8

I am using the Tor Browser Bundle in Ubuntu from a client machine on a restricted network. In part, I do this because it appears that TBB's native encryption allows me to bypass certain network filters which cannot inspect my data packets.

However, how safe is it to transfer sensitive information (data that I publish, sites I visit, pages I read, etc.) from within a restricted network over the Tor Browser Bundle?

jtd
  • 2,375
  • 2
  • 23
  • 31
Raja G
  • 102,391
  • 106
  • 255
  • 328

3 Answers3

5

Tor should protect you from your local network, if that's what you're worried about.

The problem with Tor is the exit node (whose traffic could be sniffed) but that's hard to predict or manipulate (unless you're the NSA). If you're using SSL over Tor, that's even better.

Personally, I'd opt to just SSH to a server of mine and use its OpenSSH's built in SOCKS proxy.

ssh -D 9090 user@server

Then you can set your browser's proxy (remember it has to be a SOCKS proxy, not HTTP - that won't work) to localhost:9090 and boom, your traffic is fully encrypted all the way out to the server.

  • Pro: To your local network it'll also look like standard encrypted SSH traffic. Much less suspicious than Tor traffic.
  • Pro: It should be faster. There's less of the deliberate snaking that Tor encourages and server bandwidth is usually pretty great. This should keep things buzzing along.
  • Meh: The endpoint (where you server sits) is still vulnerable but if it's yours, you should know the network more than you'll know the network of a Tor node.
  • Con: It's not anonymous. Your server? Your IP. Not yours? Keeps a log of you connecting.
Radu Rădeanu
  • 169,590
Oli
  • 293,335
  • Okay then , can I use just for works like using askubuntu, ubuntuforums ? because my network blocked them with custom firewall. – Raja G Jan 17 '14 at 10:30
  • You can (and you can and should use HTTPS for AskUbuntu on top of whatever you pick) but, as I've said twice before, bypassing a network filter isn't smart if that means putting your job, school position or life (in China et al) at risk to access it. If it matters that much, use a network where it is allowed (3G?) – Oli Jan 17 '14 at 11:00
1

I will say that Tor is not as safe as you may think. And I argue this statement with the following quote from this article: Is Tor's Anonymous Internet Still Secure?

Browsing the Web with The Onion Router, or Tor, is supposed to make you anonymous. Many of the encryption algorithms used by this popular Internet anonymizing protocol have likely been cracked by the NSA, says one security expert – and upgrading to the newest versions of Tor software won’t be enough to protect your privacy.

There's still much we don't know about the NSA's reported ability to circumvent online encryption. The Sept. 5 articles by The New York Times and The Guardian are light on details, but they suggest that the NSA has cracked a significant portion of the Secure Sockets Layer (SSL), the encrypted protocol that oversees the connection between your browser and the websites it displays.

That means 76 percent of Tor's supposedly anonymous network traffic might be crackable by the NSA, according to the findings of security expert Robert Graham, the CEO of Errata Security.

MORE: 13 Security and Privacy Tips for the Truly Paranoid

See also: Tor is Not as Safe as You May Think.

Radu Rădeanu
  • 169,590
0

Tools Do Not Equal Security

Security is a function of your assets you want to protect (sensitive information, life and limb), your adversaries' resources, and the tools and methods you use to adequately protect your assets from your adversaries' resources.

For instance, your restricted network is unspecified but may be monitoring all client machines' keystrokes (or simply yours if you are a specific target) rather than your network packets. If this is the case, the Tor Browser Bundle is not keeping your activities confidential nor protecting your anonymity with respect to those activities.

Tor is extremely secure but it is not magic

In comparison to any other tools you might use to separate your person and identity from otherwise non-identifying Internet browser reading and publishing, all Tor Browser Bundle traffic intercepted between your machine and the last Tor relay (exit relay) is robustly secure because, if I understand correctly, Tor encrypts this traffic using "128-bit AES in counter mode, with an IV of all 0 bytes" for a stream cipher and using "RSA with 1024-bit keys and a fixed exponent of 65537" for a public-key cipher.

  • Note, however, that Tor does not "magically encrypt all traffic throughout the Internet" and once your sensitive traffic is decrypted by the Tor network's exit relay you are relying on extra-Tor encryption or your traffic is cleartext that any adversary can read including the exit relay operator, etc.

A good place to find more information is: Tor Project FAQ

More Details

"We've already got an improved circuit extension handshake protocol that uses curve25519 in place of RSA1024, and we're using (where supported) P256 ECDHE in our TLS handshakes, but there are more uses of RSA1024 to replace, including:

  • Router identity keys
  • TLS link keys
  • Hidden service keys"

"Ed25519 (specifically, Ed25519-SHA-512 as described and specified at http://ed25519.cr.yp.to/)."

Community
  • 1
jtd
  • 2,375
  • 2
  • 23
  • 31