 So I donated to the Tor project, and all I got was this cool shirt, some stickers, and a little bit of anonymity online. So I want to talk about Tor today, some of the misconceptions that I frequently run into. I did a video the other day about using the non-Surf mode of Parrot Linux and how we can wrap the entire networking stack inside of Tor, allowing you to use different applications, not just the Tor browser, and be on the Tor network. But I want to talk now a little bit about what the Tor network is and what the Tor network is not in some of the common misconceptions that I keep running into. And I have a lot of links. This is going to be a shorter video compared to some of the links are a little bit longer and in depth because I like to cite my sources. And I also read through and went through all of these sources to try to condense this down a little bit. First, I start with, yes, I did donate. That's why I'm wearing this shirt. I think it's an important project to help the Internet. It has a lot of great uses. It has helped people who are been in position to be government whistleblowers, which I think there's a lot of value in. And back to the government side of it because that's the first question that pops up a lot. Wasn't this some government funded project and it's really not anonymous? Well, it is anonymous. And yes, the core principle of the Tor, the onion routing, was developed in the mid 90s by the United States Naval Research Laboratory employees, mathematicians, Paul Syverson and computer scientist Michael G. Reed and David Goldschlag. With the purpose of protecting US intelligence communications online, onion routing was further developed by DARPA 1997. So there's yes, we started as a government naval research project all the way in the 90s. Ten, a DARPA picked up the project in 97. Now the way the Internet works, when you start with an IP address, maybe the one given to you by your ISP, that creates a series of routes that get you to whatever website or any other resources you want to use on the Internet. That is completely trackbackable or backwards and forward, so to speak. So there's a series of hops in between. Those hops can be very visible. So we know that you have this IP address and now you visited this location or this resource across the Internet. And this is yes, how they will track people when you do VPNs. What you're doing with a VPN is you're encapsulating your data through those hops. So a little bit hard to see and then you're coming out of the VPN. So there could be some correlation for a VPN company to say, yes, someone was given this IP address and this is the IP address they came from. And VPN companies have been known to cooperate with authorities when compelled to do so. But Tor goes a step further and is different. Tor, you still have the principles of the Internet in effect, but the Tor nodes, essentially the way they route is no two nodes, no the other node. For a more in-depth explanation, Adrian with Adrian Crenshaw with Irongeek. This was the Defcon 22 drop-in docs on Darknets. And I'm going to pull a couple referrals to this, but I'll leave you links to all this. And by the way, I highly recommend you watch this entire talk. It's about an hour almost and very worthwhile for digging into some of the details of Tor. But the idea with Tor is the in node and the out node are unaware of each other. And there's some really clever math in between. So you can somehow get the data somehow being math, I'm not going to get into the equations that work, but the in node and the out node are disconnected from each other in terms of knowledge as the middle nodes that are in between, they only know enough information to get to the next node, but not enough about the source and only enough to get to the next node, but not enough about the destination. So there's no way to unwrap the onion, the layers of the onion to figure out the person coming in and where they came out. They see only the exit node of the tour. We don't see the entrance node. So it does work. And I know you've probably seen articles as I have as well for governments contacting companies and working on ways to de-anonymize Tor. And that's where this talk goes in deep, talking about drop-in docs on the darknet. Yes, absolutely that is something companies are working towards. But when you start looking at the complexity of government operations and how people got caught, and we'll talk about like Lulsec, this is a pretty famous case. And by the way, he links to all those cases been, you know, closed and a lot of this is all part of the public. They talk about the methodologies they use. So they knew they did not know who Sabu was because he was on tour, but they were able to figure it out because he normally connected an IRC via tour and then he decided not to. This is kind of like laziness on his part and thought maybe, you know, you get to embolden like, hey, I'll never get caught. I am too good for this. And then you connect with your home IP address. And also to make it matters worse, they also spoke with Jeremy Hammond and casually let it slip where he had been arrested before and group he's involved with. Well, now you have correlation data. So what correlation data means is they had his home IP address. They had known some associates. They talked about where they are arrested. And government agencies have access to arrest records pretty easily. So they look for people that match descriptions and match arrest records. And voila, they end up finding the person. So they did not de-anonymize tour, but through all this information, they were able to get that who that person was. So right here, like lessons learned and he walks you each one of these cases, like each company, each little thing they did to get caught although they're using tour and zero of these cases. And by the way, I guess this is an hour talk, including the Silk Road, where they dive into some detail here. And I'll also bring up the Darknet Diaries Operation Bayonet, which was October 2018. They published this. This is a wonderful podcast. It also talks about all the different things that was going on in a Darknet. And by the way, zero times were they able to de-anonymize someone through the Darknet. It was through slip-ups. It was through them people using a common login that they would see them logging in, but they couldn't tell where the source was. But then they would log in with their home IP address once in a while. And that would be the way they go, use that same username password. We know who you are now. So they would correlate data together. Now, there are what they call, and he does dive into this in his topic, what they call timing attacks, where they try to companies or, I should say not companies, but nation states, three letter agencies that have the absolute, almost unlimited resources that can dig into the tour nodes, they can do things like go back and forth and go, all right, I can see this many nodes going in from here and this going in from here. And they can try to make some assumptions of your geolocation and narrow it down maybe to a city, but it's not easy. It's kind of like a very vague timing that they try to figure out based on ping times of in nodes and out nodes and trying to pinpoint you like in a triangulation, but that's not how any of these people got busted. It's only giving you a very general idea versus what these people, once they started really digging in and they would do things like slip up and use their, you know, home IP addresses, that's when they got caught. And this is like I said, this is 52 slides, an hour long talk. And in this talk, we talk about all these different cases and it goes just that further. You look at the operation bayonet and the level of government intervention that was needed to try to track these people down. You get an idea towards a really solid system that undoubtedly our government still uses as well, our government as in the US government to anonymize themselves so they can, you know, be covert on the internet without people easily identifying who they are. So that is another reason that we know tour solid because well, it's been pretty proven that the government uses well and it gives them their own cloak of anonymity. So it's still a good project. It is a wonderful nonprofit organization. So we believe everyone should be able to explore the internet with privacy. We are the tour project day 501 3C US nonprofit. We advance human rights and defend your privacy online through free software and open networks. And like I said, that is their mission statement. They are an actual nonprofit, which is one of the reasons I donate to them. I want to bring up awareness and kind of talk about the fact that tour itself is not where the problem is. But as I mentioned when I did my parrot video, DNS leaks can be a problem. Not wrapping the whole system where some people just download the tour browser. And when you just download the tour browser and then you click a link and that's actually demonstrated in this talk, you click a link and maybe open up something else or another browser. You end up be able to go around tour because that other browser wasn't a touring and downloaded a PDF, but it didn't open up with the tour browser. It opened up somewhere else and then that link you clicked on. Instead of the tour browser ring your default browser, it opened up your default browser and maybe that link was specially crafted to figure out who you are. And that is one of the methods by which they uncluck people is sending them these specially crafted links and hoping they will open it. Not with their tour browser, but with another one. These are all the wet methods and pains taking things that had to be done to de-anonymize someone on tour. So yes, the tour is secure, but it's all about your op sec is usually how you may be caught if you're using tour or found out. Like I said, there's IBC people who use this for nefarious things, but there's people who use it for good as well. The technology itself is neither good nor bad. It's all about different use cases. And of course, having a system by which people journalists or people can conduct whistleblowing and hopefully bring to light when bad things are happening. The tour has a really strong place for that in the market. Now, a few of the readings I'll have is the EFF has a breakdown of tour. They're obviously a big supporter of that privacy on there. And they talk about how HTTPS and tour work together to protect your anonymity and privacy. You can read through all the documentation on tour, really dark night iris, love the whole series, specifically related to tour. Then it comes up in different episodes by Operation Bayonet to talk about taking down the dark web and the things that are involved in there. And of course, this talk right here, you know, drop in docs on dark nets, how people got caught by Adrian Crenshaw of Iron Geek. Here's the slides, which are located in the video here. And irongeek.com where he's got all kinds of other interesting talks related to hacking and things like that. So if you follow him, there's plenty more information you can keep digging out of it. But that was it. I just wanted to share that one, I do support the tour project actively. So I got the shirt in case you're wondering. If you want a shirt, donate money to the tour project. Two, if you think it's completely garbage and it's some government way to just find you out, I probably can't convince you if your tinfoil hats wrap that tight. And if all these links and all this reading still doesn't convince you, all I can do is tell you where my sources are. At some point, you probably never convince me to be convinced, but I do trust the project is a solid project for anonymity. And definitely we're donating to and keeping the project alive. It does not receive the government funding it did. It's not part of DARPA's project like it used to be. It does not rely on some massive donations from government. It relies on people like me buying shirts and stickers. And if you want to support the project, go ahead and donate. I get nothing from this. There's no special link for this. This is straight up money to them because I like them. All right, thanks. Thanks for watching. If you liked this video, give it a thumbs up. If you want to subscribe to this channel to see more content, hit that subscribe button and the bell icon, and maybe YouTube will send you a notice when we post. If you want to hire us for a project that you've seen or discussed in this video, head over to LawrenceSystems.com where we offer both business IT services and consulting services and are excited to help you with whatever project you want to throw at us. Also, if you want to carry on the discussion further, head over to forums.lauranceystems.com where we can keep the conversation going. And if you want to help the channel out in other ways, we offer affiliate links below, which offer discounts for you and a small cut for us that does help fund this channel. And once again, thanks again for watching this video and see you next time.