Hello, dear blog readers site. You probably know that any of your online activities (viewed pages of sites, downloaded files, watched videos) can be traced, and from completely different places (by contacting your Internet service provider, by digging in your computer or by looking in the logs of those sites that you visited ). Anonymity online there is only if you do not start "dig deep."
There are some solutions to the problem of leaving traces, which we have already considered. For example, it is possible and then the traces of your visits will not be saved on your computer. Or, for example, when blocking access to some sites (for example, to enter Contact or Odnoklassniki from a work computer).
But there is a much more comprehensive solution - this is the so-called TOR. In fact, this software, which with a very high degree of probability, allows you to hide from prying eyes everything that you do and have done on the Internet. That's just based on this technology and it works. Thor Browser, which today will be discussed. In fact, it wraps sophisticated technology into the shell of an ordinary-looking browser accessible to any Internet user, which everyone can use. But he has an unusual filling ...
What is TOR?
I do not want to load you with technical terms and concepts, which, by and large, will be superfluous. Just literally in a nutshell (on the fingers) I will describe the principle of operation of the Thor technology and the Tor Browser built on its basis. This knowledge will allow you to understand what to expect from this software, what strengths and weaknesses it has in order to consciously apply it to their needs.
So, all this was originally cooked in one of the US military departments. Why did they need this history is silent, but at the beginning of the two thousandth, the beginnings of Thor technology were completely unexpectedly shared. And the source codes were open and this software fell into the status of free distribution. What does it mean? And how much can you trust such a "gift"?
The question is fair, but you can trust it because of the openness of the code of this technology. The fact is that since then (over a decade and a half) these program codes have studied (and made changes) hundreds, if not thousands, of people who understand this and no “bookmarks” and “secret doors” have been found. Where it's about security (in our case, the transfer and storage of information), it is better to work with open source software (software).
By the way, that's why when choosing n, but for. Simply, they belong to the category of free software and their code was checked by thousands of competent specialists. So somehow calmer, for I keep a lot of passwords from money-tied services and losing them would be very expensive.
So, TOR technology allows you to go to sites and download something from the network. leaving no trace behind. That is, when you open a site, for example, through the Tor Browser, you will not be able to track the IP address of your computer on this site (and therefore you will be calculated). Even your Internet provider will not understand (if you so desire) that you have visited this site (and it will be impossible to prove this). Well, the browser itself will not store all traces of your wanderings on the Internet.
Great, isn't it? I understand that in this way people can cover up their dark deeds. Not without it, of course. But the general idea of \u200b\u200bthe Torah is still bright - to provide the Internet user with real freedom in the form of complete anonymity. For example, in some countries, access to some resources may not be justified, and Thor Browser will allow you to bypass these obstacles and not be punished for this violation, because they will not know that you did (or will not prove it). But not the point ...
How does TOR work? This is called onion routing. See it. There is a network of nodes belonging to the adherents of this technology. Three arbitrary nodes are used to transfer data. But which ones? And this is just no one knows.
Thor browser sends a packet to the first node, and it contains the encrypted address of the second node. The first node knows the key for the cipher and, having learned the address of the second, forwards the packet there (this is how the first layer was removed from a bow). The second node, having received the packet, has a key to decrypt the address of the third node (another layer was removed from the bow). Thus, it is not possible to understand from the side exactly which site you finally opened in your Tor Browser window.
But notice that only the path is encrypted (routing), and the contents of the packets themselves are not encrypted. Therefore, to transfer secret data, it would be better to encrypt them beforehand (at least in the above-mentioned TruCrypt), because the possibility of their interception (for example, using sniffers) exists.
In addition, this technology there are a few drawbacks (or features):
- The ISP (or someone else who monitors your traffic) can understand that you are using Tor. What exactly you are watching or doing on the network, he does not know, but sometimes the fact of knowing that you are hiding something can have consequences. Consider this and, if possible, learn ways to enhance disguise (and they exist) if this is critical for you.
- The TOR network does not use special high-speed equipment, but, in fact, ordinary computers. From here comes another drawback - speed the transfer of information in this secret network can vary significantly and sometimes it is obviously not enough for, for example, viewing media content.
Where to download the official Russian version of Tor Browser?
On this blog I have already published an article on how. It also mentioned the Torah. Naturally, it is better and safer to download any product from the developers' site, that is, the official one (I think you know). The Tor Browser download page is located at this address (once again, for the sake of security, it is better to download from the official site):
Please note that before clicking on the download button, you should select a language. The default is English, but from the drop-down list, you can choose a dozen more options, including fully localized Russian version. So it will be more pleasant to work when the interface language is native.
Although, during installation, you will again be asked about your preferred interface language and there you will also be able to choose Russian. The rest of the installation process is no different from installing any other browser.
However, when you first start you will be asked if you need to make additional settings. to connect to the TOR network. In most cases, it will be enough just to click on the "Connect" button:
It will take some time for the browser to successfully connect to the Thor network:
After that, a window of a seemingly normal browser will open, but working with the Internet by creating encrypted tunnels (analogues).
However, the developers themselves emphasize that Thor is not a panacea (at least with the default settings). Therefore, those who are paranoid about absolute anonymity are advised to click on the link for clarification on this matter.
How to use the Thor browser?
When you first load the browser, you are immediately offered use anonymizer for searching at disconnect.me. Actually, it is this service that will be used as “” in this browser (you can change this in the settings), Ie when you enter a query on the browser tabs that are newly opened or when you enter it via the address bar, on any tab, the anonymizer disconnect.me will open with search results.
The search is actually conducted by Google (you can choose from the settings in the top panel of the service - see the screenshot below), but there is no trace of who exactly led the search (remember, I wrote about the fact that, but in fact, nothing can be completely removed therefore, those who are concerned about anonymity need to remember this).
Do not forget also select and search language (in the upper pane of the disconnect.me window on the right), because thanks to the anonymizer Google will not be able to recognize your preferred language automatically. Although, choosing, for example, Russian, you to some extent open the veil of secrets of your incognito for this search engine. But here you have to compromise - either convenience or paranoia.
Yes, another browser from Tor when you first click on the link will warn you that it is better to load pages in English, in order to avoid, so to speak.
Personally, I chose the option “No”, because convenience is more important for me, and I don’t speak any other languages \u200b\u200bother than Russian. Alas and ah.
By the way you can check it yourself, that you really "encrypted". To do this, it will be enough to go from any other browser to the site, and then do the same from under the Torah. As you can see, TOR substitutes (I became a sultry Norwegian) and this is only a small part of the protection of your anonymity.
By the way, if you click on the bulb to the left of the address bar, you can see the very chain of three nodes (proxies) that separates your computer from the site where you go (I wrote about the onion routing just above):
If desired, this chain of nodes can be changed. You can also change your “browser-made personality” if the current one is not to your taste. True, this will close all open tabs in Tor and it will be automatically overloaded.
Here it will be possible to access security settings:
By default, all privacy settings (anonymity are enabled), but the security level is at the lowest level due to the fact that only in this case you all features of this browser will be available. When setting the security settings of the Top Browser to the “high” position, a whole bunch of browser functions will be available only after their forced activation (i.e. everything is disabled by default). For me, this is a bust, so I left everything as it was, but you can choose something in the middle (compromise).
For the rest Tor Browser is similar to Mozilla Firefox, for it is essentially built on its basis. This will be clearly seen when you enter the settings (by clicking on the button with three horizontal lines in the upper right corner):
Good luck to you! See you soon on the site’s blog pages.
you can watch more videos by going to");">
You may be interested
Search history and views in Yandex - how to open it and see, and if necessary, clean or delete 
Incognito - what it is and how to enable incognito mode in Yandex browser and Google Chrome How to make the homepage of Yandex or Google start, as well as any page (for example, this) set as homepage
2. Tor is not only used by criminals.
Contrary to popular belief, Tor is used not only by criminals, pedophiles and other bad terrorists. This, to put it mildly, is far from true. Activists of all kinds, journalists, just people who love privacy make up a portrait of Tor users. Personally, I am very impressed by the position of Tor developers who answer the question “what do you have, what to hide?” With the phrase: “No, it's not a secret - it's just not your business.”And criminals have a large arsenal of tools, from personality changes to stolen devices or network access, from botnets to Trojan viruses. Using and promoting Tor you do not help criminals any more than using the Internet.
3. Tor has no hidden loopholes and backdoors.
Rumor has it that Tor was created by the military, and they specifically made hidden loopholes for themselves. Although Tor was initially funded with money from the US Navy, its code has since been publicly available, and many cryptographic specialists have been studying its sources. Everyone can study them. And now enthusiasts, advocates of privacy and anonymity on the Internet are working on the project.There is also information that US intelligence agencies hold about 60% of all nodes - but this is most likely distorted information that about 60% of funding is allocated by the United States in the form of grants.
4. There were no cases of convicting anyone for supporting the relay node.
True, in Europe, in this guise of human rights and a legal paradise, or rather, in Austria, literally the other day, the person who held the exit node was accused of complicity, because through this node passed traffic illegal content. So the danger of maintaining the output node is obvious. Well, relay nodes should be safe, as they do not know the network operation scheme, where the request came from, where it was sent to, or what kind of traffic they send. And to prove the passage of traffic through the relay is almost impossible.5. Tor is easy to use.
Many people think that Tor is something difficult for hackers and computer geniuses. In fact, the developers have already simplified its use as much as possible - just download the Tor Browser, and when you start it, you will automatically use the Tor network. No settings, commands on the command line and other things.6. Tor is not as slow as you think.
A couple of years ago, the network was slow. Now access to sites occurs at a reasonable rate. Yes, torrents cannot be downloaded via Tor - both slowly and badly for the network. But you can lead any other usual activity without irritation.7. Tor is not a panacea
Using Tor, you still need to follow a few rules and understand a little how it works, what it can do and what it cannot, so as not to negate all its efforts. If you use Tor Browser and log in to Facebook, there is little point in this. Understand how it works and use it correctly.Personally, I - a supporter of privacy and anonymity on the Internet. I propagandize and urge everyone to support the Tor project as necessary and useful, especially in light of the sad events with the new laws "against the Internet". Support the Tor network. Set yourself a relay - if you can allocate at least 50 kb / s for Tor in your channel, this will be enough.
Why I advocate for privacy and the possibility of anonymity. After all, I am a law-abiding citizen and I have nothing to hide, right?
Well, I personally can answer this with the following arguments:
- i may have nothing to hide, but what I do is none of your business
- times change, people change, and laws change. I wrote something in the comments, and a couple of years after the adoption of the next elegant law, it suddenly became possible to rank as extremist statements.
- i do not believe that all the people who are trying to follow my actions are crystal honest and faithful servants of Themis. That no one will try to use the information obtained in their dirty selfish purposes.
It will be interesting to know your opinion on privacy and anonymity,% username%
What is Tor?
Word Tor This is the abbreviated name of the organization that developed and maintains Thor, the full name of which in English sounds like "".
The Onion Router (TOR) is a non-profit organization that manages a network designed to protect privacy and increase anonymity on the Internet by disguising Internet traffic. The Thor program disguises your real location and does not give owners of online addresses that you visit while surfing to collect information about you and your habits.
What is Tor used for?
Tor is used by people who are concerned about ensuring their privacy. Number of users Tor sharply increased after the high-profile revelations of Edward Snowden, in which they spoke about the widespread abuse of their powers by state structures. In addition, Thor is actively used by journalists, users who want to avoid state censorship, entrepreneurs and traders in underground markets. Twilight zones of the Internet, known as the “Dark Internet” or “Deep Web” and .onion Web addresses that are not indexed by standard search engines can only be reached via Tor.
How does Thor work?
To hide your traffic and true location and your IP address, Tor uses servers and network nodes that are supported by volunteers, rather than providing you with a direct route to the websites you visit, send your traffic through a network of virtual tunnels. Instead of sending data packets directly to the server, information like a ping-pong ball is transmitted through a chain of network relays. Thus, Tor helps you to hide your digital fingerprints from unwanted eyes.
Does Tor encrypt my data and traffic?
The answer to this question is simple - no. Tor is just anonymous traffic. It does not encrypt traffic, but using virtual private networks (VPN) in addition to Tor, as well as a good habit to stay away from HTTP-based websites, can bring good results. Want more security - get used to using the HTTPS protocol, whenever possible.
Do I have to pay to use Thor?
Tor is a free open source system, and the number of programmers working to develop this system is consistent with the number of developers of Windows, Mac, Linux / Unix and Android.
How to use Tor?
You just have to pc and. The software is already configured and ready to use, but since the network redirects traffic indirectly, surfing speed may noticeably decrease.
How to access. onion addresses?
"White web" is the zone of the Internet, which is indexed by search engines, including Google. Below we have a “deep web” and a “dark web” (“dark web”), the latter of which is often associated with illegal operations.
“Onion” addresses are part of “deep web” and to access them, you must know the 16-digit code instead of the standard URL. You can find these through special search engines, forums and invitations, and some companies, such as Facebook, give out themselves. onion addresses specifically for Tor users.
How do I stay safe?
If you are going to use Tor, then you need to understand a few basic internet safety regulations. As a first step, disable all plugins and software that can open you up for attack, first, of course, Flash and Java.
You should keep in mind that Tor does not relieve you from operating system vulnerabilities, and considering how many flaws are in the software for Windows or Mac, you can use an open source operating system (for example, one of the Linux versions) to stay as secure as possible.
Anonymity does not guarantee protection from a fool
Pro-law enforcement agencies have plenty of ways to monitor your activities, so do not consider yourself 100% protected only because you use Tor. If you visit illegal domains in your country, buy or sell illegal goods, or download obviously prohibited materials, Tor will not protect you.
So should Tor be used?
If you need to anonymize your traffic, do it, but for tasks that need high Internet speed, for example, distribution or downloading via torrent, Tor is not the best solution. In addition, if you want to use the network for illegal activities, you must understand that you do this at your own peril and risk.
Do not consider Tor as the final and only solution for network security - this is just one of its aspects. VPN and transition to the HTTPS protocol are also important components to protect your privacy and your data.
The article is written on the basis of publications in the popular computer edition.
The Tor user leaves no traces on the Internet - personal data, visited websites, sent messages. The system is arranged on the principle of onion routing. For each message, a route is randomly selected through one of three nodes - by analogy with an onion: each next node encrypts the previous one. Onion routing was developed in 1995 by programmers David Goldshlag, Michael Reed and mathematician Paul Siverson.
Secret in knots
Goldshlag told Vedomosti about the method of blocking the service, which the regulator can use. After the user in the browser enters the address of the site to which he wants to get, his request is sent in encrypted form to the first one, the input node - with its own IP address. There are two types of sites - public and non-public, says Goldschlag, Russian Tor users most often connect to public. The public node's IP addresses are publicly available and, he continues, the regulator can add these IP addresses and IP addresses of sites with the .onion extension (available only in Tor) to the banned registry and restrict access to Tor at the provider level. It is difficult, all providers should work this way, but it is technically possible, the developer says.
According to Goldshlag, a good example of how this is done at the national level is China, restrictions at the provider level exist in many countries, including the United States.
IP address as evidence
On April 10, 2017, the mathematician Dmitry Bogatov was arrested. According to the investigation, from his IP-address someone Ayrat Bashirov posted on the Internet texts calling for terrorist acts. The investigation believes that with the help of Tor, Bogatov has hidden traces of his presence on the Internet. Protection indicates that out of 104 IP addresses worldwide, from which Bashirov went online, the only one tied to a computer in Moscow was selected.
It is much more difficult to block a connection through non-public sites: their IP addresses are not in public access, and the addresses are transferred in encrypted form, Karen Ghazaryan, an analyst at the Russian Association of Electronic Communications, explains, and in order to use a non-public site, it is enough to reconfigure the browser.
Roskomnadzor in its own right
For five years, the number of Russian Tor users has increased 3 times, Goldschlag reports, and refuses to discuss the plans of the regulator on Tor. The profile official does not yet know whether Roskomnadzor plans to limit access to the service.
Roskomnadzor will have enough anonymizer law to block Tor's input nodes, Artyom Kozlyuk, head of the Roskomsvoboda public organization, said, but this may happen not earlier than mid-December: the department should ask the service not to provide access to prohibited sites, wait 30 days and, if the answer is not will, start detecting input nodes. Kozlyuk doubts that Roskomnadzor will decide to block the domain zone. Ion, where millions of pages Tor: they are used by the media, scientific communities and social networks.
Operators against
If the operators block publicly known Tor nodes, it’s easy to stop working in Russia, said Cisco security consultant Alexey Lukatsky. Users can bypass this prohibition using a VPN, so blocking Tor at the same time as limiting the operation of VPN services, he warns.
To bypass the blocking of Tor using a VPN, it is enough to buy a foreign IP address from a foreign VPN service; Russian law does not apply to it.
Tor can be blocked, but people will find a way to circumvent the ban, I am sure Sergey Nikitin from Group-IB: Chinese users visit forbidden sites through improved versions of Tor.
Russian became the person involved in the criminal case for reports of terrorist attacks. He says he just went to the blocked sites via Tor
+
In October 2016, an email was received by the administration of one of the regional centers in Russia about an impending attack. The report, received by the mayor's office on October 17 at 2:20 am, reported on an alleged explosion in one of the city’s shopping centers. From the decision of the local district court (the text of the document is at the disposal of “Medusa”) it follows that the threat of an explosion was qualified as a deliberately false report of a terrorist attack. On October 19, a criminal case was opened into the post.
The investigation is engaged in the FSB. The decree states: FSB officers found that a message about an impending explosion was sent from IP 163.172.21.117 (according to the RIPE IP address database, the address is registered in Paris). The secret services managed to find out that this IP is actually a “service for hiding and changing addresses”, that is, one of the active output nodes of the Tor network, which started operating in September 2016.
The person involved in the criminal case was a resident of a Russian city, using the French Tor exit node on the night of October 17th. The FSB established that on October 17, from 1:30 to 3:00, a connection was made to the IP address 163.172.21.117 from a city in which a false report about the terrorist act was recorded. The user who could do this has been identified; in the case he goes as a witness Soon the FSB left the case, follows from court documents.
The person involved in the criminal case really uses Tor.
He himself told Medusa that he had several services installed on his computer to preserve anonymity, including Tor. According to him, he uses them to access websites blocked in Russia; Most often these are torrent trackers and anime sites. The person involved does not remember whether he used Tor on the night of October 17, but insists that he did not send any reports of terrorist attacks. He says that at the same time thousands of other Tor users could use the same exit node, one of them could send a message about the attack.
During the search, all the equipment was seized from the person involved in the case.
He told Medusa that on December 29, 2016 at about 19:00 police officers came to him with a search: “I was given a court order. Went to rummage to my room in things. Then they began to seal the technique. The rest of the rooms looked purely visually. In the end, they took all the equipment: two computers, all phones, all flash drives, even a non-working film camera. They even wanted to take the monitor, but then they changed their mind. ” On the same day he was interrogated by the Ministry of Internal Affairs. “They asked if anonymizers were installed on the computer, for what purposes, what sites you visit,” he says.
He was read and a letter about the attack sent to the city administration, and asked if he wrote it. According to him, the letter was about "complete madness." The person involved in the conversation with Medusa recounted the content of the message as follows: “I am on my way to your city. Soon everything will blow up here, only blood and pieces of meat will be around. ”
Eight months after the search, the case lay motionless.
The person involved in the criminal case says “Medusa” that from December 29th he was not called in for questioning, and also did not report any results of investigative actions. At the same time, he assumes that the police can change his status and transfer him from witnesses to accused. “I am apolitical, I am not campaigning for [oppositionist Alexei] Navalny. I am basically no one at all. I never even had an administration. I am just a hakka, I am constantly sitting at home and not hanging out anywhere. I am the ideal target without money and connections to dangle it on someone. I will not be able to oppose anything to them, ”he stresses. In the Regional Department of the Ministry of Internal Affairs of the region, they refused to speak with Medusa by telephone.
On August 15, the person involved in the criminal case himself came to the MVD to the investigator in the case and inquired about the investigation. The police told him that the results of the examination were not yet ready, but promised that it would be completed by early September.
On October 17, 2016, administrations of several Russian cities received electronic reports of explosions. Among other things, the same type of messages, as follows from the court order, were sent through the websites of the administrations of St. Petersburg, Yekaterinburg, Kaliningrad and Yaroslavl. Police officers found out that when sending a message about the terrorist attack through the website of the administration of Yekaterinburg their author used the address [email protected]; The form for sending messages on the administration website did not require any confirmation of the email address - and any user could enter and use any (even someone else's) address. When sending electronic messages to the administrations of other listed cities (including the city where the hero lives this material), you can also use any mail without confirmation. Which e-mail addresses were used in other cities are not mentioned in the court order.
After checking the email address, a second person appeared in the case.
post office [email protected] was registered with the help of a private paid server, which, according to the investigation, belongs to the company “Klaudpro”, which rents servers. Employees of the Ministry of Internal Affairs learned that the server services were paid from Yandex.Koshelka, tied to the mobile number of the Megafon subscriber - Muscovite Dmitry Chechikov. The court order says that the payment was made just for the registration of the mailbox, but most likely it means the services of renting a server that was used as a VPN when registering the postal address.
The court order, which is at the disposal of Medusa, states that as far back as 2000, Chechikov "attempted to commit a knowingly false report about an act of terrorism" by sending emails in Vladimir (he was punished, it is not known). The first person involved in the case says “Medusa” that he is not acquainted with Chechikov. Chechikov himself refused to talk to Medusa.
July 30, Vladimir Putin signed a law banning services to bypass locks. The President of Russia has signed a package of amendments to legislation that prohibit the use of means for circumventing locks. It will take effect in November 2017. Thanks to them, the FSB and the Ministry of Internal Affairs will have the authority to find services (anonymizers, VPNs and other means to bypass blocking), which help users gain access to sites blocked in Russia. If the owners of such services do not prohibit access to information prohibited in Russia, they will also be blocked.
Pretty confusing story. Can you briefly explain what happened?
1. In October 2016, someone sent to the administration of several Russian cities at once reports of impending explosions, among them Petersburg, Yekaterinburg, Kaliningrad and Yaroslavl.
2. Apparently, in all cases, the attackers used the means to preserve anonymity.
3. We are aware of one criminal case brought on the results of these events; there are two persons involved in it. One of them got into the case because he used Tor at the moment when a message about an impending explosion came to the administration of his city. The second is due to the email address specified when sending a false report about the attack to the administration of Yekaterinburg.
4. Simultaneously with the first person involved in the criminal case, thousands of people from around the world could use the same Tor exit node - anyone could send a message. In the case of the second person involved: the city administration sites do not check the entered e-mail, users can specify someone else's or just fictional.
At the request of the hero, “Medusa” does not indicate his name and the name of the city in which he lives.
