Related to Anonymous surfing
The Electronic Frontier Foundation (EFF.org) is throwing its support
behind a new version of an open source project designed to protect
Internet surfers from online snoops and to help them to
surf anonymously over internet.
The latest version of the Tor Software Project, Tor 0.0.9.2, was published
on the EFF's Web site Tuesday, with bug fixes and the added capability of
allowing Win32-based machines to run Tor as a server.
Originally developed for operating systems like Linux, BSD, OS X and
Solaris, the project started to get more attention in December with the
inclusion of a Win32 installer (in version 0.0.9) that lets Windows end
users join in the project.
The Tor Software Project was designed and developed by the U.S. Naval
Research Laboratory's Center for High Assurance Computer Systems, with
help from the Office of Naval Research (ONR) and the Defense Advanced
Research Projects Agency (DARPA), to build an anonymous communications
system and to
improve internet security.
Last week, the EFF announced it would provide financial backing for the
project. The organization's officials said the application helps Americans
exercise their First Amendment right to free, anonymous speech online.
Web sites, ISPs (define) and third-party sniffers can use the header
information (source, destination, time, etc.) contained in traveling data
packets to perform traffic analysis. While traffic analysis can be used
for rather innocuous data mining, like adjusting the price of goods
depending on the user's nation of origin or determining online behavior,
proponents of Tor said the tool is beneficial to surfers who may be harmed
if their identity were revealed.
A
firewall can help, also.
"EFF understands the importance of anonymity technology for everyone --
from the average Web surfer, to journalists for community sites like
Indymedia, to people living under oppressive regimes," said Roger
Dingledine, Tor project leader, in a statement.
Tor is an open source distributed networking project, with volunteer
servers acting as a "middle men" between a user's PC and their ultimate
destination on the Internet, using a technique called onion routing.
Developers can freely modify and redistribute the source and binaries as
long as they include Tor's copyright, conditions and disclaimer clauses
and don't use the copyright holder's names to endorse or promote
derivative works.
Executing the application opens a DOS (define) command prompt box (in
Windows). When the user visits a Web server, the application grabs a list
of Tor servers available and maps a circuit of encrypted connections
through several of them. Each server knows only the origin of the server
immediately before it and its destination, with another encrypted key to
negotiate at every hop on the server route to further spoil any attempts
to track a user's Web destination. As an added privacy measure, new server
circuits are created every minute or so to prevent eavesdroppers from
linking earlier actions to new ones.
The project's Web site said users can run any software application with
SOCKS (define) support over the Tor network-within-a-network, though it
only works with TCP (define) streams.
Tor doesn't completely shelter the end user, nor is it intended to:
designed to cover IP address tracks for data packets traveling server to
server, it doesn't stop Web sites from setting cookies (define) from your
visit or withhold information on what browser you're using. Officials
recommend users install and run Privoxy -a Web proxy officials say runs
well with Tor software- and to avoid providing your name and other
personal information on Web forms.
The site's FAQ page also comes with the caveat that it doesn't provide
complete anonymity for its users. When users execute Tor on their PC, a
statement reads: "This is experimental software. Don't rely on it for
strong anonymity."
It's one of the reasons commercial vendors of privacy software such as
Anonymizer.com aren't particularly worried about the presence of a free
version in their midst. Like the Tor project, Anonymizer shields users
from snooping, but officials say to compare the two products is to make an
apples to oranges comparison because the proxy servers are under their
control at all times.
Lance Cottrell, Anonymizer president, said the Tor application is a great
open source project. He's met with Tor developers on several occasions,
but it doesn't provide the quality of service needs required by enterprise
customers.
"We are taking full responsibility. The buck absolutely stops with
Anonymizer," he said. "Whereas with an open source distributed network
there's really no one you can turn to and say, 'why was my privacy
compromised?'"
The company also has strong ties with the EFF. Individuals who donate more
than $35 to the organization get a trial Anonymizer account for six months
or more. |