What is Tor?

Tor is a proxy. It operates by bouncing  your request off servers (AKA other users computers) until it eventually reaches its destination. There, the end computer decrypts your data and sends the request to the server - for example, Yahoo.com. It gets the response back from Yahoo.com, encrpyts it and bounces it off servers all the way back to you again.

Sounds great! Well yes and no. Its important to understand what Tor does. It encrypts and scrambles data in transit making it harder to figure out the source for. But it does NOT provide a secure means of communication. Think of it this way. You have tor running and you send off a request to yahoo mail. It encrypts on your computer, and then bounces of 20 servers along the way. None can see what you've asked for or the destination url. So far so good. But then it comes to the last hop, the exit server. The last server can't send it encryped to yahoo mail - it has to decrypt it and then send it on. Suddenly, your information is a lot more vulnerable.

 What would happen if Mr. Baddy installed some packet sniffing software on his computer?  Ooh, like say wireshark or something? Suddenly, your request is showing up in plain text on Mr. Baddy's screen. Now your whole online existence has been compromised.

Where tor excels is in scrambling the the source of a request. For anyone in Yahoo looking at their logs, the request for your mail comes from Mr. Baddy's computer. Its a far cry, and 20 servers, from the source of the original request - you.

Terrible for checking your emails, logging onto sites, banking, ecommerce or anything that you really, really should be doing on HTTPS.

Great for privacy. The downside is obvious - those viewing things they shouldn't be (eg child porn) could be using your computer as a relay (you can turn off or on, whether to use your computer as a relay - you can use TOR as a client alone). One particular instance is http://itnomad.wordpress.com/2006/09/10/germany-crackdown-on-tor-node-operators/

 Tor is easy to install and can be downloaded from  http://www.torproject.org/

Torbutton is a firefox plugin for TOR and can be downloaded from https://addons.mozilla.org/firefox/addon/2275