What is TOR anyway?
TOR is a free software system and network that lets people browse web sites "anonymously." The mandatory quotes mean that TOR is not enough to guarantee online anonymity. It just makes very hard to figure out which computer is at the other end of a certain connection with a generic web site.
TOR creates semi-random, encrypted tunnels across the Internet, according to the Onion anonymous routing protocol. When you use TOR, your data packets don't go directly from your browser to the web site you want to visit -- they jump back and forth, instead, through at least three random computers (called TOR nodes or relays) connected by those tunnels. The easiest way to start using TOR is the multi-platform Tor Browser Bundle, which is a portable version of Firefox, preconfigured to run off a USB stick and always use TOR and other privacy-friendly free software.
Vidalia deserves a post because it's a good way to learn everything you can do with the TOR network. Besides, even if anonymous browsing is all you need, you really should spend some time in Vidalia when you start using TOR. With a little effort, you'll get a good idea of what that network may do for you, and how it works.
The Vidalia Control Panel (Figure A) makes it easier to start and stop a TOR client on your computer, check how it works, and know if something went wrong.
The Vidalia Control Panel.
The Bandwidth Usage graph (Figure B), for example, very clearly shows a basic fact of life with TOR -- namely, what you gain in anonymity, you'll lose in speed. The graph is also useful to get realistic expectations of what is or isn't possible online through TOR. For example, interactive, high-definition video or any delay-sensitive application is unlikely.
The Bandwidth Usage graph.
Another feature you should know from the start is Use New Identity. This will change the TOR circuit you use and therefore the point from which your packets appear to come from. Try it if some web site doesn't let you in just because it thinks you're from the "wrong" part of the Internet (it does happen). Switching to a new identity is also a must when, for whatever reason, you don't want to restart the whole TOR client but need to reload some web site as a different user.
View the network
You now know what TOR does (the three-nodes routing), but if you click View the Network, you can actually see it. That button opens a very rough but useful map (Figure C). Its purpose is to show both the approximate locations of the currently active relays (the red dots) and your circuits. These are the specific paths that your TOR client set up for your own packets inside the overall network. Even more interesting (and useful) than the map itself are the panels around and beside it. The left one lists the currently active relays. The central box at the bottom shows the nodes that constitute the used circuits. Their location, bandwidth, uptime, and other details are all listed in the bottom right corner.
TOR Network Map.
Proxies, firewalls, and overzealous ISPs
A frequent problem that TOR users must learn to face is difficulty reaching the network. This can happen when the network to which you're currently attached has a proxy or blocks everything but very basic services like downloading email or plain web surfing.
To solve this, go to Settings | Network in Vidalia, check the box named "My firewall only lets me connect to certain ports," and enter the numbers of those ports. The predefined values 80 and 443 will let you connect with those TOR nodes that pretend to be normal web servers.
Things get a bit more complicated when your local network blocks all publicly known TOR entry points, no matter what ports they use. The obvious solution is use a TOR bridge, which is a node whose address is not public. Of course, that's only possible if you know the address of at least one bridge in advance, but don't worry. You can try this list of bridges (captcha required) or send an email to email@example.com (from a Gmail or Yahoo account) with the line "get bridges" by itself in the email body. Once you know a bridge address, click on "MY ISP blocks connections to the Tor network" in Vidalia, and enter it in the corresponding field.
Hide your services
TOR can hide both the Internet services you use and those you offer from your computer, as long as they are based on the venerable Transmission Control Protocol (TCP). A TOR Hidden Service is invisible to anybody (including your Internet access provider or network administrator) who doesn't know in advance what and where that server is. Vidalia facilitates the connection of those servers to TOR with the panel of Figure D.
The most important parameter is the Onion Address, which is generated by TOR itself -- that's the address you must pass to all the users of your server; otherwise, they won't be able to reach it through TOR (or in any other way). For more details, check out this tutorial on the TOR web site.
Marco Fioretti is a freelance writer and teacher whose work focuses on the impact of open digital technologies on education, ethics, civil rights, and environmental issues.