The Onion Project was created to offer an anonymous way to connect to the internet and the darknet essentially through befuddlement. It has established a network that operates to route connection requests in a way that obfuscates users attempting to access surface websites, in addition to enabling users to build websites, on the darknet , whose hosting servers cannot be traced. Throughout this article we’ll provide an introduction to Tor network and its vulnerabilities.
Tor provides two forms of services:
1- An anonymous way to connect to the internet (surface websites).
2- Hidden services which are anonymous websites whose owners and hosting servers are anonymous . The domain names of these sites end in “.onion” instead of “.com, .org, .info……etc” that mark surface websites.
.Onion websites are considered parts of a darknet and can be only accessed via Tor. Darknets comprise the dark web, which in turn represents a small part of the deep web. The deep web represents all internet content that can only be accessed via a specific protocol e.g. Tor. This is a rather broad definition, as for example, the content on online databases which belong to governments and universities is protected by means of a “pay-wall”; accordingly, these databases are considered parts of the dark web.
How Does Tor Promote Anonymity for Internet Users?
Tor enables users to access surface websites anonymously, so their traffic cannot be traced back to them. Although encryption can prevent hackers from seeing what users are sending to and receiving from various websites, it cannot protect them against being traced back using web traffic analysis. To prevent traffic analysis, Tor routes connection requests from each user to multiple relay nodes so that the path from the user to the website, whether on the surface or dark web, is impossible to be traced. Tor relay nodes are connections to thousands of Tor users who have volunteered their bandwidths to Tor to secure the network. Consequently, each and every connection request relays through multiple IPs and the destination website will not be able to trace the user via observing who sent the packet. The complicated nature of this protocol is that any relay node across Tor’s network cannot trace the origin of any of the connection requests it receives and redirects.
Hidden Services: Sites on the Deep Web:
Hidden services are websites on the deep web which have a .onion address that requires a Tor browser to be accessed. This method doesn’t link the website to a hosting IP address. To guarantee this, the hidden service will connect to nodes on the network using Tor circuits. Firstly, the hidden service will select some introduction nodes and formulate Tor circuits to them which will give introduction nodes the capability to ping back the hidden service without tracing back its location. Secondly, the hidden service will create a descriptor that will allow users to access the service, which will contain its public key and references that point to the introduction nodes. This will be signed by the hidden service’s private key and then the content of the website will be uploaded to a distributed database hash table i.e. it will be hosted on more than one node while promoting redundancy; in other words, content of the website won’t be lost if one of the hosting nodes go offline. The address of a website on the deepweb is 16 characters long and is created using the site’s public key.
Vulnerabilities of TOR:
Malicious attacks can occur against Tor users, just like it can happen to users of surface websites. Hidden services that contain corrupted downloads or malicious code can affect users whether or not they are using Tor. Also, hidden services can be also attacked by hackers via SQL injection, cross-site scripting and denial of service attacks.
De-anonymization can occur to a small percentage of Tor users in some instances. De-anonymization of a user refers to revealing the IP or MAC address, he/she used to connect to the Tor network. This is very hard to accomplish, if not impossible, because it requires the attacker to control all the nodes belonging a user’s circuit, especially that circuits expire and are replaced by new circuits every few minutes.
Tor and the deep web decentralize the internet and omit the censorship and control that can be imposed by federal governments. Although mainstream media is trying to picture the deep web as a big online store for illegal drugs, the truth is that the deep web is full of legal websites that might even be more than the illegal ones and can provide the people of the world with an anonymous way to speak their minds out without intimidation.