Configuring the Tor network with TorK
Using TorK
The TorK user interface has four tabs. In the Anonymize tab, launch Tor by clicking on the green onion icon (Figure 1). If you use Firefox, launch the browser by clicking its icon: Firefox will now route connections via Tor. The first time you launch Firefox, it copies its settings to a new profile and reconfigures the profile to use Tor. This makes it possible to run Firefox and Tor separately; the settings and bookmarks cannot be exchanged.
If you prefer to surf the web with Konqueror, click on the icon for the KDE browser to route all future connections via Tor. By clicking the icon or closing TorK, you revert to normal use.
Also, you can launch the Pidgin instant messaging program and the Ksirc IRC client by clicking the corresponding icons. Anonymous use of the Jabber, ICQ, and MSN protocols worked in our lab, although chatting on IRC didn't always work because many IRC servers block the Tor network.
If you have installed the Mixminion anomymous mailer, you can click the mail icon to send anonymous email messages. Mixminion is very security conscious and requires you to change the permissions for both the .mixminion folder and the .mixminionrc file to avoid third parties reading them. If necessary, type chmod 700 .mixminion and chmod 600 .mixminionrc to set the permissions after the first launch.
After taking this hurdle, using Mixminion is simple: Write the email normally and send it – Mixminion automatically picks up a list of servers and sends your message.
Incognito
The Incognito [3] Live CD, which is not part of the TorK project itself, conveniently launches TorK on any computer, including a computer in an Internet café. The easiest approach to getting TorK up and running is to use the Incognito Live CD. The 350MB ISO image [3] is only available for the x86 CPU architecture right now. Hardware detection worked fine in our lab.
On booting, Incognito gives you the option of changing the MAC address (Figure 2). If possible, you should accept this offer because it adds another layer of anonymity for your hardware. Changing the MAC address could cause problems on some networks, especially if a DHCP server is used to assign IP addresses on the basis of MAC addresses.
If you can't access the Internet after starting the Live CD, boot again – without changing the MAC address this time. In our lab, a bug bit the Live CD on some systems: Although X server would launch, it would not display. In this case, press Ctrl+Alt+F7 to toggle the screen or enter chvt 7 at the prompt.
When you shut down the system, Incognito ejects the Live CD and then proceeds to overwrite the RAM content, which contains a complete image of the operating system, including the websites you accessed. Theoretically, an attacker might be able to recover this data. In fact, recent research reveals that the RAM chips could be frozen with ice spray after powering off, giving a forensics expert the ability to reconstruct the data some time later [4]. If you are not worried about this, you can just switch off your PC as soon as the Incognito CD is ejected.
File Sharing
The idea of sharing files via Tor might sound intriguing, and the Live CD does include KTorrent, but file sharing is not what Tor is about. Because of low data transfer speeds, file sharing doesn't make much sense.
Door to Tor
Normally, Tor will select nodes itself, but if you want to influence the selection, the Tor Network tab lets you do so (Figure 3). The left-hand column shows you a list of all available nodes. To filter the nodes, you can use the Servers menu in the TorK toolbar – filter options include Fast and Stable.
The Connections section of the window takes you to a list of current connections running via Tor. TorK shows you the chain of three nodes used for each connection.
The exit node, whose IP address the recipient gets to see, is marked by the flag for its country of residence. If you want the exit node to be in a specific country, you can choose Citizen Of… in the toolbar. However, Tor servers are not available in all countries.
If you prefer, you can select all three nodes, rather than just the exit node. To do so, drag and drop the nodes into the Circuits window. It typically takes a couple of seconds for Tor to establish a connection to the node, and for the node to appear in the list. Also note that the third node in your chain must be an exit node; that is, it must display the word "Exit" in its Tor icon.
By default, Tor will automatically choose a chain of available nodes for each connection. If you want to specify a chain for each connection, right-click the Connections field and select Let me Drag Connections to Circuits myself. Tor will wait until you have manually dragged and dropped three nodes to set up a working chain. By right-clicking and selecting Attach Connections to Circuits automatically, you reset this behavior.
The Tor Log tab takes you to error messages and warnings. The Traffic Log tab stores the outgoing Tor connections for the current session and, as a cross-reference, the connections that did not use Tor.
Conclusions
Although Tor encrypts the traffic between individual nodes, the connection from the exit node to the target is unencrypted. An observer at the exit node can therefore read all your passwords if they cross the wire in cleartext. If possible, you should use an encrypted protocol such as SSL/TLS.
Infos
- The Tor network: http://www.torproject.org/
- TorK: http://tork.sf.net
- Incognito: http://www.anonymityanywhere.com
- "Cold Boot Attacks on Encryption Keys": http://citp.princeton.edu/memory/
- Mixminion: http://mixminion.net
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.
-
DebConf24 to be Held in South Korea
Busan will be the location of the latest DebConf running July 28 through August 4
-
Fedora Unleashes Atomic Desktops
Fedora has combined its solid distribution with rpm-ostree system to make it possible to deliver a new family of Fedora spins, called Fedora Atomic Desktops.
-
Bootloader Vulnerability Affects Nearly All Linux Distributions
The developers of shim have released a version to fix numerous security flaws, including one that could enable remote control execution of malicious code under certain circumstances.