ToR is relay network which aims to increase your online privacy by attempting to anonymize web browsing activity. This is achieved by distributing your traffic across a series of ToR servers, which obfuscates your IP behind those ToR servers. While ToR is typically used on the desk top you can read about using ToR on Mac here if interested- you can also access and use aToR browser on the iPhone and iPad too.
For this particular article on quick and easy ToR access from iOS, we’re going to focus on a third party ToR app for iPhone and iPad called onion browser. It’s free and does the job of connecting to ToR, even if onion browser is imperfect and a little bit clunky ( a more refined version is currently in beta testing but due out soon ). The onion browser app offers simple TOR usage from iOS should you wish to access onion URLs or have some degree of enhanced anonymity with your web browsing.
How to use TOR on iPhone or iPad with onion browser
1. You will need a modern version of iOS and an existing internet connection, the onion browser app comes from the app store so you will need to download that too. Here are the steps it’s pretty straight forward.
2. On the iPhone or iPad, download onion browser for iOS on the app store, its free launch the onion browser app in iOS and choose connect to TOR on launch.
3. ToR will initialize and when completed you will see a browser screen indicating it has successfully connected to the TOR network ( or unsuccessfully in which case you would not be on TOR ).
4. Once the TOR connection has completed, browse the web as usual in the onion browser app like all TOR browsers, onion browser is missing some features and abilities and not all websites will work as expected or render correctly within the app. That is done to try and mitigate data and IP leaking, and so turning off various abilities in what ever TOR browser is necessary.
Keep in mimd that browsing the web with TOR is slow, this is because your network traffic is being distributed around the globe in an attempt to anonymize you and increase your privacy. That lagginess and speed reduction is experienced in any TOR browser, it’s not just onion browser.
You can renew and request a new IP at any time in the TOR browser, but you may need to face quit the app and relaunch the onion browser for that to be successful.
The onion browser application is a bit rough around the edges and focus some limitations due to iOS architecture, but if all you need is a randomized IP address or across to some onion domain, it should do that trick. As mentioned before, there’s a newer version that is currently in better testing that is quite a bit more refined, and it should be due out soon.
Wheather or not you trust TOR to keep you anonymous or increase your privacy in today’s era of security breaches and privacy violation is entirely up to you, but it’s probably a good idea to read about TOR in general here, you might want to check the TOR project blog post on onion browser, and you may find it useful to know that onion browser for iOS is open source so you can look through the source code on github if that interest you too.
Analytical for the Tor network, including graphs of its available bandwidth and estimated userbase. This is a great resource for researchers interested in detailed statistics about Tor.
A terminal (command line) application for monitoring and configuring For, intended for command-line aficionados and ssh connections. This functions much like the top do for system usage, providing real-time information on Tor’s resource utilization and state.
Web-based protocol to learn about currently running Tor relays and bridges.
OONI (open observatory of network interference) –
a global observation network, monitoring for network censorship, which aims to collect high-quality data using open methodologies, using free and open-source software (FL/OSS) to share observations and data about the various types, methods, and amounts of network tampering in the world.
tor for google android devices, in collaboration with the guardian project, replacing the deprecated orfox.
a library for use by any android application to route internet traffic through or not Tor.
Pluggable transports –
It helps circumvent censorship. Transform the Tor traffic flow between the client and the bridge. This way, censors who monitor traffic between the client and the bridge will see innocent-looking transformed traffic instead of the actual Tor traffic.
Relay search –
a site providing an overview of the Tor network.
a discrete event network simulator that runs the real Tor software as a plugin. Shadow is open-source software that enables accurate, efficient, controlled and repeatable Tor experimentations.
Python library for writing scripts and applications that interact with Tor.
Tails (The Amnesic Incognito live system) –
A live CD/USB distribution preconfigured so that everything is safely routed through Tor and leaves no trace on the local system. Tor birdly Tor button for thunderbird and related bird forks.
Tor browser –
Customization of Mozilla firefox which uses a tor circuit for browsing anonymously and with other features consistent with the Tor mission.
Free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationship and state security.
python and twisted event-based implementation of the Tor control protocol. Unit test, state and configuration abstraction, documentation. On PyPI and Debian.
Tor is a free, global network that lets you browse the internal and the dark web anonymously. There are, however a few things you need to keep in mimd to use Tor securely.
As online surveillance becomes more and more prevalent, tools that can help you stay private and secure online are critical. While VPNs are one such tool (learn why you should use a VPN), there are other options. Tor (which stands for “The Onion Router”) is a powerful tool for online anonymity.
However, there is no such thing as 100% security, and even Tor has some vulnerabilities. It is essential to consider its threat model and make sure that you understand what Tor can and can’t protect you against. Furthermore, if you do not adhere to certain best practices when using Tor, you could expose yourself to vulnerabilities and exploits that could compromise your privacy or your device.
This article will explain the factors to consider before using Tor and what you can do to mitigate its weaknesses.
Is Tor illegal?
This is often the first question users ask because Tor and the “dark web” have become associated with illegal enterprises like the Silk Road marketplace. The answer is no. It is not illegal to be anonymous, and Tor has many legitimate uses. The dark web itself is a powerful tool to protect privacy and free speech.
Tor is an open network of servers run by volunteers and free software (the Tor Browser) that is guided by the non-profit Tor Project. Both the network and the software can be used to browse the “clearweb” (the Internet most of us are familiar with) like any other browser. According to the Tor Project, neither the network nor the browser is illegal anywhere in the world, and using Tor is not a criminal act.
Like any technology, Tor is not 100% secure, and attackers can still compromise Tor’s security. In 2014, a research team from Carnegie Mellon University gained control of enough servers in the Tor network to observe the relays on both ends of the Tor circuit and compare the traffic timing, volume, and other unique characteristics to identify which other Tor relays were part of which circuits. By putting the entire circuit together, the researchers were able to see the IP address of the user on the first relay and the final destination of their web traffic on the last relay, allowing them to match users to their online activity. (For those interested in a more technical explanation, the Tor Project analyzed the attack.) The FBI then used this attack to round up a number of criminals on the dark web as part of their Operation Onymous. Tor upgraded their relays to deal with the specific protocol used by the researchers, but correlation attacks (identifying users through the timing and volume of their traffic) are still possible.
These instances should not dissuade you from using Tor; rather they illustrate that even Tor is not 100% secure.
How to use Tor safely
Like with any privacy tool, proper usage is critical. Misusing Tor can compromise your online privacy in unexpected ways.
Tor will encrypt your data as it passes through the Tor network, but the encryption of your traffic between the final Tor relay and your destination site depends upon that website. Only visit websites that use the Hypertext Transfer Protocol Secure, or HTTPS. This protocol establishes an encrypted link between the final Tor relay and your destination website. Any site that has a URL that begins with “https://” uses HTTPS, and the Tor Browser comes with the HTTPS Everywhere add-on. The Electronic Frontier Foundation has a great diagram that illustrates how Tor and HTTPS work together to protect your data.The Tor Browser blocks many plugins, such as Flash, RealPlayer, and QuickTime. These plugins can be manipulated into exposing your IP address in ways that Tor cannot prevent.If you are using the Tor Browser, be aware that only the Tor Browser’s Internet traffic will be routed through Tor. Other apps on your device will still connect normally to the Internet and may expose your real IP address.You should not maximize the Tor Browser window. If you maximize the Tor Browser, websites can determine the size of your device’s screen, which can narrow down which device you are using and help those sites track your activity.
Tor recommends you always use the Tor Browser’s default screen size.You should not open documents downloaded through the Tor Browser while you are online. These documents could contain Internet resources that would reveal your true IP address. If you need to view a .doc or .pdf file, you should disconnect your computer from the Internet first, or you should use the Tor OS, Tails.Similarly, you cannot use BitTorrent over Tor. Torrenting will send out your real IP address in the tracker GET request, deanonymizing your torrent and web traffic. It will also slow down the entire Tor network.It is also important to note that Tor will not protect your privacy from a website you must sign in to. Once you sign in, you have identified yourself to that website — and anyone who might be observing the activity on that site.Finally, if you are using Tor to access the dark web, you must be extremely cautious. Only use dark web URLs you know to be accurate. Do not click on any ads on any site on the dark web. Inspect every link on the dark web before you click it. Visiting unknown sites on the dark web is a quick way to infect your device. Trusted sites on the dark web, such as ProtonMail’s Tor email portal, usually will have a valid SSL certificate.
Secure alternatives to Tor
Tor provides an excellent way to anonymize online activity, but certain limitations, particularly its slow browsing speeds, can be quite limiting for the average Internet user.
For users who find Tor too complex or need higher performance, a trustworthy VPN like ProtonVPN is a good alternative. A VPN will encrypt your online traffic and prevent attackers from monitoring your browsing activity. It is also much faster and easier to use than Tor. Once you install the VPN app, all it takes is a single click to establish an encrypted VPN connection. Switching your connection between countries is also much easier with a VPN than with Tor. The ProtonVPN feature Tor over VPN also lets you access onion siteswithout having to download and set up the Tor Browser. However, VPNs, like Tor, also have their limitations when it comes to security and privacy, so it is important to understand the VPN threat model.