Configuring the Tor network with TorK
Without a Trace
If you're worried about eavesdroppers, connect to the Tor network with KDE's handy TorK configuration tool.
The Internet is a very public place, and, whatever you use it for, you can expect that someone has an interest in watching your movements. Government agents and corporate competitors can easily monitor Internet activities.
More to the point for most users, vendors can tune in to your buying habits to scientifically determine how to sell you things. Some e-commerce sites might even vary the price of merchandise based on the region, Internet address, or past behavior of the shopper.
Tor Anonymity Network
Privacy advocates have developed several systems for users to operate anonymously on the web. One of the most popular options is the Tor anonymity network.
The Tor network [1] is a series of relays operated by volunteers that obscure the source of Internet traffic. The message bounces around inside the TOR network and emerges at an end node in a form that cannot be traced to its source.
In addition to supporting end-user tasks, such as web browsing, messaging, and email, the Tor network also provides the capacity for anonymous websites and even web forums.
How Tor Works
Tor routes encrypted traffic through a series of three servers (nodes). The sender wraps up three encrypted packets. The individual nodes each remove one layer of encryption and send the packet to the next node. The third node hands the fully decrypted packet over to the target. This onion skin principle gave Tor its name: The Onion Router.
The first two nodes do not know the packet's target or content. Only the last node has this information; however, the last node does not know where the packet came from.
To trace a connection, an observer would need to control all three nodes. But this is difficult to achieve, even for the authorities, if the three nodes happen to reside in different countries. When you use Tor, make sure the nodes are not all in the same country – and especially not the country where you are right now.
Installing TorK
Despite all the benefits of the Tor network, one complication is that Tor support is often difficult to configure and use. Luckily, KDE users can use the handy TorK desktop application [2] to connect to the Tor network.
Few distributions include TorK packages. If you run openSUSE, you can use YaST to install Tor, the Privoxy web proxy, and TorK. Although Debian and Ubuntu include Tor and Privoxy, TorK might either be in Unstable, or available if you have release 8.04 or later.
When installing from the source code, watch out for the dependencies, which include the KDE and Qt developer packages. Apart from any dependency issues, the installation follows standard procedure. After downloading the tarball from the project website [1], unpack the archive and change to the directory this step created. When you get there, build and install TorK using the standard three-command trick.
The INSTALL file has a detailed list of dependencies. If you want to use Remailer via TorK (see the box titled "Type III Remailers") to send anonymous email, you will also need to set up Mixminion [5]. Despite the very low version number, and its alpha status, at least the remailer client didn't appear to be too buggy. The tarball includes a setup.py script; start by adding execute permissions chmod +x setup.py and then enter ./setup.py make to launch. When you are done, type ./setup.py install to copy the files to the right places.
Type III Remailers
If you want to send anonymous email, you could use Tor to set up an email account with a free mail provider; but this seems slightly over the top if you will only use the service occasionally. As an alternative, you can go for a remailer. Remailers come in all shapes and sizes. The most simple type is a server that deletes the sender data from the original mail header before forwarding the message (type I).
A type III remailer splits the message into several chunks, encrypts each chunk, and sends the encrypted chunks to the target over several hops. Fragmenting the message makes it difficult to reconstruct the length of the message; however, the message can take up to 24 hours to reach its target. Thus far, only one software implementation of a type III remailer exists: Mixminion [5].
Configuring TorK
When you first launch Tork, you'll see a configuration dialog. The program will ask if you would like to connect to a local or remote Tor installation: Select localhost. TorK will then check to see whether the Tor daemon is running in the background. You'll need to enter the path to the Tor daemon configuration file – on Debian, Ubuntu, and (open)SUSE, this is /etc/tor/torc.
When you click on Modify Tor's Control File you are prompted for the root password. Clicking Test Tor checks to see whether TorK is able to modify the file. If so, clicking Next takes you to the proxy selection dialog, where you will want to select Privoxy. Like the Tor daemon, Privoxy runs in the background on most distributions. After completing the Privoxy configuration, disable other proxies in your browser configuration.
Buy this article as PDF
(incl. VAT)