Dark Hacks

Security and privacy is a big issue on the internet. Slowly and streadily all the casual internet users are warming up to things like spyware and browser hijacking, over existing threats such as viruses, which is a good thing. Any self respecting surfer shouldn't use Internet Explorer, at least not the current version, but only using Firefox alongwith anti-spyware solutions, such as Ad-Aware or SpywareBlaster, is only a part of the battle won.Even if you get rid of your cookies every five minutes, you're still leaving behind a trail of your browsing habits, not on your own PC, but on the servers that host the sites you're visiting, and all the nodes in between.Let me back track a little.The InternetThe Internet is a network of computers connected to each other, but not directly to each other. A computer, called a node, in Mumbai isn't directly connected to a node in New Delhi, but they are still able to access each other because the connection from Mumbai "hops" from router to router all the way till it reaches the other one at Delhi. All the routers in the middle can store logs of your visits by your IP addresses. A connection typically uses the same route for an entire session, increasing the chances of someone sniffing packets and tapping into your internet interests.The following picture demonstrates typical internet flow. The amber node is the source that initiates the connection (i.e. typing in a website url, etc.) and the green one is the destination (i.e. the node that hosts the website you're trying to visit). The red line indicates a typically unencrypted line of communication between normal nodes on the internet.This is what the Tor network aims to prevent.What is Tor?Tor, or 'The Onion Router', is a peer to peer network of specialized nodes that randomize the hop sequence so connections in the same session may take a completely different route to reach the destination. As a result, the IP address reported to the destination website is random everytime the connection is made, making it difficult to trace the route. Connections between nodes and routers are also encrypted with multiple layers, which is what puts the "onion" in the name. The Tor routers also don't store any logs of IP addresses that come and go through them, further enhancing your privacy.This picture shows a typical Tor network flow. Light green routers are available Tor routers. The amber node is the source, this time using the Tor software, and the green node is the destination which doesn't need to be running Tor software, as the connection is converted into a normal one from the last Tor node. The green line indicates an encrypted line of communication between the Tor routers. Notice the relatively random sequence of hops taken by the Tor flow.When a connection is initiated with the Tor network, a list of available routers is procured and one of them is chosen to carry the connection forward. The chosen router then looks for another random router in the vicinity and forwards the data to it. This continues till the connection reaches the closest router, from where it breaks out of the Tor network into the regular internet to access the destination website. Since the connection can come from any of the various Tor routers without any information of the actual source, the destination has random source IP addresses in the logs, completely anonymizing your browsing session..onion WebsitesTor is not only a network of routers and proxy servers. It is also possible to host "hidden" websites within the Tor network itself, which get a pseudonymous TLD ".onion". They are virtual domains that don't actually exist in the public internet and also cannot be accessed by computers that are not running the Tor software. Sites get random names using public keys, such as 6sxoyfb3h2nvok2d.onion, making them even more difficult to identify.How to use TorThere are two components that form the Tor network: the Tor server/router and the Tor client. Routers are generally dedicated machines that are kept for forwarding and bouncing traffic around the network. Clients are installed by peers wanting to anonymize their browsing session. A typical end user simply downloads and installs the Tor client and configures his applications (browser, instant messenger, etc.) to access the internet via the Tor client, which runs as a SOCKS proxy on the user's computer.