By Tim Hardy
Tor makes use of a network of volunteers across the world to smuggle information across borders
Steven Sumpter has written an excellent introductory guide to why you should run Tor and has not shied from explaining some of the minor risks inherent in doing so.
Tor enables people in repressive regimes to access more of the internet than their nations’ censors allow them. There is one risk for users of Tor not covered in the article, however, that I want to highlight. Since anyone can run a Tor node, what is to stop the bad guys from doing so?
In practice this happens a lot and these are known as hostile exit nodes.
Karen Reilly at the Tor project pointed me to a post on their blog that covers this danger.
Tor provides anonymity and privacy by hiding where your Internet traffic is going and where it came from, but users must protect the security of their traffic by using encryption. Once you exit the last relay, you are back on the open Internet.
It is fairly technical so I will explain using an analogy.
Think of an old-fashioned postal service.
If you write a postcard to someone, anybody who handles your mail can read what you have written. If you put that postcard in an envelope someone has to tamper with your mail to know what you are saying. In oppressive regimes, the government have no qualms about opening your private correspondence. In imperfect democracies like that of the UK, the press steam over your virtual mail, the police look the other way and the editor of the newspaper responsible is rewarded with the full confidence of and a salary greater than the Prime Minister. As is so often the case, authoritarian regimes have a lot to learn about methods of control from societies that espouse the values of freedom and democracy.
If you send a letter through Tor, the service will help you. If you send a postcard, you are opening yourself up to danger.
So how do you know when your communications online are letters and when they are postcards?
With the web, it is fairly easy. Safe urls begin with https:// and most modern browsers will highlight the fact that you’re on a secure connection by, for example, colouring the address bar green.
With banking we are learning to be cautious. With social media, less so.
Access twitter over an unsafe connection in a web cafe in the UK and a benevolent geek might hijack your session and send a tweet out from your account containing a link to a url explaining what has just happened.
Idiocy watches for people visiting Twitter insecurely, hijacks the session and posts a tweet warning them that they are vulnerable.
In somewhere like the UK this has the potential to cause a few red faces. Elsewhere in the world, it could cost you your life.
Tor will not protect you from this kind of attack if your message is routed through a hostile exit node. Always look at the advanced options for any web service you use, be that wordpress or email or another, and enable a secure connection. If there is no option to do so, assume anyone can read your messages and trace them back to you. Secure connections may be slightly slower but online idiocy kills.