I started to write this post after a conversation with my babysitter. We were talking about Facebook, and she mentioned that she used Tor at work to access Facebook and Gmail, which were restricted by her company. Since I’ve started writing, the climate has gotten much worse for Tor.
My babysitter is far from a techie, yet she was able to install and use Tor to bypass her company’s security procedures. While opening herself her network to Facebook and Gmail, she was also opening up the network to malware, bots, and viruses.
Tor, originally The Onion Router, is a proxy used to bypass firewalls to access the Internet anonymously and without restriction. Tor used to be very rather cumbersome to install, require manual proxy adjustments, but has evolved to offer very easy to install packages. Easy enough for my babysitter to use.
Tor has value. It’s used by millions of people to bypass firewalls, and has provided for way for people to communicate who are behind the blocked and monitored firewalls of oppressive states. Some argue that the dissident movements in Iran and Egypt would have a lot of trouble communicating to the rest of the world if it wasn’t for the anonymity that Tor provides.
But the downside of Tor is the potential for abuse. Tor is used by people to perform criminal activity, such as stealing intellectual property, illegal financial exchanges, and viewing child pornography. ( I would be extremely upset as both a father and a security professional knowing that there was the potential for someone to use my network for this type of activity.)
Tor does not offer perfect secrecy. Tor exit nodes are often hosted by volunteer hosting providers and they can be isolated, and the traffic analyzed, unencrypted, and traced back to the user.
In August, 2013, The FBI arrested Eric Eoin Marques for operating an illegal child pornography network over Tor. The FBI was able to obtain this information by placing malware on a Tor exit server.
How to Restrict Tor
Tor is treacherous, and is designed to use different outgoing ports for traffic. Tor can operate over ports 80 and 443, 9001, 9030, or any open available ports. It’s essential to limit outbound ports to those you need and to those locations that you need. This is often very difficult to do.