Simplified Privacy

Tor 101: How’s this Work?

Tor is the most famous anonymous mixnet but there are others.  Originally created by the US Navy, Tor is ironically often used in attempts to deceive governments.  However, this is not its only purpose, as there are plenty of legitimate and legal reasons for wanting to be anonymous.

While Tor was originally created by the US government, its open source nature means that it’s not maliciously tracking you — at least on a backdoor code level.  However, as we will go over in this article series, there are still some ways that governments or other evil actors can spy on you through Tor. You would get a lot out of subscribing for free to our new content by email, by Session messenger, via RSS feed, uncensored Ethereum push notifications, or on Nostr.

How it Works

Tor works by mixing your traffic with other Tor users like those childhood 3-shell games where you have to find the pea.  The traffic itself is “onion encrypted,” meaning there are multiple layers of encryption like the skin of an onion.  As the data packets bounce around multiple different Tor users, each of the multiple layers of encryption are peeled away so that each participant can only see the next hop but not the final destination.


When you connect to the Tor network, you first connect to an Entry Guard.  The Guard communicates between you and the network, but it doesn’t go to the desired website itself.  Instead, it communicates with the next relay. 

Middle Hop

The relay can be thought of as a middle man that takes the data packet from the Guard and sends it to the next destination, which is the exit node.

Exit to Website

The exit node is the third and last stop in the Tor Network.  Here the traffic exits the Tor network and is visible on the regular internet (aka the clearweb).  The exit node’s IP address is what shows up as your IP address on the website you’re visiting.  The same concepts that apply to a VPN’s IP address apply to Tor exit nodes. 

The exit node can see the website(s) you visit and which relay the packet came from, but not from where it originated.  The relay packet can see what Entry Guard the packet came from, but not who gave it to the Guard or what the website traffic is.  The Entry Guard knows the traffic is coming from you, but doesn’t know what the contents of the traffic are or anything beyond the relay.

Tor Changes Your Connections

To recap, Tor has the following 3 stops:

1) Entry Guard

2) Relay

3) Exit Node

But which computers on the network are fulfilling these roles for you changes every 10 minutes.  By constantly changing the line of connections in your web traffic, Tor inhibits the ability of an adversary to match the traffic amounts and to identify you over time.

Potential Security Threats

Despite the great lengths the Tor team has taken to make the project anonymous and secure, there is still the possibility of being discovered.  The most common way that this could happen is through compromised participants. 

An adversary, such as an oppressive government, could run an entry guard, relay, or exit node.  If its runs enough of these participants, it could potentially, by random luck, control enough pieces of the chain to connect the exit node’s traffic to you.

Tor Browser

Tor is a program to connect to this mixnet and bounce your traffic around.  Tor Browser is a browser that automatically routes everything through Tor.  Tor Browser is the most popular way to access Tor, but it is not the only way.

Tor could be accessed through an operating system, such as Whonix or Tails, as well as by simply running the Tor program through a Linux command line to provide anonymity to terminal commands.

Onion Services

When you go to a regular .com website, it follows this path:

1) You first enter Tor

2) Then it gets mixed within Tor

3) You exit Tor to the website

But if you go to a .Onion domain, then the traffic never exits Tor.  This makes it much more difficult for an adversary to figure out from where the traffic came, since compromised exit nodes are the only ones who actually see traffic.  By keeping your traffic soley inside Tor, Onion domains add additional privacy.

To go to a .onion domain, you need to be using Tor Browser or a browser that supports Tor.

VPN + Tor?

In our next article in this series, we will discuss if you should use a VPN with Tor. You would get a lot out of subscribing for free to our new content by email, by Session messenger, via RSS feed, uncensored Ethereum push notifications, or on Nostr.

Related Articles

Why is Telegram horrible

–No MetaData Protection(Who and When) –Only Mobile is Encrypted(Phones have insecure hardware) [1] –Invented their own encryption algorithmUnaudited with a history of security vulnerabilities [2]

Read More »

Leaked Lies at Google

Google accidentally leaked their search API on Github, giving everyone insight into that they: –Lied that they track users clicks as a factor for search

Read More »