Today we are going to talk about Tor. The US government hates Tor (which, I suppose, gives us common ground with the Russians), despite the fact that it was the US government that developed Tor. Critics of Tor will point to the the Darknet that Tor creates, and the nefarious and reprehensible actions it enables. On the flip side, proponents of Tor will point its role in empowering dissidents in Iran, Egypt and elsewhere, as well as its use by journalists and whistle blowers.
It’s easy to think about the need for Tor in abstract terms, as something that you only need to worry about if you live under an oppressive regime somewhere on the Eastern or Southern hemisphere. But the need for Tor on US soil is acute and pronounced. And this is to say nothing about privacy concerns in the workplace.
Whether it be a defense contractor, a major financial institution, a major public university, or the federal government, no target should be too big (or, for that matter, too small) for criticism and accountability. The threat of backlash against whistle blowers, journalists, and any activist for change can produce an alarming chilling effect that threatens some of the core principles that our Country was supposedly built upon.
To be clear, Tor won’t protect you from targeted surveillance. The truth is, a focused, well-funded ad technically proficient individual can always get at your private data. The key, though, is to keep yourself safe from bulk surveillance so that you reduce the likelihood that you end up in someone’s cross hairs to begin with. Even if you aren’t particularly concerned about your own data, widespread use of privacy-enhancing technologies helps to make the Internet safer for everyone.
Using Tor is surprisingly easy. The Tor Project provides a simple download that you can run on a Mac, Windows, or Linux PC. The Tor Browser Bundle, once installed, will automatically connect you to the Tor network and launch a modified version of the Firefox web browser. And that’s it.
Well, not really.
A fundamental problem is that large swaths of the Internet are designed to work under the assumption that you have no real expectation of privacy and as a result, there’s a lot of websites that won’t work properly, or won’t work at all, when using Tor. Oxyconnect, for example, will work but only if you use it in “basic mode”. The Tor Project gives you some guidelines of what to do and what not to do, but in general, expect that if a site is not working properly in Tor, you should simply assume that it is not possible to use that site anonymously.
Also, it is worth stating explicitly that you shouldn’t use Tor to do anything stupid. Just as widespread use of privacy-enhancing technologies makes the Internet safer for everyone, widespread misuse and abuse of privacy-enhancing technologies is just going to ruin things for those who truly need it.
And the end of the day, it is important to remember not just what technology can do but what technology can’t do. Tor is a great, anonymizing web browser but that’s all it is: a web browser. Using Tor to log into Gmail can still potentially expose who you are because Gmail itself isn’t going to maintain your anonymity.
For other technologies and products that can help keep you safe from bulk surveillance, the Prism Break project is a great place to start: