Is Tor (Orbot) Really That Safe? Here's why you should be (really) careful when bowsing with Tor.
It's been a while since I published a video called The safest way to use the web. I explained the basics of Tor project software and it's client for Android, Orbot. But is it really that safe? Let's go way deeper into this and find out how things are.
Let's take a quick look at this image.
(http://null-byte.wonderhowto.com/)
This is how it works. You (the terrorist - not really) access the Tor network. What it does, is that it firstly connects to the Tor entry node. Then your connection gets through another node, called Tor relay node, where your net activity gets hidden from tracking websites and such.
We're not done yet, there is one more little step from being connected to the site. It's the Tor exit node, the last node, which, as you may expect - is the most important one.
Now you probably know that if there's anything bad with the exit node provider, you could very easily get exposed and Tor would be totally useless. But it's not that easy to host a harmful exit node, right? Well, you're wrong - it's that easy. Let's see.
Almost anybody can host an exit relay server for Tor. Therefore, the person hosting and estabilishing this kind of connection basically takes all the responsibility at himself. Even if he doesn't mean to cause any troubles, there are many secret services that would love to see how things are.
The tor network is used by thiefs, hackers and even phedophiles. After you host your own exit relay, you become a potential victim for services like the NSA and you could even recieve some nice backdoors and malwares from these guys.
This is just a little list from Sweden study exposing the "bad guys", that were monitoring all the activity that came from people using the Tor network. You can take a look at sampling rate, that shows frequency of attacks - some of them attacked very frequently, some of them poisoned less so nobody would find out. As you can see, almost all of them are from Russia.
Let's take a quick look at this image.
(http://null-byte.wonderhowto.com/)
This is how it works. You (the terrorist - not really) access the Tor network. What it does, is that it firstly connects to the Tor entry node. Then your connection gets through another node, called Tor relay node, where your net activity gets hidden from tracking websites and such.
We're not done yet, there is one more little step from being connected to the site. It's the Tor exit node, the last node, which, as you may expect - is the most important one.
Now you probably know that if there's anything bad with the exit node provider, you could very easily get exposed and Tor would be totally useless. But it's not that easy to host a harmful exit node, right? Well, you're wrong - it's that easy. Let's see.
Almost anybody can host an exit relay server for Tor. Therefore, the person hosting and estabilishing this kind of connection basically takes all the responsibility at himself. Even if he doesn't mean to cause any troubles, there are many secret services that would love to see how things are.
The tor network is used by thiefs, hackers and even phedophiles. After you host your own exit relay, you become a potential victim for services like the NSA and you could even recieve some nice backdoors and malwares from these guys.
This is just a little list from Sweden study exposing the "bad guys", that were monitoring all the activity that came from people using the Tor network. You can take a look at sampling rate, that shows frequency of attacks - some of them attacked very frequently, some of them poisoned less so nobody would find out. As you can see, almost all of them are from Russia.
So here's just a quick summary - Tor isn't that safe as everyone expects it to be. If the exit relay is monitored, everything becomes useless and even dangerous. If you use the Tor network often, you should consider creating special accounts with unique password so nobody possibly steals your stuff.
No comments: