Configuring the Tor network with TorK
Using TorK
The TorK user interface has four tabs. In the Anonymize tab, launch Tor by clicking on the green onion icon (Figure 1). If you use Firefox, launch the browser by clicking its icon: Firefox will now route connections via Tor. The first time you launch Firefox, it copies its settings to a new profile and reconfigures the profile to use Tor. This makes it possible to run Firefox and Tor separately; the settings and bookmarks cannot be exchanged.
If you prefer to surf the web with Konqueror, click on the icon for the KDE browser to route all future connections via Tor. By clicking the icon or closing TorK, you revert to normal use.
Also, you can launch the Pidgin instant messaging program and the Ksirc IRC client by clicking the corresponding icons. Anonymous use of the Jabber, ICQ, and MSN protocols worked in our lab, although chatting on IRC didn't always work because many IRC servers block the Tor network.
If you have installed the Mixminion anomymous mailer, you can click the mail icon to send anonymous email messages. Mixminion is very security conscious and requires you to change the permissions for both the .mixminion folder and the .mixminionrc file to avoid third parties reading them. If necessary, type chmod 700 .mixminion and chmod 600 .mixminionrc to set the permissions after the first launch.
After taking this hurdle, using Mixminion is simple: Write the email normally and send it – Mixminion automatically picks up a list of servers and sends your message.
Incognito
The Incognito [3] Live CD, which is not part of the TorK project itself, conveniently launches TorK on any computer, including a computer in an Internet café. The easiest approach to getting TorK up and running is to use the Incognito Live CD. The 350MB ISO image [3] is only available for the x86 CPU architecture right now. Hardware detection worked fine in our lab.
On booting, Incognito gives you the option of changing the MAC address (Figure 2). If possible, you should accept this offer because it adds another layer of anonymity for your hardware. Changing the MAC address could cause problems on some networks, especially if a DHCP server is used to assign IP addresses on the basis of MAC addresses.
If you can't access the Internet after starting the Live CD, boot again – without changing the MAC address this time. In our lab, a bug bit the Live CD on some systems: Although X server would launch, it would not display. In this case, press Ctrl+Alt+F7 to toggle the screen or enter chvt 7 at the prompt.
When you shut down the system, Incognito ejects the Live CD and then proceeds to overwrite the RAM content, which contains a complete image of the operating system, including the websites you accessed. Theoretically, an attacker might be able to recover this data. In fact, recent research reveals that the RAM chips could be frozen with ice spray after powering off, giving a forensics expert the ability to reconstruct the data some time later [4]. If you are not worried about this, you can just switch off your PC as soon as the Incognito CD is ejected.
File Sharing
The idea of sharing files via Tor might sound intriguing, and the Live CD does include KTorrent, but file sharing is not what Tor is about. Because of low data transfer speeds, file sharing doesn't make much sense.
Door to Tor
Normally, Tor will select nodes itself, but if you want to influence the selection, the Tor Network tab lets you do so (Figure 3). The left-hand column shows you a list of all available nodes. To filter the nodes, you can use the Servers menu in the TorK toolbar – filter options include Fast and Stable.
The Connections section of the window takes you to a list of current connections running via Tor. TorK shows you the chain of three nodes used for each connection.
The exit node, whose IP address the recipient gets to see, is marked by the flag for its country of residence. If you want the exit node to be in a specific country, you can choose Citizen Of… in the toolbar. However, Tor servers are not available in all countries.
If you prefer, you can select all three nodes, rather than just the exit node. To do so, drag and drop the nodes into the Circuits window. It typically takes a couple of seconds for Tor to establish a connection to the node, and for the node to appear in the list. Also note that the third node in your chain must be an exit node; that is, it must display the word "Exit" in its Tor icon.
By default, Tor will automatically choose a chain of available nodes for each connection. If you want to specify a chain for each connection, right-click the Connections field and select Let me Drag Connections to Circuits myself. Tor will wait until you have manually dragged and dropped three nodes to set up a working chain. By right-clicking and selecting Attach Connections to Circuits automatically, you reset this behavior.
The Tor Log tab takes you to error messages and warnings. The Traffic Log tab stores the outgoing Tor connections for the current session and, as a cross-reference, the connections that did not use Tor.
Conclusions
Although Tor encrypts the traffic between individual nodes, the connection from the exit node to the target is unencrypted. An observer at the exit node can therefore read all your passwords if they cross the wire in cleartext. If possible, you should use an encrypted protocol such as SSL/TLS.
Infos
- The Tor network: http://www.torproject.org/
- TorK: http://tork.sf.net
- Incognito: http://www.anonymityanywhere.com
- "Cold Boot Attacks on Encryption Keys": http://citp.princeton.edu/memory/
- Mixminion: http://mixminion.net
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
![Learn More](https://www.linux-magazine.com/var/linux_magazin/storage/images/media/linux-magazine-eng-us/images/misc/learn-more/834592-1-eng-US/Learn-More_medium.png)
News
-
NVIDIA Released Driver for Upcoming NVIDIA 560 GPU for Linux
Not only has NVIDIA released the driver for its upcoming CPU series, it's the first release that defaults to using open-source GPU kernel modules.
-
OpenMandriva Lx 24.07 Released
If you’re into rolling release Linux distributions, OpenMandriva ROME has a new snapshot with a new kernel.
-
Kernel 6.10 Available for General Usage
Linus Torvalds has released the 6.10 kernel and it includes significant performance increases for Intel Core hybrid systems and more.
-
TUXEDO Computers Releases InfinityBook Pro 14 Gen9 Laptop
Sporting either AMD or Intel CPUs, the TUXEDO InfinityBook Pro 14 is an extremely compact, lightweight, sturdy powerhouse.
-
Google Extends Support for Linux Kernels Used for Android
Because the LTS Linux kernel releases are so important to Android, Google has decided to extend the support period beyond that offered by the kernel development team.
-
Linux Mint 22 Stable Delayed
If you're anxious about getting your hands on the stable release of Linux Mint 22, it looks as if you're going to have to wait a bit longer.
-
Nitrux 3.5.1 Available for Install
The latest version of the immutable, systemd-free distribution includes an updated kernel and NVIDIA driver.
-
Debian 12.6 Released with Plenty of Bug Fixes and Updates
The sixth update to Debian "Bookworm" is all about security mitigations and making adjustments for some "serious problems."
-
Canonical Offers 12-Year LTS for Open Source Docker Images
Canonical is expanding its LTS offering to reach beyond the DEB packages with a new distro-less Docker image.
-
Plasma Desktop 6.1 Released with Several Enhancements
If you're a fan of Plasma Desktop, you should be excited about this new point release.