There are many reasons you may be accessing the dark web, and it is almost certain that if you find yourself in need of entering this network, then you’ll choose the Tor browser for it. Tor is pretty much the best and most supported option out there to stay anonymous on the dark net and the internet, but is the Tor network really as solid as everyone thinks it is? Well, the answer is complicated.
The truth is that Tor is not secured, or at least not enough to make it bulletproof. But then again, there is no security system in existence that can’t be broken with enough time and skill. Even though the Tor project does feature quite high security standards, there are several ways in which information can be leaked from their network if users are not careful. Most of them are unlikely to happen, but the risk is there and you should be protected if you are willing to take it.
Understanding the Tor Network and the Exit Node Vulnerability
The first of the vulnerabilities in the network requires you to have a slight notion of the way it works:
Normally, to connect to a website, your browser would send requests directly to its servers which would then send a reply and, through that process, the web pages would be downloaded for you to navigate. When you use Tor, the process is similar, except that the traffic generated by the browser does not go directly to the website’s servers, it enters the Tor network, which is a network of servers that reroute the traffic in order to disguise the information contained in it.
This way, by the time your request has reached the final stop (the website), the information from its origin has been changed and neither the website nor eavesdroppers can track you from it. This works great in most cases, but it has one major flaw. If the website you’re accessing is not encrypted, the node (server) from the Tor network that ends up connecting to it, also called the ‘exit node’, has to establish an unencrypted connection with the website in order navigate it, making it an evident way in which Tor is not secured.
Even if details like your IP address have been hidden from your requests, if you’re sharing private information with the website, like registration info containing names, email addresses and such, it could be monitored by the exit node. Not to mention that it could also be intercepted by a spy in the link between the exit node and the website server. The key thing here is encryption, so in order to avoid this, all you should do is ensure you’re connecting to protected websites. These are easy to identify by the HTTPS prefix in their URL.
It’s worth noting that this vulnerability can only happen by accessing websites from the clearnet (the normal internet) since websites from the darknet can’t really be accessed without a protocol with enabled encryption. Although if you’re concerned about navigating the clearnet safely, perhaps you should consider hiring a VPN service (see below).
Scripts and Third-Party Software
By default, the Tor browser comes with certain security configurations involving website scripts and third-party software. It will normally block JavaScript from loading and plug-ins like Flash from running, and for a good reason.
Including JavaScript programs, software running from your browser has access to your computer’s information and can, therefore, have the potential of leaking it to the websites it is accessing to. Enabling them in the browser is not a good idea if privacy is the main reason you opted for the browser in the first place, even Tor is not secured from the vulnerabilities of Flash.
A lot of websites in the darknet feature content from Clearnet websites, and it is well known that the latter tend to track most of the traffic directed to them, so even loading said content could lead to a leak of your information if it happens to be part of a script. This analysis extends to downloaders and bit torrent clients as well, even if they´re placed over the Tor network. There is a reason why the security settings come preconfigured in a certain way and you should respect that
Traffic Analysis
One of the most intricate (and unlikely) ways your internet traffic could be monitored if you use the Tor network is something known as ‘traffic analysis’. Just like there are exit nodes in charge of connecting you with the website you want, there are entry nodes, which are in charge of first receiving your traffic when you enter the network.
Information of the entry nodes is valuable because it contains the IP address of the computer that originally made the request, while information from the exit nodes is important because it contains the final destination of a request. With enough data from entry nodes and exit nodes, it is theoretically possible to establish a correlation between the pieces of information and identify a user’s traffic in the process. This would let whoever’s running this analysis to get the IP addresses of many users from the networks.
The reason this is unlikely to happen is that it would require an insane amount of time and computing power to match two pieces of traffic in such a wide network. Even though this is another way in which Tor is not secured, the probabilities are against anyone who tries it. Still, the risk is there, and by the qualities of its implementation, traffic analysis would be the perfect way for a government’s surveillance agency to spy on darknet users.
The Extent of Vulnerabilities and Adopting a VPN
A study conducted by the University of Deusto, located in Spain, found earlier this year that roughly 35% of the nearly 1.5 million sites analyzed by them contain vulnerabilities that could lift the anonymity of their users, with little to no action being taken by site operators. This study makes it evident that even with all the measures taken by the Tor Project to protect your navigation, there are still several ways in which it could be exposed.
There are a few things you can do to strengthen your anonymity and, with it, your privacy like using a VPN. You might be familiar with the term, Virtual Private Networks or VPNs are a way of hiding your online traffic. They reroute it through a network of servers similar to the Tor network, except these servers are run by private companies with the goal of ensuring your protection.
Most VPN services provide you with hundreds of servers to connect to, distributed throughout of dozens of countries. This lets you disguise your connection and even if you end up entering the Tor network, your ISP won’t find out. This makes you immune to traffic analysis and vulnerabilities from third party software.
Good providers like TorGuard will also provide you with a lot more features to add extra layers of security over your identity. For example, they keep no logs about your online activity so you can be sure you’re leaving no trace behind. Proficient VPNs like these don’t limit your connection’s speed or bandwidth, letting you navigate as you’d normally do. They’ll even let you establish several connections at home to keep all your devices protected.
Remember that even if the Tor Project is an amazing example of the great achievements of online communities, it is not a magical solution. VPNs are one good if not the best option to add an extra layer of privacy to your online activity. They get along perfectly with Tor, so even knowing you can never be bulletproof while online, you can be sure you’re making the life of hackers and eavesdroppers a living hell.
