Tor Browser for Linux - Online anonymity and circumvention
The Tor Browser keeps your online activities private. It disguises your identity and protects your Web traffic from many forms of Internet surveillance. Tor can also be used to bypass Internet filters.
Tor Browser is an up-to-date, privacy-optimised version of Mozilla Firefox. It is free and open source sfotware that enables online anonymity and censorship circumvention. Unlike other browsers, Tor Browser:
provides online anonymity by hiding users' IP address
circumvents online censorship by enabling users to access blocked websites and/or webpages
1.0 Things you should know about the Tor Browser before you start
The Tor Browser operates on the Tor network, which runs on Free and Open Source Software (FLOSS) and which is designed to enable online anonymity and censorship circumvention.
The Tor network consists of thousands of servers run by volunteers all over the world. Every time the Tor Browser makes a new connection, it selects three of these Tor relays and connects to the Internet through them. It encrypts each leg of this journey in such a way that the relays themselves do not know the full path through which it sends and receives data.
When you use the Tor Browser, your internet traffic will appear to come from a different IP address, often in a different country. As a result, the Tor Browser hides your IP address from the websites you access while also hiding the websites you access from third parties who might try to monitor your traffic. It also ensures that no single Tor relay can figure out both your location on the Internet and the websites you visit (though some of them will know one or the other).
Tor also takes steps to encrypt communications into and throughout its network. However, this protection does not extend all the way to websites that are accessible through unencrypted channels (that is, websites that do not support HTTPS).
Because the Tor Browser hides the connection between you and the websites you visit, it allows you to browse the Web anonymously and avoid online tracking. It it also useful for circumventing online filters so that you can access content from (or publish content to) websites that would otherwise be restricted.
The following steps illustrate how the Tor network works when Alice's computer uses Tor Browser to communicate with Bob's server:
Step 1. Alice's Tor Browser obtains a list of Tor nodes or relays  from the Tor directory server (Dave).
Step 2. Alice's Tor Browser picks a random path through Tor network to the destination server (Bob). All connections inside Tor network are encrypted (green ). In this example, the last connection is not-encrypted (red ). The last connection would be encrypted if Alice were visiting an https website.
Step 3. If at the later time, Alice visits another server (Jane), Alice's Tor Browser selects a different random path.
Note: There is a trade-off between anonymity and speed. Tor provides anonymity by bouncing your traffic through volunteer servers in various parts of the world. It will almost always be slower than a direct connection to the Internet.
Microsoft Windows, Mac OS, GNU/Linux, Android and iOS compatible programs:
The Tor Browser is available for the GNU Linux, Mac OS, Microsoft Windows and Android operating systems. Tor is the most rigorously tested tool for keeping your online activities anonymous. Below are a few other tools that are suitable for circumventing online censorship and protecting the confidentiality of your local traffic. Unlike Tor, these tools require that you trust the service provider:
RiseupVPN is a free Virtual Private Network (VPN) proxy server for Linux, MAC, Android and Microsoft Windows.
Psiphon is a free commercial Virtual Private Network (VPN) solution for Microsoft Windows and Android.
Lantern is a free and open source circumvention tool for Linux, Mac OS X and Windows.
Note: If you are in a location where access to the Tor Project website is blocked, you can use email to request a download link that is more likely to work. Send an email to firstname.lastname@example.org with the version you need (windows, osx or linux) in the body of the message. You will receive a response that includes a link to a Tor Browser archive via Dropbox, Google Docs or Github. Further details about this feature are available on the Tor Project website.
Before you download a Tor Browser package for Linux, you must determine whether you are running a 32-bit or 64-bit system. Before you extract it, you should verify that it is authentic.
Step 2. Execute the following command in Terminal:
If you are running a 32-bit system, Terminal will display i686 or i386. If you're running a 64-bit system, it will display x86_64.
Now that you know whether you are running a 32-bit or 64-bit system, you can download the appropriate Tor Browser package.
Step 3. Make sure you are on the https://www.torproject.org download site. (The “https” indicates that the connection between your browser and the website is encrypted, which makes it harder for an attacker to modify the file that you are about to download.)
Figure 1: The Tor Browser download links for Linux
Step 4. Click the appropriate download link and save the package somewhere convenient (in your Desktop or Documents folder, for example, or on a USB storage device).
Step 5. Right-click the (sig) link, just beneath the download link you clicked in the step above, and save the resulting file to the same directory
You will need the .asc file from Step 5, above, in order to verify the authenticity of the Tor Browser package you downloaded in Step 4. That process is described in the following section.
GnuPG comes pre-installed on many Linux systems, so you might be able to carry out a basic verification of the Tor Browser's Open PGP signature without installing additional software. To do this, perform the following steps:
Step 1. Import the Tor Project's signing key (0x4E2C6E8793298290) by launching Terminal and executing the following command:
In response, Terminal should display the following:
Figure 3: Signature verification
The above verifies that the private key corresponding to the public key you imported in Step 1 was used to generate the signature file that you downloaded in Step 5 of the previous section (and that this signature file applies to the Tor Browser package that you downloaded in Step 4 of the previous section).
Important: As you can see, GPG displays a warning about the key used for this signature. This is because you have not actually verified the Tor Project's signing key. The best way to do this is to meet the Tor Project developers in person and ask them for the fingerprint of their signing key. For the purposes of this guide, we are relying on the fact that a well-known Tor Project GPG key (0x4E2C6E8793298290) was used to create a signature file that confirms the authenticity of the Tor Browser package that you downloaded.
Step 1. Navigate to the tor-browser_en-US folder that was created when you extracted the Tor Browser package
Figure 1: The Tor Browser application folder
Step 2. Double-click the Tor Browser Setup file to launch the Tor Browser for the first time
Figure 2: Inside the Tor Browser application folder before first launch
After you launch the Tor Browser for the first time, the name of this file will change to Tor Browser. From now on, you can launch it by double-clicking this file.
Figure 3: Inside the Tor Browser application folder after first launch
The first time you launch the Tor Browser, it will ask you how it should connect to the Internet:
Direct Access: Select this option if your access to the Internet is unrestricted and if the use of Tor is not blocked, banned or monitored where you are located.
Restricted Access: Select this option if your access to the Internet is restricted or if the use of Tor is blocked, banned or monitored where you are located.
After you configure the Tor Browser on the first launch, it will remember your selection and will not ask you to configure it again. You can change the configuration any time, from within the Tor Browser. This might be necessary if you are travelling or if the situation changes in your country. To do so, see Section 4.3, below.
4.2. How to connect to the Tor network - Restricted Access
If you want to use the Tor Browser from a location where the Tor network is blocked, you will have to use a bridge relay. Bridges are not listed in the public directory of Tor relays, so they are more difficult to block. Some bridges also support pluggable transports, which try to disguise your traffic to and from the Tor network. This helps prevent online filters from identifying and blocking bridge relays.
The default pluggable transport, called obfs4, also makes it slightly more difficult for others to figure out that you are connecting to the Tor network. In general, though, Tor is not designed to hide the fact that you are using Tor.
You can learn more about bridges on the Tor project website. There are two ways to use bridges. You can enable the provided bridges or you can request custom bridges.
4.2.1. How to connect to the Tor network with provided bridges
You can use provided bridges to connect to the Tor network by performing the following steps:
Step 1. Double-click the Tor Browser Setup file. This will display the Tor Browser configuration screen.
Figure 1: The Tor Browser configuration screen
Step 2. If you have restricted access, click[Configure].
Note: If you have already configured the Tor Browser, you can activate the screen below by following the steps in Section 4.3
Figure 2: The Tor Browser configuration screen
Step 3. SelectYes
Step 4. Click[Next] to display the bridge configuration screen
Figure 3: The bridge configuration screen
Step 5. SelectConnect with provided bridges
Step 6. Click[Next] to display the local proxy configuration screen
The Tor Browser will now ask if you need to use a local proxy to access the Internet. The steps below assume that you do not. If you do, you can check your regular browser settings and copy over your proxy configuration. (In Firefox you can find these settings in the Options > Advanced > Network tab of Connection Settings. In other browsers you might find them under Internet Options. You can also use the Help feature within your browser for further assistance.
4.2.2. How to connect to the Tor network with custom bridges
You can also connect to the Tor network through custom bridges, which are used by fewer people than the provided bridges and are therefore less likely to be blocked. If you are unable to access the Tor Project website, you can request custom bridge addresses by sending an email to email@example.com using a Riseup, Gmail or Yahoo account. Include the phrase, get bridges in the body of your message
If you can access the Tor Project website, you can obtain custom bridge addresses by visiting https://bridges.torproject.org/options and following the steps below.
Step 1. ClickJust give me bridges!
Figure 1: Obtaining Tor bridge addresses
Step 2. Fill in the captcha and press enter.
Figure 2: Filling out a captcha
This should display three bridge addresses.
Figure 3: Tor Bridge addresses
Step 3. Once you have your custom bridge addresses, you can type them into Tor Bridge Configuration screen shown below.
Note: If you are launching Tor Browser for the first time, you can find the Tor Bridge Configuration screen by follow the first few steps of the previous section. To find this screen if you have already setup Tor Browser, see the following section.
Figure 4: Entering custom bridge addresses into the bridge configuration screen
At any stage, if you need to access the Tor Network a different way, for example if you have travelled to a country that blocks Tor, you can update your settings from within the browser by following the steps below:
Step 1:Click the button to activate the Tor Browser menu
Figure 1: The Tor Browser configuration menu
Step 2.SelectTor Network Settings to change how the Tor Browser connects to the Internet.
Figure 2: Tor network settings
This screen allows you to enable or disable the use of Bridges and add custom Bridges, among other configuration changes.
Step 3. When you are done, click[OK] and restart the Tor Browser.
5. Access the web anonymously using the Tor Browser
It is important to remember that Tor Browser only provides anonymity for the things you do within a Tor Browser window. Your other online activities do not use Tor just because it is running.
Note: In keeping with a policy of privacy by design, Tor Browser is configured in such a way that it does not save your browsing history to your hard drive. Each time you quit Tor Browser, your browsing history will be deleted.
If you are not using Tor, it will display the following:
Figure 1: Tor Check showing that Tor is not working properly
If you are using Tor, it will display the following:
Figure 2: Tor Check showing that Tor is working properly
If you want to check your apparent IP address using a service that is not associated with the Tor Project, there are many options online. Examples that support https encryption (which makes it more difficult for someone other than the service provider "fake" the result) include:
If you access these websites without using the Tor Browser, they should display your real IP address, which is linked to your physical location. If you access them through the Tor Browser, they should display a different IP address.
You can create a "new identity" for your Tor Browser. When you do, the Tor Browser will randomly select a new set of Tor relays, which will make you appear to be coming from a different IP address when you visit websites.To do this, follow the steps below:
Step 1. Click the button to activate the Tor Browser menu
Figure 1: Creating a new identity in the Tor Browser
Step 2. SelectNew Identity from the menu.
The Tor Browser will clear your browsing history and cookies then restart. Once the it has restarted, you can confirm that you appear to be coming from a new IP address as described in the previous section.
Tor Browser comes with the NoScript add-on pre-installed. NoScript can additionally protect you from malicious websites and from leaking your real identity through execution of scripts in your Tor Browser, however NoScript is disabled by default in Tor Browser so this additional protection is not readily available.
If you wish to enable the extra protections afforded by NoScript, it can be turned on by opening the NoScript menu and clicking Forbid Scripts Globally and then configuring the various options it provides.
To enable NoScript in the Tor Browser, follow the steps below:
Step 1. Click the NoScript button to the left of the button
Figure 1: Enabling the NoScript add-on
Step 2. SelectForbid Scripts Globally (advised)
Initially, this will appear to "break" many of the websites you visit. If a website fails to load properly, you can add it to your NoScript whitelist by clicking the button shown in Figure 1, above, and selecting Temporarily allow all this page. You can learn more about NoScript in the Firefox Tool Guide.
When updates for the Tor Browser are available, you will be presented with a notice that your browser is out of date.
Figure 1: The Tor Browser's "out of date" warning
As shown in Figure 1, you can update your version of Tor Browser by following the steps below:
Step 1. Click the button to activate the Torbrowser menu
Figure 2: Downloading a Tor Browser update
Step 2. SelectDownload Tor Browser Update
This will take you to the Tor Project website, where you can get the latest release. Once you have downloaded the new Tor Browser package, you can follow the instructions in this guide to re-install it.
Q: Why should I use the Tor Browser?
A: The Tor Browser is a useful tool if you need to circumvent Internet censorship in order to access certain websites. It's also useful if you don't want your Internet Service Provider (ISP) to know what websites you're visiting, or if you don't want those websites to know your location on the Internet.
Q: When I run the Tor Browser, do all of my other programs communicate anonymously through the Tor network?
A: No, it is important to remember that, by default, the Tor Browser only sends its own traffic through Tor network. Your other programs communicate directly with service providers on the Internet. You can verify that you are communicating over the Tor network by loading the Tor Check page at https://check.torproject.org. Tor also assumes that you will exercise of caution, common sense and good judgement when browsing new or unfamiliar websites.
Q: Is my Tor Browser traffic encrypted?
A: Tor will encrypt all of your communication within the Tor network. Keep in mind, however, that Tor cannot encrypt your traffic after it leaves the Tor network. To protect the data you send and receive between your Tor exit node and the website with which you are communicating, you are still relying on HTTPS.