Tor Browser - A Tool for Secure & Anonymous Web Browsing


Tor Browser is a free and open source software that uses Tor network to protect your real identity online. 

Tor Network - It is a group of volunteer-operated servers that allows the users to connect through a series of virtual tunnels rather than making a direct connection to the Internet.

It is portable, meaning you can run Tor Browser even from a USB drive, no installation is required. Actually, it doesn't install itself like other programs, it just extracts the contents to the disk.

Tor Browser is one of the best ways to browse the web anonymously.

It is very easy to use, but there are some things you should know before using Tor. First, let's look at how Tor works.

Entry/Guard Relays - These are the entry points to the Tor network.

Middle Relays - These are used to transport traffic from the entry relay to the exit relay.

Exit Relays - These relays send traffic to the final destination intended by the client.

Each relay decrypts only enough of the data packet wrapper to know which relay the data came from, and which relay to send it to next. The relay then rewraps the package in a new wrapper and sends it on.

See also: Orbot - Android App For Hackers

Now, let's take a look at how to use the Tor Browser...


How To Use Tor Browser

First, download the Tor Browser from the official site.

Here is the download link: Download Tor Browser

If you are unable to access the official website, go to Google and then search for "Tor Mirrors", and see any of the copies of the website works for you.

Or you can just use your email to download Tor, all you have to do is, send an email to 'gettor@torproject.org' with one of the following words in the body of the message: Windows, OSX or Linux. You will receive a reply with links from popular cloud services to download Tor Browser for Windows, Mac OS X or Linux, depending on the option you chose.

Note: You can only do a maximum of three requests in a row. After that, you'll have to wait 20 minutes to use it again.

After downloading the package, open it. You will see a small window as shown below (Windows).



Click on "OK".


Now, if you want to change the install location just click on the "Browse" button and select a folder/drive. Then click on the "Install" button.


Wait for few seconds... If the installation is successful, you will see a window as shown below.


Now, if you don't want to run Tor Browser right now, deselect the option. And, if you don't want to add Tor Browser to the start menu and desktop, deselect it. Or just leave those that way. Then click on the "Finish" button.

If you didn't start the Tor Browser already, go to the desktop and double-click on the "Start Tor Browser" icon. You will see a window as shown below.


Select an option according to your situation. If your computers internet connection is censored or the ISP doesn't let you connect to the Tor network, click on the "Configure" button, otherwise just click on "Connect".

If you click on the "Configure" button, you will see a window as shown below.


If your internet service provider block or censor connections to the Tor network, select "Yes" or select "No".

If you select "Yes", you will see a window as shown below.


Now you have the option to connect to a provided set of bridges or obtain a new custom set of bridges and use them.


Bridges - Tor entry guards (nodes) that are not listed in the main Tor directory. Since there is no complete public list of them, even if your ISP is filtering connections to all the known Tor relays, they probably won't be able to block all the bridges.


Using the provided set of bridges is easier, you can do complete the whole setup in just few clicks. All you have to do is, select a transport type (Pluggable Transport) and then click "Next". Then you will see a proxy setup window, if you want to set up a proxy, go for it. Otherwise, select "No" and click on the "Connect" button.


Pluggable Transports - It transforms the Tor traffic flow between the client and the bridge. This way, censors who monitor traffic between the client and the bridge will see innocent-looking transformed traffic instead of the actual Tor traffic.

obfs4 is currently the most effective pluggable transport.


If the provided set of bridges is not working, then you should get a custom set of bridges.

Here is how to get a custom set of bridges:

1. First, go to  https://bridges.torproject.org/options

2. (In the Advanced Options) Select a Pluggable Transport. If you want IPV6 addresses, check the "Yes" option.

3. Click on "Get Bridges".

3. Enter the Captcha and then Hit the Enter key.

You will get the Bridges:


You can also get bridges by sending mail to bridges@bridges.torproject.org with the line "get bridges"

Note: You should use a Gmail, Riseup, or a Yahoo! account to send these requests. Others are not accepted.

Copy the bridge lines and paste them into the "Enter Custom Bridges" box. Then click on the "Next" button.

Tor will only use one bridge at a time, but it is good to add more than one bridge so you can continue using Tor even if your first bridge becomes unavailable.


If your computer needs a local proxy to access the internet, select "Yes", otherwise select "No" and click on the connect button, it will connect to the Tor network.

If you select "Yes", click on the "Next" button and enter the proxy settings:


And then click on the "Connect" button, it will connect to the Tor network.



And then show you a window like this:


You can check whether you are connected to the Tor network or not, all you have to do is click on the "Test Tor Network Settings" link or visit https://check.torproject.org/.


That's all. You have successfully setup the Tor Browser.

Here are the rules you should follow when using Tor (if you don't follow them, your anonymity will not be good):
  • Don't enable or install browser plugins: Plugins like Flash, Quicktime, Javascript are not good for anonymity because they can be manipulated into revealing your real IP address. You can use the NoScript addon to disable all the plugins.
  • Don't install additional Addons: When you first launch the Tor Browser, you'll have four addons: HTTPS Everywhere, NoScript, Torbutton, and TorLauncher.
  • Don't use Torrent with Tor: Torrent file sharing applications sometimes ignores proxy settings and make direct connections even when they are told to use Tor. Let's say you managed to force Torrent to use Tor all the time, but still, you will not be completely anonymous because a torrent application works by frequently sending out tracker GET requests which contain your real IP address. Also, torrent over Tor can slow down the entire Tor network.
  • Use Bridges: Using a bridge makes harder for the ISP to know that you are using Tor.
  • Don't open documents downloaded through Tor while you are online: This usually doesn't happen because Tor Browser will warn you before automatically opening documents that are handled by external applications. If you ignore the warning and open the document, your real IP address might be revealed to the world.
  • Use HTTPS versions of websites: Though the HTTPS Everywhere is enabled by default, always make a conscious effort to use the HTTPS version of websites because encryption to encryption of your traffic to the final destination website (exit node <--> Internet) depends upon on that website. If you want to know how HTTPS in Tor helps you to protect your privacy and security, just visit this amazing EFF page: How HTTPS and Tor Work Together to Protect Your Anonymity and Privacy.

If you are paranoid about your security and anonymity, here are some more rules for you to follow (these rules are super extreme):
  • Disable Javascript. Go into about:config, search "javascript",  and toggle javascript.enabled to false. Since JavaScript is necessary for rendering almost all the websites, you should turn it on only after weighing the risks and consequences.
  • Disable iframes. You can use the setting in the NoScript (under Embeddings) or go into about:config, and then find noscript.forbidIFramesContext and change the value to 0 (zero). Or in about:config search "frame" and toggle browser.frames.enabled to false.
  • Disable referrers. Go to about:config, and then find network.http.sendrefererheader and change it from 2 to 0.
  • Do not click on any links unless you already know what you will find (or take a calculated risk).
  • Don't log into your personal sites with Tor Browser.

That's all. I hope you liked reading this article. If you did, please share...

If you have any doubts, feel free to ask...




No comments

Powered by Blogger.