Does Rostelecom block Thor. We use bridges against Tor browser blocking. Install the browser and get bridges
What if you want to surf the web without far-fetched restrictions, but you don’t want to change the proxy every time in your browser? What if you want to access both prohibited sites and normal ones, and at the same time, the speed at which regular sites open does not suffer? What if you are interested in knowing what is going on in remote parts global network?
Based on these considerations, we need to:
- Regular sites opened as usual
- Prohibited sites opened via Tor without settings
- All sites in the .onion zone also open without settings
On the one hand, the requirements are contradictory. On the other hand, what can’t you do for the sake of convenience!
One could remember various ways and tools for bypassing DPI, but if you don’t want to think about anything like that, or rather even want to set it and forget it, then analogues of Tor to solve the problem in part easy access no to blocked sites.
You will not get complete anonymity by following these instructions alone. Anonymity without OPSEC measures is impossible. The instructions only imply bypassing restrictions.
What do we need?
To begin with, we need either a router or a server that works as a transparent bridge that passes all traffic through it. This could be an existing server, or it could be a box with a Raspberry Pi. Ordinary compact routers with Linux may also be suitable, if in principle it is possible to install the necessary packages on them.
If you already have a suitable router, then you don’t need to configure the bridge separately and you can.
If installing Tor on your router is a problem, then you will need any computer with two network interfaces and Debian Linux on board. You will ultimately connect it to the network gap between the router, which faces the outside world, and your local network.
If you don’t care about servers and routers, then maybe.
Let's set up a bridge
Setting up a bridge in Debian is not a problem. You will need the brctl program, which is included in the bridge-utils package:
apt install bridge-utils
The permanent configuration for the bridge is set in /etc/network/interfaces. If you are making a bridge from interfaces eth0 and eth1, then the configuration will look like this:
# Mark the interfaces as manually configured iface eth0 inet manual iface eth1 inet manual # The bridge rises automatically after a reboot auto br0 # Bridge with IP acquisition via DHCP iface br0 inet dhcp bridge_ports eth0 eth1 # Bridge with static IP iface br0 inet static bridge_ports eth0 eth1 address 192.168 .1.2 netmask 255.255.255.0 gateway 192.168.1.1
You need to choose one configuration for the bridge: with dynamic IP or static.
Please note that at this stage it is not necessary to include the server in the network break. You can get by with just one connected interface.
Let's ask the system to apply the new settings:
service networking reload
Now you can check the existence of the bridge with the brctl show command:
# brctl show bridge name bridge id STP enabled interfaces br0 8000.0011cc4433ff no eth0 eth1
You can view the issued IP address, and generally check whether an IP was issued via DHCP or statically, using the ip command:
# ip --family inet addr show dev br0 scope global 4: br0:
If everything is in order with the IP addresses, then you can already try to include the server in the network break...
Ultimately, all devices on your network, when enabled through the server, must have full access to the global network as if there is no server between them and the external router. The same applies to the operation of DHCP and other things. All this is worth checking before moving on setting up Tor.
If something does not work the same as before, or does not work at all, you should first solve the problems, only then move on to setting up Tor itself.
Let's set up the Tor daemon
Installing Tor performed normally. Let's also install a country binding database:
apt install tor tor-geoipdb
At the end of the configuration file /etc/tor/torrc you need to add directives to enable the proxy server function:
VirtualAddrNetworkIPv4 10.0.0.0/8 AutomapHostsOnResolve 1 TransPort 0.0.0.0:9040 DNSPort 0.0.0.0:5300
Let's restart Tor and check that the DNS in our configuration works on some well-known site:
# service tor restart # dig +short facebookcorewwwi.onion @localhost -p 5300 11/10/127.156
The last command should output the IP from the 10.0.0.0/8 subnet.
When restarted, Tor complains about using public IP for TransPort and DNSPort, which in fact can be accessed by outsiders. Let's correct this misunderstanding by allowing only connections from local network(in my case it is 192.168.1.0/24):
iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 9040 -j ACCEPT iptables -A INPUT -s 192.168.1.0/24 -p udp --dport 5300 -j ACCEPT iptables -A INPUT -p tcp - -dport 9040 -j DROP iptables -A INPUT -p udp --dport 5300 -j DROP
The last two rules can be skipped if you have the default DROP rule for the INPUT chain.
Let's set up access for the entire local network
In order for all devices on the network to be able to access sites in Tor, we need to redirect all requests to the dedicated network 10.0.0.0/8 to the port of the built-in Tor proxy server:
iptables -t nat -A PREROUTING -p tcp -d 10.0.0.0/8 -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p tcp -d 10.0.0.0/8 -j REDIRECT --to- port 9040
We add two rules for the PREROUTING and OUTPUT chains so that the scheme works not only from devices on the network, but also from the server itself. If this scheme is not required to work from the server itself, then adding a rule to the OUTPUT chain can be skipped.
Forwarding DNS requests to the .onion zone
This problem could be solved either by replacing the DNS server with your own in DHCP responses to clients, or, if it is not customary for you to use a local DNS server on your network, by intercepting all DNS traffic. In the second case, you won’t need to configure anything at all, but all your clients, including you, will lose the ability to make arbitrary requests to arbitrary servers. This is an obvious inconvenience.
We will only forward DNS requests that mention the .onion domain to the port of the built-in DNS server, leaving all other requests alone:
iptables -t nat -A PREROUTING -p udp --dport 53 -m string \ --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -m string \ --hex-string "|056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300
The magic string 056f6e696f6e00 is associated with the peculiarities of transmitting a period in DNS queries: it is transmitted as the length of the line following it. Therefore, at the beginning of our magic line there is 0x05 for five characters in the word onion. At the end of the line there is a zero byte 0x00 because the root domain (dot) has zero length.
This approach allows your users (and yourself) to use whatever DNS servers are convenient for them, as well as request information from any DNS servers without intermediaries. However, no requests in the .onion zone will reach the open Internet.
Now try to reach some popular site on the Tor network from any device on the local network. For example, like this:
$ curl -I facebookcorewwwi.onion HTTP/1.1 301 Moved Permanently Location: https://facebookcorewwwi.onion/
Debugging and solving possible problems
If you want to make sure that no DNS requests to .onion go further than the server, then you can check their absence like this:
ngrep -q -d br0 -q -W byline onion udp port 53
Normally, this command, executed on the server, should show a complete absence of packages - that is, not output anything, no matter what you do.
If Firefox doesn't see .onion
If this bothers you, and the prospect of accidental de-anonymization does not bother you (after all, we no longer allow DNS queries to .onion on the open Internet), you can disable this setting in about:config using the key network.dns.blockDotOnion .
Mobile Safari and .onion
iOS programs, including Safari and Chrome, generally ignore .onion when working according to this scheme. I don’t know how to fix this problem within such a scheme.
The provider replaces the IP in the DNS
Some providers, for economic reasons, instead of blocking sites by IP or via DPI, only replace the IP for DNS queries using a list of prohibited sites.
The simplest solution to this problem is to switch to Google Public DNS servers. If this does not help, which means your provider redirects all DNS traffic to its server, then you can switch to using Tor DNS, in turn redirecting all traffic to it:
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-ports 5300 iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 5300
My network uses IPs from 10.0.0.0/8
No problem! In all directives above, use some other subnet from those intended for this, excluding the reserved ones. Seriously, pay attention to the reserved ones.
In addition, it is not necessary to use the entire range at once - you can limit yourself to a subnet. For example, 10.192.0.0/10 will do.
Bypassing blocks via Tor
To access blocked sites via Tor, first of all, you need to make sure that you are not making a fool of yourself by using exit nodes that are subject to the same restrictions as you due to your geographic location. This can be done by indicating in torrc the output nodes in which countries cannot be used.
ExcludeExitNodes (RU), (UA), (BY)
Updating the registry
The registry does not stand still and the list of blocked sites is growing. Therefore, you need to download the current IP list from time to time and add it to ipset. The best way to do this is not by downloading the entire list each time, but by downloading only the changes, for example, from here from GitHub.
#!/bin/bash set -e mkdir -p /var/local/blacklist cd /var/local/blacklist git pull -q || "{1,3}\.{1,3}\.{1,3}\.{1,3}" git clone https://github.com/zapret-info/z-i.git.
ipset flush blacklist tail +2 dump.csv | cut -f1 -d \;
|
grep -Eo
|
tee /var/local/blacklist/blacklist.txt |
xargs -n1 ipset add blacklist
It is possible to delete and add only IPs that have changed in the list, for which you may find git whatchanged useful.
If the script above suits you, then the place for it is /etc/cron.daily/blacklist-update . Don't forget to give this file executable permissions.
chmod +x /etc/cron.daily/blacklist-update
Saving the settings
apt install iptables-persistent
dpkg-reconfigure iptables-persistent
Unfortunately, there is no such convenient package for ipset yet, but this problem is solved by the /etc/network/if-pre-up.d/ipset script:
#!/bin/sh ipset -exist create blacklist hash :ip cat /var/local/blacklist/blacklist.txt |
xargs -n1 ipset add -exist blacklist
You must also give this script execution rights:
chmod +x /etc/network/if-pre-up.d/ipset
On the next reboot, this script will be executed and restore the list of blocked IPs.
If we forget about servers...
Okay, you tell me, what if I want to get the same convenient access to .onion, but without servers - locally, on one computer?
No problem! In this case, everything is even simpler. Stop adding these three lines to torrc: AutomapHostsOnResolve 1 TransPort 9040 DNSPort 5300 Then these two rules for iptables:
iptables -t nat -A OUTPUT -p tcp -d 127.192.0.0/10 -j REDIRECT --to-port 9040 iptables -t nat -A OUTPUT -p udp --dport 53 -m string \ --hex-string " |056f6e696f6e00|" --algo bm -j REDIRECT --to-ports 5300
And you can check. Access to blocked sites is configured according to the instructions above. A spoon of tar Despite its simplicity and convenience, this approach inherits some of the disadvantages of the Tor network.
That's all!
Is there anything still unclear? Is there anything you need to fix or is there something you especially liked? Write below in the comments.
Many sites in our country are blocked by Roskomnadzor! And in this issue I will show you how to bypass blocking of any site using the TOR browser.
Lately we have been hearing more and more about restrictions on the Internet. Governments different countries prohibit their citizens from accessing resources containing content that, in the opinion of deputies, is incorrect.
Operators are forced to transmit information about users, and there is no talk of any anonymity on the Internet. At the same time, it is not always the case that sites blocked by decision of certain authorities actually contain materials that can harm users.
“The forbidden fruit is sweet,” and various restrictions on the Internet have given rise not only to ways to circumvent them, but also to a whole secret network, which can only be accessed by using special means, hiding information about the user. The anonymous network is called Tor, and it is available absolutely free to everyone.
You can download TOR Browser from the official website using THIS LINK
VIDEO: TOR browser. How to download and configure the Tor browser in Russian
Well, you can learn more about the dark internet and immerse yourself in it at!
Well, that's all for today! Please write in the comments whether you managed to bypass the blocking of any prohibited site?
And also if you liked this video, give it a thumbs up and don't forget subscribe to my YouTube channel and notifications by clicking on the bell next to the subscribe button!
The desire to bypass censorship and blocking of sites, as well as the prohibition of using VPNs introduced by Roskomnadzor, now turns out to be, or extensions installed in them for changing IP addresses. If you already have the well-known Tor browser, then, alas, this does not mean that you are insured against entering not only the sites you need but are prohibited, but also from blocking the browser itself.
One thing to remember is that Tor anonymizes the source of your traffic and encrypts all traffic within the Tor network, but it cannot encrypt traffic between the Tor network and the destination address. If you transmit valuable information online using this “secret” browser, you should be as careful as when using regular browsers - use HTTPS for your own sites or other methods of encryption and authentication. However, even with such less reassuring factors privacy when using this browser, it is still prohibited and blocked in the Russian Federation. If you notice that your Internet service provider is trying to block Tor, then try using the method I outlined below. There is still a way out (at least partially). Let's look at the method...
How to bypass Tor Browser blocking
1.Install the browser and get bridges
Let's move on to the website and execute necessary actions. If you have not yet installed the Tor browser, then click on the “Step 1” button to download the installation file. In special tables with download links, you need to select the appropriate language for your OS, as well as the language you need. There is also Russian.
Then, of course, run the file and install the program. If you already have this browser, go to the site using the button "Get Bridges" .
Important! To perform the steps below, you must update your Tor browser to the latest version.
When you click on the third button, you will be provided with small instructions and tips on installing bridges in the browser on the same page of the site. Bridges are Tor relays that allow you to bypass censorship.
So, you installed the Tor browser, received bridges (relays) after the appropriate transition: 
Click on the button "Just give me the addresses of the bridges" and after passing the captcha, we go to the page for receiving them.
2. Install bridges to the Tor browser
And also the screenshots shown below.
1.Copying bridges:
2. Login to browser settings:
3. Check the box according to the instructions, select manual mode and insert bridges into the corresponding settings window. We confirm the operation by pressing the “OK” button and complete the installation of repeaters. Voila!
Enjoy your work, friends! And free Internet!
(Visited 1 times, 1 visits today)
Hello everyone In this article I will look at an unusual way to bypass website blocking by your provider. It is unusual because we will use Tor for this, but we will not use the Tor browser itself. We will use the Tor network, which is free and can be either slow or relatively fast. Don't listen to those who say that Tor is very slow, I often have the opposite picture
Another feature of my recipe today is that we will bypass not just one browser or two, but all at once. Moreover, even some programs will pick up the settings themselves and work through the Tor network.
So what, everything is so simple, everything is so good and there is no trickery? Eat. The fact is that there are rumors that Tor is not very safe for personal use. The whole point is that Tor is an anonymous network, you know, and this anonymous network uses several servers to transfer data before it reaches the recipient. All data is encrypted three times and one cipher is removed on each server, this is a type of onion routing, well, that’s what they call it. And now the main thing is that on the last server the last cipher is removed and the data is no longer protected, this is where the joke lies! Some comrades specifically create such a server on their computer for the purpose of intercepting unencrypted data, which may include a login and password, well, do you understand what I mean? This is all theory. I haven’t had anything like this, I’ve never had my email or VKontakte or Odnoklassniki broken, but I had to notify you about such a joke. You will find more information on the Internet if you are interested, but now let me start what I have in mind, that is, I will show you how to pass many programs through the anonymous Tor network
In general, people who do such dirty tricks with Thor can be called hackers. I think that hackers like this don’t need your account, but if they can catch a thousand accounts, then probably someone will want to buy such a database..
So what are we going to do? First, let's download the Tor browser, to do this, open this link:
Here we click on the download button, here it is:
Now here you need to find Russian (or another language that you need) and click opposite on 32/64-bit:
Then there will be a small window where the Russian language should already be located, click OK here:
Then the installation window will open, the path where the Tor browser files will be extracted will be indicated here. By default, it will be placed on the desktop, in principle this is convenient for me, but if anything, you can change the path. So here I click Install:
Installation has started:
The installation will not take long. Once the installation is complete, click the Finish button and after that the Tor browser will start (well, if you don’t uncheck the boxes, of course):
I made a little mistake, the Tor browser will not start, first there will be a window where you need to click Connect:
Usually you need to wait a little, well, a minute maximum:
You have already done everything, the most important thing. The Tor browser is running and, in principle, you don’t need to do anything now, now let’s analyze what we have done and what we have. We installed the Tor browser, which by the way we don’t really need at all, but the main thing here is different. This browser is a version of Mozilla, and this Mozilla uses the Tor network due to the fact that the network module is running, it seems to be running under the tor.exe process, well, it doesn’t really matter. And this Mozilla communicates with the Tor network using this module and this is implemented on the basis of a proxy server. All that remains is to register this proxy server in another program, so that that program will also work through the Tor network!
But what kind of proxy server is it? Usually, the standard one is 127.0.0.1 and port 9150, which is what is in the Mozilla settings that comes with Tor. This is the proxy that needs to be set, but it’s worth considering that this is not just a proxy, it’s a SOCKS proxy, so it’s suitable for both regular pages and secure https pages, and it’s also suitable for programs.
Another not very pleasant moment is that the Tor network is often used by spammers, so for example the Google search engine may ask you to confirm that you are not a robot, well, this is a normal phenomenon. In principle, it all depends on which server you end up on. So, just a minute, can you be more specific? Yes, everything is simple here, when you launch the Tor browser, three servers are generated randomly, so if Tor is slow or buggy for you, then you should restart it, I’ll write about it later if I don’t forget..
Well, there’s one more thing I didn’t write. In order for the Tor proxy to work, you must not close the Tor browser, because if you close it, the Tor module will also close. Now let's see how to bypass site blocking in Google Chrome, Yandex Browser, and Internet Explorer, in general, as you already understand, you can bypass website blocking in almost all browsers in one fell swoop! So, look. You just need to take and specify the Tor proxy server in the Windows system settings, which is used by many programs, both browsers and others, but not all. So, press the Win + R buttons, the Run window will appear, write the following command there:
Click OK and the Control Panel will launch, if you don’t have icons here, then you need to select Large icons in this menu and they will appear:
Now find the Internet Options icon here and click on it once:
The Properties: Internet window will appear, here you need to go to the Connections tab and click the Network Settings button:
Attention! If you have a connection, click here (for obvious reasons, the button is inactive):
In any case, it is important for you to understand one thing, you need to specify the proxy server in the SOCKS field and only in this field. Well, so, I clicked the Network Settings button, then a small window like this appeared, here we put a checkmark on Use a proxy server and click the Advanced button:
In the next window called Proxy server settings, you need to specify 127.0.0.1 and port 9150 in the field opposite Socks, this is how I did it in the picture:
That's it, click OK and you can check. First I checked in Internet Explorer, as a result, everything works:
And at the same time, everything loaded very quickly, which makes me happy! Then I tried it in Google Chrome and the same thing, all in a bunch and here:
ATTENTION: everything loaded here FAST and without problems! It feels like I just connected to a different Internet!
I don't have Mozilla on my computer. I’ll try to download it now, most likely the download will also take place through the Tor network, but I tried to search for Mozilla on Google and, alas, they asked me to prove that I’m not a robot, they offer to take this test:
Well, I have nothing to be afraid of, I’m not a robot, so I tensed up and passed the test of humanity, so to speak. NOTE: If you click on a picture in this test and it disappears, it's NORMAL, it's not a glitch! This is just a super check, they really suspect you of being a robot, probably an android! The picture disappears and then a new one appears, your task is to ensure that the pictures ultimately do not contain what you need to find in them! Because the new picture that appears may be exactly what you need to click on! Well, is it a little clear? But somehow he explained everything in a strange and confusing way...
In general, I found the Mozilla website, it loaded instantly, so instantly that I thought... Damn, is this even Tor? I opened the website 2ip.ru and checked, yes, it is Tor, look:
I have framed the most important things.
Well, in short guys, I finally got to Mozilla, I’m downloading it. By the way, have you forgotten that the browser must be running while using the Tor network? Well, I downloaded the web installer, Mozilla started downloading, I see that the download seems to be going through the Tor network, because if I had the Internet, it would probably download faster.. But I can’t say that it downloads very slowly:
That's it, Mozilla downloaded, installed and launched, and I ran to see if the VKontakte network was working in it... But alas, nothing worked. It’s not for nothing that I wanted to check Mozilla, I just didn’t tell you something. All browsers are based on Chrome, then they definitely use system settings proxies, well, those that I prescribed, but there were doubts about Mozilla, and as I see, they were there for a reason! But what to do? After all, I really don’t want to delve into the settings, but guys, there’s no way to do without this in Mozilla, alas... So, we pulled ourselves together and went to set it up, I’ve already set up so many damn things in my life that I can handle this too! Call up the system menu and select the Settings icon there:
Now in the menu on the left, select Additional:
Now the Connection parameters window will open, here you need to select the item Manual setting proxy service and opposite the SOCKS node field enter 127.0.0.1 and 9150:
That's not all! Scroll down and check Send DNS queries through a proxy when using SOCKS 5:
Now we click OK and go check... And here is the result, bravissimo:
You see, you need to configure a little, but in the end, VKontakte now works in Mozilla, just like other social networks in principle!
You will probably be wondering, what is Yandex Browser, does VKontakte work in it? I checked, everything is clear here, nothing needs to be configured (checked with turbo mode disabled):
Well, as you can see, if you don’t take Mozilla into account, then everything works in a bundle, all blocked sites can easily be opened through the Tor network, and you don’t need to use the Tor browser itself. And you don’t need to configure anything in browsers other than Mozilla. But as I already wrote, the Tor browser itself must be running
The speed pleased me, because in reality everything opened relatively quickly. There is only one minus, this is that a humanness test pops up on Google, well, it’s like a captcha, and sometimes it’s hard to pass..
To disable the use of the Tor network, you just need to uncheck the proxy box, well, there in the Properties: Internet window.
So, what else did you want to write? Oh, what, if you are an ordinary user, well, just an ordinary one, and you just have a VKontakte, Odnoklassniki account, if you don’t work on a computer, then in principle you can use Tor. The best protection against hacking is to link your account to your phone, no matter if it’s email or a social network. Although, again, I will say that I have not had any cases of my account being broken when using Tor, and in general, many people use Tor for social networks and everything seems to be okay with them!
But I warned you, do you understand? That is, I told you how to implement the use of the anonymous Tor network in any browser or in any program that supports working with SOCKS type proxies. If your accounts are very expensive and if there is important information there, maybe you have a working email, well, for work.. I don’t know what to say here, think carefully, I already wrote that I wasn’t hacked and I haven’t seen such cases on the network often, To be honest, I don’t remember anyone writing this at all.
Well, guys, that’s all, I hope that everything was clear to you, and if something is wrong, then I’m sorry! Good luck and come visit again!
22.05.2017Debriefing: Whoever undresses him sheds tears.
On February 5, the State Duma and Roskomnadzor actively took up the initiative to combat the use of anonymizers and the “onion” Tor network. Perceiving them as criminal dens where illegal transactions are carried out and prohibited information is disseminated, the government and regulatory authorities are seeking to outlaw anonymous networks and limit access to them.
We decided to remind you what Tor is and why its design does not allow it to be blocked, despite the efforts of the authorities.
What is Tor
Tor is an ecosystem of projects built on a network of computers through which information is transmitted in a manner similar to peer-to-peer networks, but in encrypted form. The name Tor comes from the abbreviation The Onion Router - an “onion router system”, so named because of the many layers of encryption that look like the scales of an onion.
Explaining how Tor works is not an easy task. This is most clearly demonstrated by a video prepared by the Massachusetts Institute of Technology.
The MIT video demonstrates how information is transferred from one computer to another (for example, from a Tor browser user to a website owner) and back, encrypted on each node of the Tor network and changing the IP address from which the request is made. Computers on a network that act as proxy servers are called relays. Due to the use of several “layers” of encryption, it is very difficult or even impossible to find out what kind of data was originally transmitted.
However, in addition to decrypting a packet of encrypted data, there are other ways to find out who made the request: for example, when using the popular SSL and TLS encryption protocols, service information remains in the request - for example, about the operating system or about the application that sent the data or is waiting to receive it. However, in Tor, this information is “cut” from the data packet, anonymizing the sender.
In addition, each time data delivery is selected random sequence from computer nodes, which number in the thousands in the Tor network - this makes it impossible to determine that several different requests are sent by the same person.
How to use Tor
To use the Tor network you need to install one of the applications, full list which are listed on the Tor Project website.
In 2006, Vidalia appeared - the first application from the Tor ecosystem that establishes a secure connection through the Tor network on a computer, which became popular due to its simple graphical interface. Then, in 2006, for many Vidalia users and was a "tor". With Vidalia, you can configure other applications to transfer data in encrypted form.
In 2007, Vidalia was built into Tor Browser Bundle - package software, which for simplicity is called the Tor browser. Now the Tor Browser Bundle is the most popular product in the entire ecosystem because it allows you to access the Internet without any additional settings: The application just needs to be downloaded and launched without any special installation.
The Tor browser is based on Firefox. Its security has been tested countless times by volunteers and enthusiastic developers—more than any other product in the Tor ecosystem.
In June 2014 it appeared operating system Tails is based on GNU/Linux, which can run from a flash drive and “mimic” Windows XP so as not to attract unnecessary attention when working from a public place. Tails has a built-in Tor browser client Email with encryption support, office software package and graphic editors.
Criticisms and disadvantages of Tor
The problem with Tor is that it only provides proper security if the applications you use are properly configured to work with it. For example, Skype will not work correctly through Tor by default, and Flash is disabled in the Tor browser by default, since it can connect to remote servers independently, not through Tor, thus giving away the user’s identity.
The creators of Tor warn that even the popular .doc and .pdf document formats are dangerous to open when connecting through their network, because they can also download content (such as images) from external sources when opening them in third party programs, not configured for Tor. In addition, you cannot use torrents in Tor: firstly, they greatly overload the network, and secondly, due to the peculiarities of the BitTorrent protocol, connections are made through it directly, and not through a network of volunteer computers that anonymize the traffic.
Due to the network design, where information is transferred between many computers having different speeds connections and miscellaneous throughput communication channels, the overall speed of the Tor network has been at the dial-up level for a long time. Because of this, most sites on the darknet still have a primitive design and try not to use images too much so as not to overload the network.
In the fall of 2014, Tor was criticized for a possible security hole after the arrest of the owner of the “revived” online store Silk Road 2.0, which was accessible only through an anonymous network. Another 17 people and about 400 websites were arrested, and the confiscation of computers that served as Tor relays was also reported.
The investigation, which was carried out by Europol in cooperation with the FBI and other intelligence agencies, did not reveal exactly how the arrested persons and computers were found. The Tor network began to be criticized for its vulnerabilities and possible links to the government, which almost caused a split in its community. However, there were also those who drew attention to the mathematical approach to encryption algorithms: even if connections with the government really exist, it will not be possible to deceive science.
Who makes Tor
Despite the enormous popularity of the Tor network and its products, only about a dozen people work on their development. Initially, the creation of the Tor network in the early 90s was undertaken by the US Navy Research Laboratory, and until 2010 it was an active sponsor of the project.
At various times, various government and para-government organizations, including SRI International and DARPA, provided money for the support and development of Tor, which is why many opponents of the project got the impression that it was subordinate to the US government.
In 2006, the Tor Project received a grant from the foundation of eBay founder Pierre Omidyar, and since 2007, the development of the project has also been sponsored by Google. Ford, the non-profit Freedom of the Press Foundation, Human Rights Watch, and one of the American Internet providers, which donated money anonymously, also donated money.
Anonymous donations also came from more than 4,600 people, so in theory, a person in any of the world's governments could be a sponsor of Tor's work.
What do the State Duma and Roskomnadzor want to achieve?
On February 5, the chairman of the relevant State Duma committee, Leonid Levin, proposed to develop a bill according to which access to anonymous Tor networks would be limited. According to Levin, anonymizers (sites that hide the user’s IP address when browsing other sites or using Internet services) and means of accessing Tor should be blocked without a court order.
According to the deputy, such a law will prevent the dissemination of prohibited information, and will also counter the commercial spread of viruses and illegal access to information. In other words, Levin believes that Tor is used to organize a shadow market for the sale of exploits and other hacking services.
Later that day, Levin’s idea was supported by Roskomnadzor, citing the fact that Tor and other anonymizers allow you to bypass website blocking. According to department press secretary Vadim Ampelonsky, it is possible to solve the problem of blocking anonymizers, but he did not specify how exactly it is planned to do this.
The next day, Ampelonsky told Lenta.ru that in his understanding, the Tor ecosystem is a breeding ground for crime. A representative of the department compared the anonymous network with the Moscow district of Khitrovka, which existed in pre-revolutionary times and was cleared of thieves' dens under the Soviet Union.
There was such a district in Moscow in the last and century before last - Khitrovka. The criminal bottom, the habitat of social waste. Why did the Russian monarchy tolerate Khitrovka within walking distance from the place where the august crowned kings? It is not known for certain, but apparently, having all the ghouls in one place, it was easier to control them.
Here Tor is a global cyber hack. Created and managed by someone we know. What did the Soviet government do with Khitrovka? Read from Gilyarovsky.
Vadim Ampelonsky, press secretary of Roskomnadzor
The speeches of Levin and Ampelonsky are not the first attempts to raise public discussion around the ban on Tor and anonymizers. In June 2013, the Izvestia newspaper reported that the Public Council under the FSB was preparing recommendations on the need to ban anonymous networks. Although the Public Council under the FSB later denied the report on the development of recommendations, in August Izvestia again reported on the legislative initiative Tor blocking and anonymizers.
Then the FSB said that on the Tor network, attackers were selling weapons, drugs, and counterfeit credit cards. Director of the Safe Internet League Denis Davydov also supported the idea of blocking Tor, considering the network a place “for communication between pedophiles, perverts, drug dealers and other freaks.”
Why is there no point in trying to block TOR?
According to Irina Levova, director of strategic projects at the Internet Research Institute, Roskomnadzor will not be able to distinguish encrypted traffic going through Tor from IP telephony, banking operations or even online videos. The agency may try to block sites that distribute programs for accessing the Internet via Tor, but users can use other anonymizers that have not yet been blocked to download them.
This happened in 2013 in Iraq, when the government blocked the Tor Project website along with Facebook, Twitter, Google and YouTube over fears that they could be used to organize themselves by the extremist group Islamic State (ISIS). Then activists began launching mirror sites with installation and use instructions in Arabic, which could even increase the number of Tor users.
In 2011, owners of Internet services accessed via an encrypted connection began reporting strange activity from China. When a user from China tried to connect to such services, he sent an incomprehensible request to the server, after which his connection was terminated. Thus, in China, not only access to the Tor network was disabled, but also other foreign services operating through an encrypted channel.
Moreover, it is simply not profitable for the government and law enforcement agencies, which consider Tor a breeding ground for crime, to block access to the anonymous network. According to an Izvestia source familiar with the situation around the 2013 initiatives to block Tor, such anonymous networks are considered safe, which allows intelligence services to successfully catch criminals in them. If Tor is blocked, it will appear new network, and authorities will have to develop new methods of control and search for criminals.
