Is Tor Safe? | Assessing 5 Claims About Tor’s Security

One of the most common questions asked about Tor is whether it is safe enough to be relied upon. While this is a perfectly useful question that should be encouraged, unfortunately it often results in battle-flags being raised and the cavalry being called. On the left are the die-hard Tor supporters, who champion the technology as the liberator of humans, far and wide. On the right are the nay-sayers, the ‘Tor is a honeypot funded by the US navy’ crowd, who cite NSA exploits, correlation attacks, and the evil exit nodes sniffing your traffic and hacking your docs. The reality of the matter is somewhere in the middle.

This article will navigate through these attacks and defenses to clearly convey how safe Tor really is. It will do so by taking several claims about Tor and assessing their validity (in clear and simple terms), before summing up whether Tor is safe to use for two different use-cases (spoiler alert: use-case matters).

Claim: Tor is Funded by the US Navy

While this is true, it takes on a rather simplistic view of government, and any reasonable level of thinking shows it is of little significance. Indeed, governments are hardly ever tightly-knit, and it is not uncommon for several agencies to clash. The US Navy funds Tor because Tor is useful to its operations (its operatives overseas need a secure way to communicate that doesn’t stand out, which Tor provides), as it is to many others, such as law enforcement.

Nevertheless, the core concern here is influence: what if the Navy’s funding compelled Tor to insert a backdoor for only the Navy? The problem with this is that Tor is open source, and putting a backdoor into open source code, never mind the code of a project that is intensely scrutinized by skeptics, is a pretty piss poor idea. If the Navy wanted a honey pot to use for surveillance, it would be far better off setting up a VPN company with highly competitive prices. After all, there’s no way to verify that VPNs aren’t surveilled.

Claim: Tor Exit Nodes Are Evil and Watch Your Traffic

This is a bit of a trickier claim because there’s no way to verify it. As well, we must distinguish between privacy and anonymity: evil exit nodes sniffing internet traffic do not necessarily compromise your anonymity unless you’re sending private, identifiable information. In other words, if they just see a Reddit page loading, they have no way to know who is loading it unless it is accompanied by some piece of identifying information.

Nevertheless, some exit nodes have certainly been caught sniffing traffic, but the vast majority have not, many of which are run by privacy-friendly organizations like Mozilla. As well, the use of SSL/TLS makes it significantly harder to sniff people’s traffic, and attempting to break SSL/TLS radically increases the chance that the malicious exit node will be detected. Finally, traffic to and from hidden services never passes through an exit node, and so the argument simply doesn’t apply here.

Long story short, if you use SSL/TLS wherever you can, and don’t send identifying information without it, the chances of an exit node betraying you are very low.

Claim: Tor is Susceptible to Correlation Attacks

True. Tor is susceptible to correlation attacks. If a single entity controls both the entry (guard) relay, and the exit relay, then they use statistics to potentially identify you. Note that they can’t decrypt the communications; your traffic is still private, but they’ll know your IP address and the IP address of whoever you’re talking to.

This is a very hard problem to solve, but given the number of Tor relays it is unlikely that your traffic would go through both the necessary guard and exit relay. Moreover, these attacks all have false positive rates, meaning that out of one hundred thousand users, they might be able to narrow it down to you and 5,999 others (6%). For all intents and purposes this isn’t very useful, and therefore attacks against Tor typically aim for hacking the Tor Browser itself.

Claim: The Tor Browser Has Been and Can Be Hacked

Yes, it has been, and it can be. Luckily, attacks against the Tor Browser itself can be largely prevented by simply turning the browser’s security slider to high. A major reason for this is that most attacks rely on the use of Javascript to get past the Tor Browser’s defenses, so disabling it outright by turning up the security slider is an easy and effective solution to this problem. Of course, doing this will break a few websites, but that’s a minor cost given the added security.

Claim: You Can Still Be Tracking While Using Tor

Absolutely true, but also incredibly easy to fix. Most tracking mechanisms rely on something called browser fingerprinting. Fortunately, once again you can simply set the Tor Browser’s security slider to high to virtually eliminate this problem (max security will disable Javascript, the necessary building block of browser fingerprinting).

So is Tor Safe Enough?