This article is about the software and network. For the software's organization, see The Tor Project, Inc. For other uses, see Tor (disambiguation).
|Developer(s)||The Tor Project, Inc|
|Initial release||20 September 2002|
|Stable release|| |
0.2.7.6 (11 December 2018.104.22.168 (7 April 2015 ) [±] 0.2.6.10 (12 July 2015 ) [±] 0.2.5.12 (7 April 2015 ) [±] ) [±]
|Preview release||0.2.7.4-rc (22 October 2015) [±]|
|Operating system|| |
|Type||Onion routing, Anonymity|
Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than six thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.
Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of an onion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.
An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user's computer. The NSA has a technique that targets outdated Firefox browsers codenamed EgotisticalGiraffe, and targets Tor users in general for close monitoring under its XKeyscore program. Attacks against Tor are an active area of academic research,which is welcomed by the Tor Project itself.
A cartogram illustrating Tor usage
The core principle of Tor, "onion routing", was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson and computer scientists Michael G. Reed and David Goldschlag, with the purpose of protecting U.S. intelligence communications online. Onion routing was further developed by DARPA in 1997.
The alpha version of Tor, developed by Syverson and computer scientists Roger Dingledine and Nick Mathewson and then called The Onion Routing project, or TOR project, launched on 20 September 2002. On 13 August 2004, Syverson, Dingledine and Mathewson presented "Tor: The Second-Generation Onion Router" at the 13th USENIX Security Symposium. In 2004, the Naval Research Laboratory released the code for Tor under a free licence, and the Electronic Frontier Foundation (EFF) began funding Dingledine and Mathewson to continue its development.
In December 2006, Dingledine, Mathewson and five others founded The Tor Project, a Massachusetts-based 501(c) research-education nonprofit organization responsible for maintaining Tor. The EFF acted as The Tor Project's fiscal sponsor in its early years, and early financial supporters of The Tor Project included the U.S. International Broadcasting Bureau, Internews, Human Rights Watch, the University of Cambridge, Google, and Netherlands-based Stichting NLnet.
From this period onwards, the majority of funding sources came from the U.S. government.
In November 2014 there was speculation in the aftermath of Operation Onymous that a Tor weakness has been exploited. A representative of Europol was secretive about the method used, saying: "This is something we want to keep for ourselves. The way we do this, we can’t share with the whole world, because we want to do it again and again and again." A BBC source cited a "technical breakthrough" that allowed the tracking of the physical location of servers, and the number of sites that police initially claimed to have infiltrated led to speculation that a weakness in the Tor network had been exploited. This possibility was downplayed by Andrew Lewman, a representative of the not-for-profit Tor project, suggesting that execution of more traditional police work was more likely. However, in November 2015 court documents on the matter generated serious ethical security research as well as Fourth Amendment concerns.
In December 2015, Tor announced that it had hired Shari Steele as its new Executive Director. Steele had previously led the Electronic Frontier Foundation for 15 years, growing that organization from a small group of lawyers, to a group of more than 60 lawyers, technologists, activists, and international program specialists. Steele has extensive familiarity with Tor, dating back to 2004, when she spearheaded EFF's decision to fund Tor's early development.