Tor Browser for Windows - Online anonymity and censorship circumvention

Posted10 August 2016

Table of Contents

...Loading Table of Contents...

    Tor Browser keeps your online activities private. It disguises your identity and protects your web traffic from many forms of internet surveillance. Tor can also be used to bypass internet filters.

    Required reading

    What you will get from this guide

    • The ability to conceal your digital identity from the websites that you visit
    • The ability to conceal the websites you visit from Internet Service Providers and surveillance programmes
    • The ability to bypass internet censorship and filtering rules
    • Protection from insecure and potentially malicious websites through the HTTPS Everywhere and NoScript add-ons

    1. Introduction to Tor Browser

    Tor Browser is an up-to-date, privacy-optimised version of Mozilla Firefox. It is free and open source software that enables online anonymity and censorship circumvention. Unlike other browsers, Tor Browser:

    • provides online anonymity by hiding users' IP address
    • circumvents online censorship by enabling users to access blocked websites and/or webpages
    • does not include default online tracking features
    • does not make money out of users' data
    • is supported and recommended by some of the world's most renowned security experts

    1.0. Things you should know about Tor Browser before you start

    The Tor Browser operates on the Tor network, which runs on Free and Open Source Software (FLOSS) and which is designed to enable online anonymity and censorship circumvention.

    The Tor network consists of thousands of servers run by volunteers all over the world. Every time the Tor Browser makes a new connection, it selects three of these Tor relays and connects to the Internet through them. It encrypts each leg of this journey in such a way that the relays themselves do not know the full path through which it sends and receives data.

    When you use the Tor Browser, your internet traffic will appear to come from a different IP address, often in a different country. As a result, the Tor Browser hides your IP address from the websites you access while also hiding the websites you access from third parties who might try to monitor your traffic. It also ensures that no single Tor relay can figure out both your location on the Internet and the websites you visit (though some of them will know one or the other).

    Tor also takes steps to encrypt communications into and throughout its network. However, this protection does not extend all the way to websites that are accessible through unencrypted channels (that is, websites that do not support HTTPS).

    Because the Tor Browser hides the connection between you and the websites you visit, it allows you to browse the Web anonymously and avoid online tracking. It it also useful for circumventing online filters so that you can access content from (or publish content to) websites that would otherwise be restricted.

    The following steps illustrate how the Tor network works when Alice's computer uses Tor Browser to communicate with Bob's server:

    Step 1. Alice's Tor Browser obtains a list of Tor nodes or relays [1] from the Tor directory server (Dave).

    Step 2. Alice's Tor Browser picks a random path through Tor network to the destination server (Bob). All connections inside Tor network are encrypted (green [3]). In this example, the last connection is not-encrypted (red [2]). The last connection would be encrypted if Alice were visiting an https website.

    Step 3. If at the later time, Alice visits another server (Jane), Alice's Tor Browser selects a different random path.

    Note: There is a trade-off between anonymity and speed. Tor provides anonymity by bouncing your traffic through volunteer servers in various parts of the world. It will almost always be slower than a direct connection to the Internet.

    1.1. Other tools like Tor Browser

    Microsoft Windows, Mac OS, GNU/Linux, Android and iOS compatible programs:

    The Tor Browser is available for the GNU Linux, Mac OS, Microsoft Windows and Android operating systems. Tor is the most rigorously tested tool for keeping your online activities anonymous. Below are a few other tools that are suitable for circumventing online censorship and protecting the confidentiality of your local traffic. Unlike Tor, these tools require that you trust the service provider:

    • RiseupVPN is a free Virtual Private Network (VPN) proxy server for Linux, MAC, Android and Microsoft Windows.
    • Psiphon is a free commercial Virtual Private Network (VPN) solution for Microsoft Windows and Android.
    • Lantern is a free and open source circumvention tool for Linux, Mac OS X and Windows.

    2. Download and install Tor Browser

    Note: If you are in a location where access to the Tor Project website is blocked, you can use email to request a download link that is more likely to work. Send an email to gettor@torproject.org with the version you need (windows, osx or linux) in the body of the message. You will receive a response that includes a link to a Tor Browser archive via Dropbox, Google Docs or Github. Further details about this feature are available on the Tor Project website.

    2.1. Download Tor Browser

    Start off by making sure you are on the Tor Browser download site. (The “https” indicates that the connection between your browser and the website is encrypted, which makes it harder for an attacker to modify the file that you are about to download.)

    Figure 1: Tor Browser page

    Step 1. Click [Download Tor Browser] to get directed to the bottom part of the page, which includes links for downloading Tor Browser.

    Figure 2: Tor Browser download links

    Step 2. Click the appropriate download link and save the package somewhere convenient (in your Desktop or Documents folder, for example, or on a USB storage device).

    Step 3. Click [Save File] through the following window to start downloading Tor Browser:

    Figure 3: Saving the Tor Browser file

    2.2. Install Tor Browser

    You do not have to install the Tor Browser as you would most software. If you prefer, you can extract it to a USB storage device, for example, and run it from there.

    To install the Tor Browser, follow the steps below:

    Step 1. Navigate to the folder in which you saved the Tor Browser package. In this example, we assume you saved the file in your Downloads folder.

    Figure 1: The Downloads folder containing the Tor Browser file

    Step 2. Right-click on the Tor Browser file and then click [Open].

    Figure 2: Opening the Tor Browser file

    Step 3. Select the language you would like to use Tor Browser in and click [OK].

    Figure 3: Tor Browser Language Installer

    Step 4. Select the folder where you would like to install Tor Browser in. This example installs Tor Browser on the Desktop.

    Figure 4: Tor Browser Installation Location

    Step 5. Once you have chosen where you want to install Tor Browser, click [Install]. The following window should appear while Tor Browser is being installed:

    Figure 5: Installing Tor Browser

    Step 6. Click [Finish] through the following window, to complete the installation of Tor Browser:

    Figure 5: Completing the Tor Browser Setup Wizard

    By selecting [Run Tor Browser] in this window, you will proceed to running this browser.

    3. Configuring Tor Browser’s connection to the Tor Network

    The first time you launch Tor Browser, it will ask you how it should connect to the Internet:

    • Direct Access: Select this option if your access to the Internet is unrestricted and if the use of Tor is not blocked, banned, or monitored where you are located.

    • Restricted Access: Select this option if your access to the Internet is restricted or if the use of Tor is blocked, banned, or monitored where you are located.

    After you initially configure and launch Tor Browser it will continue to connect to the Tor network with no additional configuration. But you can change these settings at any time from within the Tor Browser. You may need to change them when you are travelling, or if the situation changes in your country. To do so, see Section 3.3, How to reconfigure access to the Tor network.

    3.1. How to connect to the Tor network - Direct Access

    Once you have installed Tor Browser, the Tor Browser Setup Wizard will direct you to the following window:

    Figure 1: Tor Network Settings

    If access to the internet (and to the Tor Network) is not restricted in your location, perform the following step to configure Tor Browser:

    Step 1. Click [Connect] to launch Tor Browser

    Figure 2: Connecting to the Tor Network

    After a few moments, Tor Browser will open:

    Figure 3: Tor Browser

    3.2. How to connect to the Tor network - Restricted Access

    If you want to use the Tor Browser from a location where the Tor network is blocked, you will have to use a bridge relay. Bridges are not listed in the public directory of Tor relays, so they are more difficult to block. Some bridges also support pluggable transports, which try to disguise your traffic to and from the Tor network. This helps prevent online filters from identifying and blocking bridge relays.

    The default pluggable transport, called obfs4, also makes it slightly more difficult for others to figure out that you are connecting to the Tor network. In general, though, Tor is not designed to hide the fact that you are using Tor.

    You can learn more about bridges on the Tor project website. There are two ways to use bridges. You can enable the provided bridges or you can request custom bridges.

    3.2.1. How to connect to the Tor network with provided bridges

    Once you have installed Tor Browser, the Tor Browser Setup Wizard will direct you to the following window:

    Figure 1: Tor Network Settings

    Step 1. If your connection to the Tor network is blocked or otherwise censored, Click [Configure]

    Note: If you have already configured the Tor Browser, you can activate the screen below by following the steps in Section 3.3

    Figure 2: Tor bridges configuration

    Step 2. Select Yes

    Step 3. Click [Next] to display the bridge configuration screen.

    Figure 3: The bridge configuration screen

    Step 4. Select Connect with provided bridges.

    Step 5. Click [Next] to display the local proxy configuration screen.

    The Tor Browser will now ask if you need to use a local proxy to access the Internet. The steps below assume that you do not. If you do, you can check your regular browser settings and copy over your proxy configuration. (In Firefox you can find these settings in the Options > Advanced > Network tab of Connection Settings. In other browsers you might find them under Internet Options. You can also use the Help feature within your browser for further assistance.

    Figure 4: The local proxy configuration screen

    Step 6. Select [No].

    Step 7. Click [Connect] to launch Tor Browser.

    Figure 5: Connecting to the Tor network

    After a few moments, Tor Browser will open.

    3.2.2. How to connect to the Tor network with custom bridges

    You can also connect to the Tor network through custom bridges, which are used by fewer people than the provided bridges and are therefore less likely to be blocked. If you are unable to access the Tor Project website, you can request custom bridge addresses by sending an email to bridges@torproject.org using a Riseup, Gmail or Yahoo account. Include the phrase, get bridges in the body of your message

    If you can access the Tor Project website, you can obtain custom bridge addresses by visiting https://bridges.torproject.org/options and following the steps below.

    Step 1. Click Just give me bridges!

    Figure 1: Obtaining Tor bridges

    Step 2. Fill in the captcha and press enter.

    Figure 2: Captcha

    This should display three bridge addresses:

    Figure 3: Bridge addresses

    Step 3. Once you have your custom bridge addresses, you can type them into Tor Bridge Configuration screen shown below.

    Note: If you are launching Tor Browser for the first time, you can find the Tor Bridge Configuration screen by follow the first few steps of the previous section. To find this screen if you have already setup Tor Browser, see the following section.

    Figure 4: Tor bridge configuration screen

    3.3. How to reconfigure access to the Tor Network

    At any stage, if you need to access the Tor Network a different way, for example if you have travelled to a country that blocks Tor, you can update your settings from within the browser by following the steps below:

    Step 1: Click the button to activate the Tor Browser menu

    Figure 1: The Tor Browser Configuration menu

    Step 2. Select Tor Network Settings to change how Tor Browser connects to the Internet.

    Figure 2: Tor Network Settings

    This screen allows you to enable or disable the use of Bridges and add custom Bridges, among other configuration changes.

    When you are done, click [OK] and restart the Tor Browser.

    4. Using Tor Browser to access the web safely and anonymously

    It is important to remember that Tor Browser only provides anonymity for the things you do within a Tor Browser window. Your other online activities do not use Tor just because it is running.

    Note: In keeping with a policy of privacy by design, Tor Browser is configured in such a way that it does not save your browsing history to your hard drive. Each time you quit Tor Browser, your browsing history will be deleted.

    4.1. How to check if Tor Browser is working

    Tor Browser hides your IP address from the websites you visit. If it is working properly, you should appear to be accessing websites from a location on the internet that:

    • is different from your normal IP address
    • cannot be linked to your physical location

    The simplest way to confirm this is by visiting the Tor Check website, which is located at https://check.torproject.org/.

    If you are not using Tor, it will display the following:

    Figure 1: Tor Check showing that Tor is not working properly

    If you are using Tor, it will display the following:

    Figure 2: Tor Check showing that Tor is working properly

    If you want to check your apparent IP address using a service that is not associated with the Tor Project, there are many options online. Examples that support https encryption (which makes it more difficult for someone other than the service provider to "fake" the result) include:

    If you access these websites without using Tor Browser, they should display your real IP address, which is linked to your physical location. If you access them through Tor Browser, they should display a different IP address.

    4.2. How to create a new identity

    You can create a "new identity" for your Tor Browser. When you do so, Tor Browser will randomly select a new set of Tor relays, which will make you appear to be coming from a different IP address when you visit websites.To do this, follow the steps below:

    Step 1. Click the button to activate the Tor Browser menu

    Figure 1: Creating a new identity in Tor Browser

    Step 2. Select [New Identity] from the menu.

    Tor Browser will clear your browsing history and cookies and then restart. Once the it has restarted, you can confirm that you appear to be coming from a new IP address as described in the previous section.

    4.3. How to enable the NoScript add-on

    Tor Browser comes with the NoScript add-on pre-installed. NoScript can additionally protect you from malicious websites and from leaking your real identity through the execution of scripts in your Tor Browser. However, NoScript is disabled by default in Tor Browser so this additional protection is not readily available.

    If you wish to enable the extra protections afforded by NoScript, it can be turned on by opening the NoScript menu and clicking Forbid Scripts Globally and then configuring the various options it provides.

    To enable NoScript in the Tor Browser, follow the steps below:

    Step 1. Click the NoScript button to the left of the button

    Figure 1: Enabling the NoScript add-on

    Step 2. Select [Forbid Scripts Globally (advised)].

    Initially, this will appear to "break" many of the websites you visit. If a website fails to load properly, you can add it to your NoScript whitelist by clicking the button shown in Figure 1, above, and selecting Temporarily allow all this page. You can learn more about NoScript in the Firefox Tool Guide.

    4.4. How to keep the Tor Browser up to date

    When updates for Tor Browser are available, you will be presented with a notice that your browser is out of date. To check for Tor Browser updates, perform the following:

    Step 1. Click the button to activate the Tor Browser menu

    Figure 1: Tor Browser settings

    Step 2. Click [Check for Tor Browser Update...]

    Figure 2: Checking for updates

    This will inform you if there is a newer version of Tor Browser you should update to.

    Figure 3: Software updates

    FAQ

    Q: Why should I use Tor Browser?

    A: Tor Browser is a useful tool if you need to circumvent Internet censorship in order to access certain websites. It's also useful if you don't want your Internet Service Provider (ISP) to know what websites you're visiting, or if you don't want those websites to know your location on the Internet.

    Q: When I run Tor Browser, do all of my other programs communicate anonymously through the Tor network?

    A: No, it is important to remember that, by default, Tor Browser only sends its own traffic through Tor network. Your other programs communicate directly with service providers on the Internet. You can verify that you are communicating over the Tor network by loading the Tor Check page at https://check.torproject.org. Tor also assumes that you will exercise of caution, common sense and good judgement when browsing new or unfamiliar websites.

    Q: Is my Tor Browser traffic encrypted?

    A: Tor will encrypt all of your communication within the Tor network. Keep in mind, however, that Tor cannot encrypt your traffic after it leaves the Tor network. To protect the data you send and receive between your Tor exit node and the website with which you are communicating, you are still relying on HTTPS.