Sophos Cloud Optix
You’ve probably heard of Tor. We’ve written a lot about it on Naked Security, and opinions on it are divided.
Some people will tell you it’s a bulwark of online privacy, while others consider it a threat to law and order.
But what exactly *is* Tor and how does it work?
What are the pros and cons of using it?
Our very own Paul Ducklin has written a nice explainer article over on the Sophos Blog.
What is… Tor? Head over to the Sophos Blog and find out!
I think it might be more important to know what is DNSSEC or DANE which are a lot less known. IPv6, which is unrelated, would also be important.
Umm so where is the post?
If you were on a mobile device…it was a glitch in the mobile site layout on the Sophos Blog that we think we’ve sorted out.
Try now…it was broken for me this morning; now it’s working.
Apologies…
No blog article about TOR there that I can see….
Aaargh. Something went wrong there – are you on a mobile device? I can’t click through to the Tor article from my phone, but I can from my laptop.
We’re looking into this. Sorry about that…
A few other comments for you Duck:
End-servers (the place you’re navigating to) can detect if you’ve come through a Tor exit node.
Also, it’s probably worthwhile noting that the best way to run Tor these days is with TorBrowser (a modified version of Firefox) which automatically sets properly secure browser settings and sends your DNS requests through the Tor proxy. On mobile devices, there are a number of Tor browsers in the Google Play store and in the iTunes App store. Quality and security of these is hit and miss (at least compared to the official TorBrowser), but they will provide more security than nothing at all. Useful for browsing from an open WiFi hotspot, as only the exit nodes will see your content, instead of everyone sitting on the access point and all upstream providers.
In the “What is..” article we link to, there’s a section that gives advice on: the Tor Browaer; unscrupulous exit nodes; and unscrupulous entry nodes, or “guards.” We also look st the benefit of extra privacy on open or unrusted networks, but remind yu that Tor doesn’t add encryption to the last hops of your traffic if it wasn’t there already. In other words, if you don’t use HTTPS to the website at the end of the connection, Tor won’t “upgrade” you. That’s not its purpose.