mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
fdc0389ca0
svn:r403
124 lines
4.0 KiB
Plaintext
124 lines
4.0 KiB
Plaintext
The Onion Routing (TOR) Frequently Asked Questions
|
|
--------------------------------------------------
|
|
|
|
1. General.
|
|
|
|
1.1. What is tor?
|
|
|
|
Tor is an implementation of version 2 of Onion Routing.
|
|
|
|
Onion Routing is a connection-oriented anonymizing communication
|
|
service. Users build a layered block of asymmetric encryptions
|
|
(an "onion") which describes a source-routed path through a set of
|
|
nodes. Those nodes build a "virtual circuit" through the network, in which
|
|
each node knows its predecessor and successor, but no others. Traffic
|
|
flowing down the circuit is unwrapped by a symmetric key at each node,
|
|
which reveals the downstream node.
|
|
|
|
Basically tor provides a distributed network of servers ("onion
|
|
routers"). Users bounce their tcp streams (web traffic, ftp, ssh, etc)
|
|
around the routers, and recipients, observers, and even the routers
|
|
themselves have difficulty tracking the source of the stream.
|
|
|
|
1.2. Why's it called tor?
|
|
|
|
Because tor is the onion routing system. I kept telling people I was
|
|
working on onion routing, and they said "Neat. Which one?" Even if onion
|
|
routing has become a standard household term, this is the actual onion
|
|
routing project, started out of the Naval Research Lab.
|
|
|
|
(Theories about recursive acronyms are ok too.)
|
|
|
|
1.3 Is there a backdoor in tor?
|
|
|
|
Not right now, but if this answer changes we probably won't be allowed
|
|
to tell you. You should always check the source (or at least the diffs
|
|
since the last release) for suspicious things; and if we don't give you
|
|
source, that's a sure sign something funny could be going on.
|
|
|
|
2. Compiling and installing.
|
|
|
|
[Read the README file for now; check back here once we've got packages/etc
|
|
for you.]
|
|
|
|
|
|
3. Running tor.
|
|
|
|
3.1. What kind of server should I run?
|
|
|
|
The same executable ("or") functions as both client and server, depending
|
|
on which ports are specified in the configuration file. You can specify:
|
|
* APPort: client applications (eg privoxy, Mozilla) can speak socks to
|
|
this port.
|
|
* OPPort: onion proxies (client onion routers) connect to this port.
|
|
* ORPort: other onion routers connect to this port
|
|
* DirPort: onion proxies and onion routers speak http to this port, to
|
|
pull down a directory of which nodes are currently available.
|
|
|
|
3.2. So I can just run a full onion router and join the network?
|
|
|
|
No. Users should run just an onion proxy (use the 'oprc' config file).
|
|
If you start up a full onion router, the rest of the routers in the
|
|
system won't recognize you, so they will reject your handshake attempts.
|
|
|
|
3.3. How do I join the network then?
|
|
|
|
If you just want to use the onion routing network, you can run a proxy
|
|
and you're all set. If you want to run a router, you must convince
|
|
the directory server operators (currently arma@mit.edu) that you're a
|
|
trustworthy person. From there, the operators add you to the directory,
|
|
which propagates out to the rest of the network. All nodes will know
|
|
about you within an hour.
|
|
|
|
3.4. I want to run a directory server too.
|
|
|
|
If you run a very reliable node, you plan to be around for a long time,
|
|
and you want to spend some time ensuring that router operators are
|
|
people we know and like, we may want you to run a directory server
|
|
too. We must manually add you to the 'dirservers' file that's part of
|
|
the distribution; users will only know about you when they upgrade to
|
|
a new version. Of course, you can always just start up your router as a
|
|
directory server too --- but users won't know to ask you for directories,
|
|
and more importantly, you'll never learn from the real directory servers
|
|
about recently joined routers.
|
|
|
|
|
|
4. Development.
|
|
|
|
4.1. Who's doing this?
|
|
|
|
4.2. Can I help?
|
|
|
|
4.3. I've got a bug.
|
|
|
|
|
|
5. Anonymity.
|
|
|
|
5.1. So I'm totally anonymous if I use tor?
|
|
|
|
|
|
|
|
5.2. Where can I learn more about anonymity?
|
|
|
|
5.3. What attacks remain against onion routing?
|
|
|
|
tagging: can change bytes in the cells, even through link encryption
|
|
end node can give back wrong data, even subtly wrong data.
|
|
|
|
|
|
6. Comparison to related projects.
|
|
|
|
6.1. Onion Routing.
|
|
|
|
Tor *is* onion routing.
|
|
|
|
6.2. Freedom.
|
|
|
|
|
|
7. Protocol and application support.
|
|
|
|
7.1. http? ftp? udp? socks? mozilla?
|
|
|
|
|
|
|