What Is The Tor Network?

Tor-logo-2011-flat.svgTor is the name of the software that enables anonymous online browsing. It is the acronym of “The Onion Router,” which was how the project was named. Any online activity of an individual is traceable to his/her IP address. Any network is aware of the websites being accessed by the user. However, a Tor network is encrypted and routes the traffic through relays making it appear as if it is emanating from exit nodes. The exit node, however, does not know the user’s address. Therefore, when using Tor, it is difficult to trace back the internet activity of an individual.

What is Tor

The very first version of the onion routing software (so named because of the many layers of obscurity that is offered) was developed by the employees of the US Naval Research Laboratory, mathematicians and a computer scientist in the mid-1990s. This project was constituted to protect online communications among intelligence agencies. It was further developed by DARPA and many others later that make up the Tor project today. Though many non-profit organizations were involved in funding the project in its earliest stages, the US government made up the majority of the funding sources in its later stages. The Tor is free to use and consists of a voluntary network that consists of over 7,000 relays (computers) worldwide. The encryption is implemented in the application layer of the communications protocol. The data and the destination IP address are encrypted a number of times and are sent through many Tor relays that are randomly selected. One relay’s job is merely to decrypt the information to reveal to the next relay and send the entire packet of encrypted data to the next one. It is the job of the last relay to decrypt the layer that is innermost and send it to the destination IP address. The source IP address is not visible to the relay. At every hop in the circuit, the routing information is only incompletely visible with no knowledge of the source and destination. It, therefore, becomes difficult to track the information through the Tor circuit. All traffic that moves within the Tor network is encrypted.

How to Use Tor

The safest way to use Tor is by downloading and using the Tor Browser Bundle (customized for FireFox). This is a portable and customized version that is available for Windows, Linux and Mac platforms. This standalone version can be used whenever a user wants to browse anonymously. One can switch back to the regular browser when the browsing is over.

This bundle is available in a preconfigured version with settings and extensions that can be used for Tor. Using Tor with other browsers may not make it very safe as usage of some of the other browser plugins may reveal the user’s IP address. This browser bundle disables all plug-ins and makes it safe for use. The Tor Browser bundle also includes extensions that enable HTTPS with websites that have the matching support. HTTPS provides encryption of the last node and the target website.


The Tor Browser Bundle need not be installed for it to work. It can easily be loaded onto a USB drive and run from there. The downloaded .EXE file is double clicked to extract it to the hard drive or USB. A Tor Browser folder is created and the next step is to click on the Start Tor Browser icon in the folder. The .EXE launches Vidalia that helps to connect to the Tor network. Thereafter, Vidalia automatically opens the customized Firefox browser for Tor. After the browsing is over, Vidalia automatically disconnects Tor and the browser is closed. The browsing is done as one would with a normal browser.

It is a good idea to check the installer’s GPG signature before working the bundle. This ensures that the version that the user has downloaded is not a tampered version. It is important to note that this check requires that some additional software be downloaded. It is also not recommended that you download PDF and DOC files or open them in other applications when using Tor. The external application may connect to the Internet for additional resources and this action may reveal the user’s IP address. It is a known fact that the Tor browsing experience is a slower one when compared to the normal browsing experience. However, users understand that the slow speed is the price paid for the relative obscurity that the network offers.

The Deep Web, Dark Web, and Darknet Markets

The deep web refers to web pages and contents that are not indexed by regular search engines and accessible only with special software such as Tor,whiledark web is just a small part of the deep web. Darknet markets are sites operating on the dark web. They function as online black markets dealing with licit and illicit goods and services.

Deep Web – The Hidden Part Of The Internet

The Deep Web

icebergdeepweb-1The first distinction to make when defining the “deep web” is the difference between the deep web and the surface web. The surface web consists of all content that can be crawled and indexed; the content a search engine can retrieve. This includes typical news sites, social media pages, etc. The deep web includes any content not indexed or retrievable via search engine. This includes not only the illegal darknet markets but also benign content such as corporate intranet sites.

Many use the terms deep web and dark web/dark net interchangeably, but there is a distinction. The dark net is an overlay network of the Internet in which the content is part of an anonymous encrypted network. In addition to not being retrievable by search engines, the content on these sites has been intentionally hidden and cannot be accessed via standard web browsers such as Chrome or Firefox. The identities and locations of site operators are also concealed. Like the well-known geometry adage that “every square is a rhombus, but not every rhombus is a square,” all sites on dark net are part of the deep web, but not all content on the deep web is part of the dark net.

Sites on dark net are concealed through methods such as Tor’s hidden services. Tor’s hidden services remove the need to provide an IP address to the user by configuring a server that obfuscates the host’s IP. Instead, to access the site, users enter a 16 character code called an “onion address,” most distinctly marked by the .onion domain. These hidden pages are what make up the dark net- the sites that most often are associated with illegal goods trafficking and nefarious activity. One of the most famous darknet markets and one that we are all familiar with is Silk Road – the sitethat law enforcement shut down in 2013.

6a00e54fce13cf88340148c6ab4213970c-800wiThe dark net’s anonymous browsing capabilities attract its users. It is used by a wide variety of individuals: journalists, whistleblowers, those seeking to avoid government censorship, as well as the infamous illegal goods vendors selling drugs, guns, counterfeit materials, child pornography, etc. While the dark net has a reputation of being a hub of illicit activity, many dark net users are simply privacy advocates who prefer their benign online activity hidden from government surveillance. Thus, content on the dark net ranges from news and information shared by journalists and whistle blowers to anonymous email clients, such as Sigaint, forums and online marketplaces that serve as a meeting place for illegal activity.

Accessing dark net sites requires either a network configuration or specific software, which the user installs onto their desktop. Most darknet users use Tor, a free anonymous software, but other options, such as I2P, FreeNet, RetroShare, GNUnet, Zeronet, Syndie, OneSwarm, and Tribler also exist. Since Tor is the most popular, this guide will explain how to connect using Tor. First, the user downloads the Tor browser bundle and follows the installation instructions. Once Tor is installed and launched, the browser will automatically connect to the Tor network.

Tor implements a three-node model, termed onion routing, to conceal the user’s IP address. The user’s local computer connects to an entry node to access the Tor network. The entry node knows the IP address of the user since it directly communicates with the computer. The entry node then passes an encrypted request to the relay node, which, because it is communicating only with the entry node and not the user’s computer, does not know the original IP address. The relay node then communicates with the exit node, where the request is decrypted and sent to the Internet. The exit node only knows the IP address of the relay node, but not entry node or the user’s computer.  Once on the Tor network, the user then has access to dark net sites, provided they have the proper .onion domain addresses. For first time users or dark net newcomers, these addresses can be found on open net forums or index sites, such as Hidden Wiki and also Dark Net news sites such as DarkWebNews.com.