This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Internet & WWW

Anonymous Web surfing with TorK

By Federico Kereki on May 16, 2008 (7:00:00 PM)

Share    Print    Comments   

Everyone who surfs the Net is eminently trackable. Internet data packets include not only the actual data being sent, but also headers with routing information that is used to guide the packages to their destinations. Even if you use encryption for extra safety, the routing information -- which cannot be encrypted -- can reveal details about what you're doing, who you're talking to, what services you're connecting to, and what data you're accessing. Intermediaries (authorized or not) can also see that data and learn about you. If you want a higher level of anonymity, TorK can do the job. It uses The Onion Router (Tor) network to provide you with a safer way of browsing.

Tor sends your network packets through a network of encrypted virtual tunnels, creating a practically untraceable path back to you. When you want to connect to a specific URL, you first connect to a Tor server, which in turn sends the packets to another Tor machine, and so on, until your traffic eventually reaches its destination by means of a complicated, untrackable route. If you make another connection, you get a new route. Anybody who wanted to trace the packets back to you would have to go through several steps, and without any logging to reveal where your traffic came from, the trail would quickly become impossible to follow.

The first version of Tor was made available under a BSD license in 2004. The current version is 0.1.2, from January 2008, with a preview 0.2 release version on its way.

What is TorK?

TorK is a special KDE package that helps you with Tor and other related tools. TorK is licensed under the GPL, and its latest version is 0.28 from late 2007.

Installing TorK is easy. Anonymityanywhere.com offers packages for several distributions, as well as source code. In order to be able to use TorK, you'll also have to get netstat (included in the net-tools package), GeoIP, and Privoxy; they're needed for TorK but not included within. TorK uses netstat to look for network activity that might breach your anonymity, while GeoIP provides geographic information for IP addresses, and Privoxy mediates between your browser and the Internet, filtering out any outbound personal information you could inadvertently send out. If you also want to be able to send anonymous email, add Mixminion to the list of packages. If you plan to use Firefox, it's a good idea to get the Firefox Torbutton add-on, which allows you to enable or disable the usage of Tor.

The first time you launch TorK, a first-run wizard will help you configure your box. You will have to make the following decisions:

  • Whether you want to run Tor on your PC (choose this one), or whether you want to monitor a remote Tor installation.
  • Whether you want to set Tor to start at boot time, or start it manually.
  • In what mode you want to run Tor: as a client, a server, a relay, or more. Just pick "Run a Tor Client with Default Settings," and if you ever decide to become a full-fledged server or relay (to provide anonymity to other people), you can change the settings later.
  • Whether you want to use Privoxy for privacy, or if you have another application for that; pick the former.
  • Whether you configured Privoxy to start at boot time, or if it needs be started up manually. Pick the latter, and TorK will start and stop Privoxy on its own when needed.
  • Whether you want to allow netstat to run as root. If you're installing TorK on a server with several users at the same time, this would be a bad idea (those users might monitor all network activity too) but for laptops and desktop machines you can accept it.

Tork's main window shows a Play button; click it, and you will be connected to the Tor network. After you're up and running, several other formerly disabled buttons will be available. For example, you can choose anonymous browsing (with Firefox, Konqueror, or Opera; you would have to configure other browsers on your own to go through Privoxy), send anonymous email, chat (with Konversation, but remember not to use your own name if you're serious about privacy), run an anonymous Web site or Web service, or start an SSH session. After clicking on the appropriate command button, you will probably get some information; you are also likely to get warnings if anything is set up in an inconvenient, unsafe, or unsecure way.

If you want to be sure that you're browsing anonymously, visit a site like WhatIsMyIP.com or whatsmyip.org. They should report an IP address that differs from what you see if you run ifconfig.

The Tor Network tab on the TorK window shows you your current connections, and all available Tor nodes, represented by a national flag and their names; click on any node to get statistics, or drag and drop a node to add it to your circuit. You can see all the traffic in the Traffic Log tab. Clicking on Change Identity forces TorK to find a new path through the Tor network. Unfortunately, the Help button is dated, providing information on the 0.1 version from 2001.

Conclusion

If you require safe, anonymous browsing, TorK can help you take advantage of the Tor network. TorK provides a simple interface and configuration, reducing the risks that a wrong setup can create. With just a few clicks, you can use TorK to start working transparently.

Federico Kereki is an Uruguayan systems engineer with more than 20 years' experience developing systems, doing consulting work, and teaching at universities.

Share    Print    Comments   

Comments

on Anonymous Web surfing with TorK

Note: Comments are owned by the poster. We are not responsible for their content.

Anonymous Web surfing with TorK

Posted by: Anonymous [ip: 134.174.149.186] on May 16, 2008 09:37 PM
Is there any GNOME application that does the same thing as TorK?

#

Anonymous Web surfing with TorK

Posted by: Anonymous [ip: 77.91.22.107] on May 16, 2008 10:49 PM
Just try to install it under Gnome.
Just because it has a "K" letter in it's name doesn't mean it won't work under Gnome.

#

Re: Anonymous Web surfing with TorK

Posted by: Anonymous [ip: 134.174.149.186] on May 16, 2008 11:43 PM
I know it works under Gnome, but I'd really prefer not to install all those fat KDE libraries and its long list of dependencies... I guess I'll do it the hard way from cli.

#

Problems with this

Posted by: Anonymous [ip: 217.219.236.17] on May 17, 2008 06:27 PM
Many security problems and design flaws are there in Tor. Last year, an adversary could be able to capture email passwords of many ambassadors in Netherlands from Tor output traffic.
This was designed by a US army fund (see its official site for design documents), so expect anything from it, other than privacy. :-)

#

No problem

Posted by: Anonymous [ip: 74.86.156.135] on May 17, 2008 09:26 PM
Tor is not meant to be used for privacy but for anonymity and it does a great job of keeping you anonymous, you need to understand the difference between privacy and anonymity first.

Phantomix is also a great distro that includes tor, google for it if you are interested, and I also reccomend OnionOS which I use, only avaiblable through bit torrent there is no website to download OnionOS.

#

Re: Problems with this

Posted by: Anonymous [ip: 192.168.0.108] on May 18, 2008 02:32 PM
People must be very retarded if they check their personal email using Tor. Come one!

#

Re: Problems with this

Posted by: Anonymous [ip: 129.240.235.122] on May 20, 2008 11:23 AM
The embassy e-mail account details leak had more to do with the lack of encryption employed than the use of Tor, although what may have facilitated the leak was the ability for people to monitor a few known Tor endpoints instead of having to spread their monitoring across many more Internet nodes. Had the actual data been encrypted through the use of secure protocols, there wouldn't have been a leak, however.

#

Better way to test it

Posted by: Anonymous [ip: 70.251.118.92] on May 18, 2008 04:05 PM
torcheck.xenobite.eu is a better method of testing whether or not tor is working.

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya