When you surf online, you are not only tracked by all kinds of cookies and other trackers, but you expose yourself in an even more fundamental way: every website you visit knows your IP address. With Tor surf you can surf anonymously via a chain of intermediate computers to your destination, so that the website no longer sees your IP address due to your detour. Handy if you don't want any prying eyes or want to circumvent a region restriction.
Every time you visit a website, that web server will see your IP address. That website can in some cases deduce your identity from this. For example, if that IP address is linked to your employer's domain name because you are currently surfing at the office. It is not possible to visit the competition's website anonymously. And there are all kinds of situations in which you might prefer not to let the web server, your internet provider or the government see which websites you visit.
Even if you are careful and use encryption for all your communication, for example via https, this does not protect your anonymity: after all, your IP address must always be visible in order to communicate with network services at all. At first glance, 'anonymous internet' seems impossible.
01 Peeling an onion
The Tor project has a nice solution to this dilemma. This project makes it possible to visit a website anonymously, because you do not visit that website directly, but through a number of arbitrary intermediate steps. For example, the web server you visit will not see your IP address, but the IP address of any computer in the entire world that belongs to the Tor network.
When you use Tor, your computer builds a chain of encrypted connections every ten minutes through random intermediate steps, which we call "relays" or "onion servers". Each relay in the Tor network sees packets coming in from one relay and forwards them to another relay, but doesn't see that those packets come originally from you and eventually go to the web server you're visiting. In addition, the data itself is encrypted: each relay encrypts its connection to the next relay, giving you "shells" of encrypted tunnels that encircle each other. Hence the onion as the logo of Tor, which by the way is called The Onion Router in full.
Tor is therefore useful to surf the Internet anonymously without being traced by advertising companies, or if you fear that shady companies or governments are looking over your shoulder. But you can also use Tor to bypass region restrictions and still visit web pages blocked by your ISP.
02 How reliable is Tor?
Now you might be thinking: who are those Tor relays forwarding my network traffic? Can they be trusted? But that's the beauty of how Tor works: you don't have to trust those relays at all. Only the first relay of your connection sees your IP address, but has no idea which web server you are eventually connecting to, because your packets pass through all subsequent relays in encrypted form. The last relay in the chain (the 'exit node') visits the web server, but for the same reason has no idea who is sending the packets to the web server. Of course, it can view the network traffic to the web server, which is why it is important that you still visit websites via https even when using Tor.
In short, even if there are unreliable relays in the Tor network, you remain anonymous, at least as long as not all the relays in your chain are unreliable and colluding. Every ten minutes, the Tor software on your computer also creates a whole new chain. Even in the unlikely event that your entire chain is compromised, they won't be able to track you after ten minutes. The more relays there are and the more different parties they run (the more diverse they are), the more secure the Tor network is.
Why not a proxy or vpn?
There are also many centralized anonymization services, which act as proxy or vpn and promise you that you can surf anonymously through their service. But while Tor is completely decentralized and thus guarantees your anonymity 'by design' because not one party knows your connection details (source and destination address), those services are all about privacy 'by promise'. The company promises you that it does not log your IP address and the websites you visit and you can only rely on that. But if the service goes down, you suddenly have to find another solution. Worse yet, if the service is infiltrated, taken over, or hacked by a totalitarian government or a group of criminals, your privacy is compromised, often without you even knowing it. In Tor you also have to have trust, but there the trust is spread over several relays, so that a lot has to be done before your privacy is at risk.
Install 03 Tor Browser
In principle, you can just keep using your favorite web browser and set the Tor network as a proxy, but that's not recommended, as there are all kinds of other sneaky ways to find out your IP address or track you. After all, to surf anonymously, you should also block cookies and disable all kinds of scripts and plug-ins. The Tor Browser does all that, which you can download from Tor's website for Windows, macOS, Linux, and Android. There is no version for iOS; on that platform you can use the free app Onion Browser from Mike Tigas.
We show here how to use the Tor Browser in Windows; in macOS and Linux it is similar. On the Tor home page, click Download Tor Browser and then click on your operating system icon. After the download is complete, launch the installer and choose your language (Dutch is supported). The installer creates shortcuts in the start menu and on the desktop by default, and launches the Tor Browser after installation.
04 Getting started with Tor
In the Tor Browser window, click Connect to connect to the Tor network. After that, the Tor Browser opens a welcome page. You can now surf anonymously by typing a URL into the address bar. Or you can search anonymously through the privacy-focused search engine DuckDuckGo whose welcome page displays a search field.
If you maximized the Tor Browser window, you will notice that the browser says it is not recommended. After all, websites can try to trace you on the basis of all kinds of parameters of your computer, such as the resolution of your monitor.
The Tor Browser is equipped with the HTTPS Everywhere and NoScript extensions, which redirect you to https versions of websites and block scripts on websites, respectively. By default they are active, but their icons are not in the toolbar. If you want to add them, right-click on an empty place in the toolbar, for example between the address bar and the icon of the ui, choose customise…, drag both icons to the toolbar and click Done.
05 A different path to every website
Tor does hide your IP address, but as soon as you open multiple websites, there is a chance that those underlying use the same ad or tracking network and can link your activities on the different websites.
That's why Tor creates a different circuit for each website you visit: the circuit you use for a website is shown when you click the info button to the left of the address bar. below Tor Circuit you see the IP addresses and countries in the chain between you and the visited website.
That circuit is the same for all pages of that website, including in other tabs or windows, so that the website doesn't get confused. But two different websites you visit are reached via different paths, so a third-party tracking service in both websites won't see that both connections come from the same browser.
06 Manage your identity
With a click on New Circuit for this Site you change the chain for a website. This is useful if the last relay in the chain cannot reach the website for some reason. Note that the Tor Browser only changes the first relay, the 'guard node', every two to three months: research has shown that this is safer than changing them every time.
Even more drastic is the option New Identity, which can be found in the menu (icon with the three horizontal bars in the top right) or under the ui icon in the toolbar. This is the 'nuclear option' for your anonymity, which prevents anything from your browsing activity from being linked to your activities before. The Tor Browser then closes all your tabs and windows, clears all private information such as cookies and browsing history, and uses new Tor chains for all connections. Any downloads that are still in progress will also be aborted.
Tor as a digital underworld?
Often an image is painted of Tor as a playground for criminals and other shadowy scum whose activities should not see the light of day. Drug and gun sellers and hitmen, they would all be eager to take advantage of the dark web. But that violates the truth: the average Tor user looks like the average Internet user. In the west, we may not care much about privacy, but investigative journalists and whistleblowers desperately need Tor to do their job. And for residents of totalitarian states, Tor can be the difference between life and death. And those criminals? You find it more on the regular web than on Tor…
07 Security Settings
The Tor Browser has different levels of security. If you click on the shield icon in the top right toolbar, you will see the current security level, standard. To adjust the security level or just to see what the current level means, click Advanced Security Settings.
At the standard level, all communication takes place via the Tor network, but the Tor Browser does not hinder websites: so javascript continues to work. Your IP address may be hidden, but you are probably still leaking a lot of information in the background. Do you choose Safer, javascript will be disabled on websites without https, some fonts and math symbols will no longer load, and audio and video must be clicked before they start playing. safest goes even further: this security level disables javascript everywhere, and also no longer loads icons and images.
If you want more flexibility, place the NoScript icon in the toolbar, so that you can set which scripts you allow per website. Do not be tempted to install additional extensions that are intended to improve your privacy or security. In principle it is possible, because the Tor Browser is simply based on Firefox. At best, however, an additional extension won't work with the Tor Browser's custom configuration, and at worst, it undermines all of the Tor Browser's privacy measures.
08 Onion services
Onion services (formerly known as "hidden services") are services, often websites, that are only accessible on the Tor network. The IP address of an onion service is not known, which means that its operator can remain anonymous. In addition, all network traffic between Tor users and the onion services they visit is end-to-end encrypted: after all, by visiting an onion service, you never leave the Tor network at any time.
You visit an onion service just like any other website: by typing the address in the address bar. But there's something strange about that address: each onion address consists of a string of 16 random letters and numbers, followed by .onion. If you type this address into a normal web browser, it won't find the server, because the top-level domain .onion is not valid. But if you type the same address into the Tor Browser, you'll end up on the website, because it runs through the Tor network. When you visit an onion service, the Tor Browser shows a green icon of an onion in the front of the address bar.
But how do you find those onion services? There are several websites that collect links to onion services, such as The Hidden Wiki (www.zqktlwi4fecvo6ri.onion). The search engine DuckDuckGo (//3g2upl4pq6kufc4m.onion) also runs an onion service. And even Facebook (http://facebookcorewwwi.onion), which allows people in countries where the social network is blocked to still communicate with their family and friends. But beware: there are also a lot of shady onion services online that are just trying to mislead visitors. After all, for some people, anonymity brings out the worst…
Do not use a Tor proxy
If you want to quickly visit an onion service, but don't have a Tor Browser installed, you may be tempted to take a shortcut: by using a Tor proxy or Tor gateway. This allows you to visit an onion service without being on the Tor network. We are not going to give you links to Tor proxies, because using them is a bad idea if you care about your privacy. After all, the Tor proxy can monitor all network traffic between you and the onion service. In addition, someone who eavesdrops on your network traffic can see which onion service you are visiting. With a Tor proxy, you therefore in no way benefit from the privacy benefits of the Tor network.
09 Tails
If you want to do more on the Tor network than visit a few websites, it's recommended that you redirect all your network traffic through Tor. There are tricks to do that in Windows, but to really protect your privacy, there are so many things to consider that a mistake can happen quickly. For those who seriously want to get started with Tor, it is therefore recommended to do so with a separate operating system: Tails.
Download the image from the Tails download page and write the 1.2 GB img file with balenaEtcher to a USB stick with a minimum capacity of 8 GB. You can then boot your PC from this USB stick to work with Tails.
10 Getting Started with Tails
After the boot menu where you choose the default Tails session, select your language and keyboard layout from the list and click Start Tails. You should do this every time, by the way, because Tails is a live distribution that does not store anything on your internal drive. After that you will see the desktop of Tails. At the top right of the status bar you can select your WiFi network. Then wait for the notification Tor is ready. In the menu Applications you will find the Tor Browser. This allows you to surf via the Tor network just like in Windows, but as an extra the web browser also contains the extension uBlock Origin to block ads.
Tails includes a lot more software that all communicates over the Tor network: not just what you visit in Tor Browser, but all internet traffic is routed over the Tor network. And all kinds of programs, just like the Tor Browser, have an extra safe configuration. For example, the Thunderbird e-mail program includes the Enigmail extension for encryption and digital signatures with OpenPGP. And the chat program Pidgin for irc and xmpp is configured with encryption via the Off-the-Record protocol.
You can also exchange files anonymously with OnionShare directly in the file manager. Open Files in Applications / Accessories, right click on a file or folder and choose from the context menu Share via OnionShare. If you then Start server click, you will automatically start an onion service. After a while you will be presented with a randomly generated onion domain. Share this with the person you want to share the files with and they just need to visit this domain in the Tor Browser to download your files. Completely anonymous and end-to-end encrypted.
11 Saving files in Tails
By default, Tails doesn't save any files: the Linux distribution even wipes your entire internal memory before shutting down the computer, leaving no traces of your anonymous browsing sessions. But what if you also want to store files on the USB stick on which you have installed Tails that you need during multiple surfing sessions? That is possible, with 'persistent storage' you create an encrypted volume on the free part of your USB stick, in which you can store personal files, settings, extra software and encryption keys.
Open in the applications menu Tails / Configure persistent volume. Now enter a password and confirm it. For security, it is best to choose a passphrase of five to seven random words. Then click Create. Once the encrypted volume has been created, the persistence assistant will ask you which files you want to store on it: only files that you have in the folder persistent also your browser bookmarks, network and printer settings, additional programs, and so on. Feel free to confirm the default choice with Save, you can enable the rest later by restarting the configuration program.
If you then restart Tails, you will get a section in the window where you choose your language Encrypted persistent storage. Enter your passphrase here and click Unlock. Then click Start Tails, after which your Tails session can access your encrypted volume. Everything you put in the folder persistent is encrypted in the background.
12 Tor Browser in Android
Since May of this year, the Tor Browser is also available for Android in a stable version. You download Tor Browser for Android from Google Play, F-Droid or as an apk file from Tor's website. After opening the Tor app, click To connect to establish a connection to the Tor network.
The mobile app offers roughly the same capabilities as the Tor Browser for PCs. In the security settings you can choose the same security levels: Standard, Safer and safest. And the extensions HTTPS Everywhere and NoScript are also installed.
13 Run a Tor relay yourself
The Tor network only works if enough people are running Tor relays. Running a relay in the middle of the Tor chain puts you at no risk. But if you run an exit node, your ip address will appear in the logs of servers that are visited by others via your exit node.
Now you might be a bit hesitant to support the Tor network with an exit node, because Tor is also used for criminal activities.After all, you don't feel like being pulled out of your bed by the police before daybreak, because someone has announced through your exit node that they are going to commit an attack.
Bits of Freedom, a Dutch foundation that stands up for digital civil rights, discusses the legal risks of running a Tor exit node on its website and also gives some tips to limit the risks. That way you can help people who really need Tor for their safety without getting yourself in a mess.
Private windows with Tor in Brave
Brave, a privacy-focused web browser, blocks ads and trackers. If you don't need Tor all the time, but want to do something to protect your privacy, this browser is also a good choice. The latest version even has a private mode with Tor integration for anonymous browsing. Just open the menu at the top right and choose New private window with Tor. Everything you do in this window goes through the Tor network, keeping your IP address hidden. In addition, the default search engine is DuckDuckGo. Switching to a new Tor identity is just as easy with New Tor Identity in the menu. Note that you can still leak your IP address or other sensitive information in a private window with Tor. Brave's GitHub page lists the leaks when browsing through Tor in Brave. If your personal safety depends on your anonymity, according to the makers of Brave, you better use the Tor Browser.