection began reporting strange activity from China. When a user from China tried to connect to such services, he sent an incomprehensible request to the server, after which his connection was terminated. Thus, in China, not only access to the Tor network was disabled, but also other foreign services operating through an encrypted channel.

Moreover, it is simply not profitable for the government and law enforcement agencies, which consider Tor a breeding ground for crime, to block access to the anonymous network. According to an Izvestia source familiar with the situation around the 2013 initiatives to block Tor, such anonymous networks are considered safe, which allows intelligence services to successfully catch criminals in them. If Tor is blocked, a new network will appear, and authorities will have to develop new methods of control and search for criminals.

Updated: in the BlockRunet comments @Shara rightly pointed to an article that describes in detail mechanisms for restricting access to Tor of varying degrees of complexity and sophistication. Its main message is that an “arms race” between the government prohibiting anonymous networks and enthusiasts is possible, but using the example of China, one can observe how insignificant the number of those craftsmen who are able to break through a complex filtering system with heuristic analysis is.

On the other hand, the state does not have to achieve complete filtering or decryption of traffic to identify attackers: if it can accurately separate the type of traffic (VPN/I2P/Tor) and achieves a ban on the use of Tor at the legislative level, then the very fact of connecting to an anonymous network will be illegal , and not the transmission of prohibited information or other illegal actions.

Apparently, the Tor network remains unhacked. At least according to a 2012 internal NSA report, while the organization has had the ability to reveal the ownership of certain nodes in certain cases, it is generally unable to disclose any node upon request. Yes, and these disclosures occurred due to situations such as an error in the Firefox browser, which was part of the tor bundle and other similar things. If you use Tor correctly, the likelihood of exposure is extremely low.

2. Tor is not only used by criminals

Contrary to popular belief, Tor is not only used by criminals, pedophiles and other bad terrorists. This, to put it mildly, is far from true. Activists of various kinds, journalists, and simply people who love privacy make up the portrait of Tor users. Personally, I am very impressed by the position of the Tor developers, answering the question “what, do you have something to hide?” with the phrase: “No, it’s not a secret - it’s just none of your business.”
And criminals have a large arsenal of tools, from changing identities to stolen devices or network access, from botnets to Trojan viruses. By using and promoting Tor, you are helping criminals no more than using the Internet.

3. Tor has no hidden loopholes or backdoors

There are rumors that Tor was created by the military, and they deliberately created hidden loopholes in it. Although Tor was originally funded by the US Navy, its code has since been publicly available and many cryptography experts have studied its source code. Everyone can study them. And now enthusiasts, advocates of privacy and anonymity on the Internet, are working on the project.
There is also information that US intelligence agencies hold about 60% of all nodes - but this is most likely a distorted information that about 60% of funding is provided by the US in the form of grants.

4. There have been no cases of anyone being convicted for supporting a relay node

True, in Europe, in this beacon of human rights and legal paradise, or more precisely in Austria, just the other day the person who held the output node was accused of complicity, because Illegal traffic passed through this node. So the danger of maintaining an output node is obvious. Well, relay nodes should be out of danger, since according to the network operation scheme they do not know where the request came from, where it is directed, or what traffic they transmit. And it is almost impossible to prove the passage of traffic through relay.

5. Tor is easy to use.

Many people think that Tor is something difficult for hackers and computer geniuses. In fact, the developers have already made it as easy as possible to use - just download Tor Browser, and when you launch it, you will automatically use the Tor network. No settings, commands on the command line, etc.

6. Tor is not as slow as you think

Just a couple of years ago the network was slow. Now access to sites occurs at quite acceptable speed. Yes, you can’t download torrents through Tor - it’s both slow and harmful to the network. But you can carry out any other usual activity without irritation.

7. Tor is not a panacea

When using Tor, you still need to follow a few rules and understand a little about how it works, what it can do and what it cannot do, so as not to nullify all its efforts. If you are using the Tor Browser and are also logged into Facebook, this makes little sense. Understand how it works and use it wisely.

Personally, I am a supporter of maintaining privacy and anonymity on the Internet. I promote and encourage everyone to support the Tor project as necessary and useful, especially in light of the sad events with the new laws “against the Internet.” Support the Tor network. Set up a relay for yourself - if you can allocate at least 50 kb/s in your channel for Tor, this will already be enough.

Why I advocate privacy and the possibility of anonymity. After all, I’m a law-abiding citizen and I have nothing to hide, right?
Well, I personally can answer this with the following arguments:

  • I may have nothing to hide, but what I do is none of your business
  • times change, people change, and laws change. I wrote something in the comments, and a couple of years after the adoption of another smart law, it suddenly became classed as extremist statements
  • I don’t believe that all the people who are trying to monitor my actions are crystal honest and devoted servants of Themis. That no one will try to use the information received for their own dirty selfish purposes.

It will be interesting to know your opinion on issues of privacy and anonymity, %username%

Tor is an indispensable tool for those who care about privacy when surfing the Internet. Many people believe that for complete anonymity it is enough to simply download the Tor browser package from the Internet and run it. This is wrong. When browsing the Internet, it is worth considering that there are certain patterns of so-called incorrect behavior that can reveal your real identity and location even when surfing through Tor. We will try to get to know the Tor network better and develop some mechanisms for interacting with this network in order to maintain our privacy.

Introduction

So, the Tor network is created by servers run by volunteers. The main purpose of the Tor network is to allow users to hide their identity and also to thwart Internet surveillance mechanisms. All your interactions with the Network are encrypted, requests pass from one relay to another, and then finally reach their destination. Combined with https, Tor provides end-to-end encryption, making your traffic impossible to read even by the volunteers maintaining Tor servers, and your real IP address is well masked by the last relay's IP address.

What could possibly go wrong with such an elaborate privacy protection scheme? Why are these measures not enough to maintain your complete anonymity?

Where to start

To start forming the right habits when working with Tor, let's highlight a few main points:

  • Use the Tor browser exclusively. Despite the fact that any browser can be connected to the Tor network, it is recommended to use the browser of the same name. The reason lies in the fact that the native browser is configured accordingly, while other browsers can leak confidential information due to their settings.
  • Do not work with torrent files via Tor. It is well known that torrent file sharing applications can ignore proxy settings, revealing your real IP address. Another reason is that torrenting through Tor can greatly slow down the entire network.
  • Use HTTPS everywhere. The Tor browser has a plugin called HTTPS Everywhere that forces sites that support this protocol to use it. As a result, you get the opportunity to use end-to-end encryption. Visit the website of the developers of this plugin for more information.
  • Do not install or activate additional browser plugins. The only plugins you need are already included in the Tor Browser. Other plugins can expose your identity, making Tor completely useless.
  • Do not open documents downloaded by Tor while you are online. If you open a document downloaded using Tor, it may contain links that connect to the site without going through Tor. This may lead to information leakage.
  • Disable JavaScript completely (only as a last resort). Tor has a NoScript plugin specifically for these purposes. If you want to completely disable JavaScript in the browser, go to about:config and set the “javascript.enabled” setting to false. However, it is worth considering that almost all modern sites use JavaScript for rendering, so disable it completely only in extreme cases.
  • Disable the use of HTTP referer. To do this, go to about:config and disable “network.http.sendRefererHeader” (change 2 to 0).
  • Disable iframes, to do this again go to about:config and disable “noscript.forbidIFramesContext”, changing the value to 0. Iframes can be used to distribute malware, but they also play a big role in the functioning of modern websites.
  • Use Tor bridges. All of the above precautions will not hide the fact that you are using the Tor browser. Therefore, the user tracking the traffic can note this. If you are concerned about this issue, we highly recommend using Tor bridges.

Setting up Tor bridges

Tor bridges are special relay nodes of the Tor network. They differ from ordinary nodes (nodes) participating in the connection chain in that they have a closed status. That is, they are excluded from publicly available (published) lists. Used to bypass blocking by the Tor network provider.

If Tor is not running, click "configure" in the main window and skip the proxy phase.

Figure 1 and 2. Skip the proxy setup phase

Then click "Yes" on the next screen and select "obfs4" as the default type.

Figure 3 and 4. Select obfs4

If the browser is running, you need to perform the following sequence. Click on the bow icon.

Figure 5. Click on the bow icon

Then select “Tor is censored in my country.”

Figure 6. “Tor is banned in my country”

Then also select "obfs4".

Figure 7. Select “obfs4”

After all these steps, it will be difficult for anyone to identify that you are using Tor.

conclusions

So, we have received enough information to try to configure Tor correctly. First, we found out what a Tor bridge is and how it will help us remain anonymous. We also discussed how to avoid government blocking of Tor traffic by using the obfs4 setting, which obfuscates your traffic, making it look harmless.

Moreover, there is a way to get your own custom bridges; to do this, you need to send an email to this address containing the line “get bridges” in the body. There is a caveat - you must send a letter from one of the following mail services - Gmail, Yahoo! or Riseup, since the system only supports these providers. Happy experimenting!