Configuring the Tor network with TorK

Without a Trace

© HessenJense,

© HessenJense,

Article from Issue 93/2008

If you're worried about eavesdroppers, connect to the Tor network with KDE's handy TorK configuration tool.

The Internet is a very public place, and, whatever you use it for, you can expect that someone has an interest in watching your movements. Government agents and corporate competitors can easily monitor Internet activities.

More to the point for most users, vendors can tune in to your buying habits to scientifically determine how to sell you things. Some e-commerce sites might even vary the price of merchandise based on the region, Internet address, or past behavior of the shopper.

Tor Anonymity Network

Privacy advocates have developed several systems for users to operate anonymously on the web. One of the most popular options is the Tor anonymity network.

The Tor network [1] is a series of relays operated by volunteers that obscure the source of Internet traffic. The message bounces around inside the TOR network and emerges at an end node in a form that cannot be traced to its source.

In addition to supporting end-user tasks, such as web browsing, messaging, and email, the Tor network also provides the capacity for anonymous websites and even web forums.

How Tor Works

Tor routes encrypted traffic through a series of three servers (nodes). The sender wraps up three encrypted packets. The individual nodes each remove one layer of encryption and send the packet to the next node. The third node hands the fully decrypted packet over to the target. This onion skin principle gave Tor its name: The Onion Router.

The first two nodes do not know the packet's target or content. Only the last node has this information; however, the last node does not know where the packet came from.

To trace a connection, an observer would need to control all three nodes. But this is difficult to achieve, even for the authorities, if the three nodes happen to reside in different countries. When you use Tor, make sure the nodes are not all in the same country – and especially not the country where you are right now.

Installing TorK

Despite all the benefits of the Tor network, one complication is that Tor support is often difficult to configure and use. Luckily, KDE users can use the handy TorK desktop application [2] to connect to the Tor network.

Few distributions include TorK packages. If you run openSUSE, you can use YaST to install Tor, the Privoxy web proxy, and TorK. Although Debian and Ubuntu include Tor and Privoxy, TorK might either be in Unstable, or available if you have release 8.04 or later.

When installing from the source code, watch out for the dependencies, which include the KDE and Qt developer packages. Apart from any dependency issues, the installation follows standard procedure. After downloading the tarball from the project website [1], unpack the archive and change to the directory this step created. When you get there, build and install TorK using the standard three-command trick.

The INSTALL file has a detailed list of dependencies. If you want to use Remailer via TorK (see the box titled "Type III Remailers") to send anonymous email, you will also need to set up Mixminion [5]. Despite the very low version number, and its alpha status, at least the remailer client didn't appear to be too buggy. The tarball includes a script; start by adding execute permissions chmod +x and then enter ./ make to launch. When you are done, type ./ install to copy the files to the right places.

Type III Remailers

If you want to send anonymous email, you could use Tor to set up an email account with a free mail provider; but this seems slightly over the top if you will only use the service occasionally. As an alternative, you can go for a remailer. Remailers come in all shapes and sizes. The most simple type is a server that deletes the sender data from the original mail header before forwarding the message (type I).

A type III remailer splits the message into several chunks, encrypts each chunk, and sends the encrypted chunks to the target over several hops. Fragmenting the message makes it difficult to reconstruct the length of the message; however, the message can take up to 24 hours to reach its target. Thus far, only one software implementation of a type III remailer exists: Mixminion [5].

Configuring TorK

When you first launch Tork, you'll see a configuration dialog. The program will ask if you would like to connect to a local or remote Tor installation: Select localhost. TorK will then check to see whether the Tor daemon is running in the background. You'll need to enter the path to the Tor daemon configuration file – on Debian, Ubuntu, and (open)SUSE, this is /etc/tor/torc.

When you click on Modify Tor's Control File you are prompted for the root password. Clicking Test Tor checks to see whether TorK is able to modify the file. If so, clicking Next takes you to the proxy selection dialog, where you will want to select Privoxy. Like the Tor daemon, Privoxy runs in the background on most distributions. After completing the Privoxy configuration, disable other proxies in your browser configuration.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Tor and Privoxy

    Internet users typically reveal their IP addresses, and this lets companies compile a profile of your Internet activities. Tor and Privoxy can help protect your privacy.

  • Anonymity on the Tor Network

    The Tor project supports a formidable collection of tools for protecting your privacy on the Internet. We'll give you some background on Tor and help you get started with the Tor Browser.

  • Node-RED on Android

    We show you how to control devices connected to Rasp Pi GPIO pins with text messages from an Android phone.

  • Node-RED

    Node-RED lets you connect ready-made code building blocks to create event-driven applications with little or no code writing.

  • Freenet

    The Free Network Project provides a safe environment for free speech – even for users who fear censorship.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More