How TOR Works
Вставка
- Опубліковано 23 кві 2020
- In this video I give you some brief insight into how TOR actually works.
Subscribe to my UA-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. ₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB - Наука та технологія
At first glance I thought this was “How The Onion Works”
please make this a future video.
7:00 "If there was ever a situation where a group of bad actors controlled all three nodes in a Tor communication" KAX17 has entered the chat
The real question is how do get such clear audio?
Yes, please explain!
thats the power of gentoo
install gentoo
Good mic
With the power of noise reduction with funny yeti snowball microphone.
Always wondered this
UA-cam automatically unsubed from your channel bro. Keep up w the good work!
This deserves way more views.
Great explaination, you know your stuff.
One question: how do you prevent being exposed, while negotiating/ creating the keys with the relay nodes?
@Dio Brando thanks 👍
@@tubbalcain what was he’s response ?
@@Bruh-hd4rj This is like going on a tech forum and someone DMed the explanation...
Watching this video on TOR feels like trying to explain a magic trick to a magician!
Tor was the most useful tool that I could browse Japanese porn website safely, which banned the IP address of where I'm living.
Degenerate.
@@folksurvival cultured
@@horushours9443 t. coomer
@@twl148 t. based
link?
Live your work!
thank you for the easy to understand presentation
@7:00
"...if there were ever a situation where a group of bad actors controlled all three nodes..."
I thought that Tor nodes are designed to detect when their counterparts have been compromised, and such compromised nodes are flagged to be taken out of the available pool of nodes?
When the Tor browser starts, and chooses an entry guard, does your Tor browser perform some type of check to ensure that the connection to the guard has not been comprimised?
Does the Tor browser or other Tor nodes check for modified code on other nodes before trusting the other node?
Even if one person controlled all three of the nodes you happen to be using, everything is encrypted.
And each node is getting data from multiple sources. So how would they see what you are doing?
> I thought that Tor nodes are designed to detect when their counterparts have been compromised,
Not to my knowledge
> and such compromised nodes are flagged to be taken out of the available pool of nodes?
There are other things done to check for bad nodes, and yes they are removed. blog.torproject.org/how-report-bad-relays
> does your Tor browser perform some type of check to ensure that the connection to the guard has not been comprimised?
I'm not sure what could be done. If the node has been compromised, there isn't anything to do, but hope that it get's caught. If someone can break the encryption, well, you got bigger problems.
> Does the Tor browser or other Tor nodes check for modified code on other nodes before trusting the other node?
That is also a rather hard thing to do. How should it be done? You can't exactly ask "hey are you good", and if the source code functions perfectly as any other, you can't use that either. You would also loose any other implementation of tor, probably none right now, but you never know, maybe there is a good rust implementation coming along in the future.
> Even if one person controlled all three of the nodes you happen to be using, everything is encrypted.
Yes, but you would know that (this is not a real world example) at 00:00:01 entry node X got Y bytes from Z and at 00:00:02 exit node A got B bytes that was sent to C. And probably more information that could be used to link it up.
Nice
idk exactly much about this, but what about server side javascript? Would that be safe?
This video is not as popular as the other ones you have... does UA-cam censor Tor related content?
How does the middle relay and exit relay get their keys?
Commenting for the algorithm.
Okay so there is an attack based on packet size BUT couldn’t that be defended by padding with a random amount of redundant data?
And then sending some packets that are just self terminating at one of the proxies?
It would be better to have a set of standard packet sizes that incrementally increase in size. 1kb 10kb 1mb 10mb etc. All traffic would have to pad the packets to match one of the sizes whatever is closest to make it more difficult to track.
Adding random data doesn't make it any safer since it is still a distinct size from other traffic. It's all about anonymization.
@@ImperiumLibertas this is a good idea.
Use full disk encryption on your computer's operating system (OS) just to be extremely safe, if you happen to use Tor.
I have not gotten the process of stripping some machines down and installing a Linux based system. Microsoft owns a lot of my stuff. Google has lots and lots of my stuff on their servers. Apple too! I know all three of these system pretty well. Ever since the nineties anyway. TOR has limitations. It even denied that certain websites I visit existed. How do you live your life on the internet? What machines and Operating Systems and Browsers do you use frequently? Thank you!
OS: Any FOSS OS is fine. I don't know much about non-Linux OSs, but the best Linux distro about this I know that doesn't use TOR for everything is Qubes OS. However, it's quite a pain to install and isn't available for many hardware.
Browser: If you don't want TOR I personally think the best is Ungoogled Chromium. If you prefer Firefox, you can use it with the tips Mental Outlaw has in its channel, but Mozilla has had some “mistakes” in the past and it isn't the best out of the box. There're also privacy forks of Firefox, but I don't know them very well. Many people now talk about Brave, but it's a very new browser and it already has had a privacy related polemic. And Brave doesn't block cookies by default, tough they always say that they follow the philosophy of “Everything already configured around privacy, so you don't have to worry”.
@@Jorge-xf9gs Thank you Jorge. As you might know, TOR was just discovered to have security issues by CISA of the U.S. I have had Brave at several points of seeking privacy. It is a pesty browser in that he tries to get people to engage and participate in giving companies rewards for being respectful to the online community. Just too much work. The results are not the best either. DDG comes up with terrible results. Webcrawler offers some good results sometimes. I had Authentic8, a protecting gateway of a sort. There is an annual feel. Not a problem with a feel. It just a bit more work than TOR. So I had Ubuntu preloaded on a machine I bought from a pawn shop. There were password issues because I did not know all the pre-setup information. I am tempted to try Linux Mint just to get familiar with the tools in Linux based equipment. My bigger problem is that all the guys that have been using Linux for years leaves my head spinning when I try to follow directions. Are you aware of anyone that has the ability to slow it down and make the installation very simple to understand? Thanks, if you have time Jorge!
@@ArtOfHealth I don't know the perfect one, but I think the Chris Titus Tech's Switching to Linux Mint from Windows UA-cam series could help.
You also want to setup Libreboot or Coreboot or your own firmware, as firmware can be backdoored. Eg. Intel ME & amd PSP.
This might be a stupid question, but is it okay to use Tor for things like yt videos (without an active account) and such things or is it just a huge waste of traffic for the servers?
You could do that, but streaming through tor is incredibly slow so it would be a pretty bad experience
@@uwuifyingransomware thank you. That is a good point.
I'd guess. Though there are always down sides, yes, Tor is not always the fastest and sometimes youtube will block you. But otherwise you should be free to use it. There is quite a bit of traffic not used, and Tor needs normal users doing normal thing to work. metrics.torproject.org/bandwidth-flags.html
How does the reply from the destination server correctly reach the client? As in, how do the relays know the route back to the client from the destination, given the exit and middle relays know nothing of the clients IP?
They're all acting like one layer proxies id assume. They don't know the clients IP, but they know the last locations IP, so it just goes in reverse id assume. All the nodes work like proxies.
@@travistarp7466 That makes sense. Thanks for the explanation.
You glowie you glow you are glowing you are a glowie
4:20. Over 9,000 connections!
👏 🙂
commenting for the alg
1k likes against 6 dislikes. Now you know ratio.
When the onion website server responds to the request sent by the client, does the response traverse via same relays or different?
this video explains clearnet servers, not onion servers. in terms of what was explained in the video, the response is bassed back using the same relays
Dude i was using it today and I didn’t know how it works, and I didn’t know they could see that, so i think im uninstalling it. If anyone else has feedback please do reply, i need to know more about how networking works on tor
But if you are smart like me you use a Extra proxy your basically invisible to the tor proxys as well
And how does that make you anymore anonymous? lol
@@kynanverwimp847 In the extremely unlikely case that all three relays are compromised (although this has never happened as far as I know)
He explains this in the video, no? This is the bridge.
VPN?
How would the tor browser send the server the user's IP using javascript? I've been trying to look it up and it seems like that isn't possible. Couldn't the tor browser just unset the relevant http headers?
I wonder what you guys are using Tor for?
Talking with your mom
At one point I had an app that TOR Project recommended I get to help confuse the tracking. Is that what you are getting at? Could they have hundreds of these relays. TOR uses DDG. I like them better than Brave, Firefox and Vivaldi. Thank you.
Very little views on this. Kinda sus if you ask me.
4:20 😏
nice
So you can hide some of the info leaked through Java script by running Tor through a virtual machine. This should then hide the true type of device you're using, the true OS you are actually using and the true peripherals you use. As of browser it should say something like: "some weird old firefox with some weird plugins called 'no script'". IP should be hidable if you use tor on a VM running on a VPS, which is getting remote controlled through your VM, which is connecting to your neighbors WiFi or so. Make sure to not use Tor in full screen so you dont leak your true resolution (or disable JS in the first place).
how would ip be able to be leaked with javascript in the 1st place? I've been looking into it and haven't found anything.
It's actually **Tor
What you’re referring to as Tor is actually GNU/Tor or as I have taken to calling it GNU+Tor
Tor not TOR. Evidence you did not read the Tor FAQ even once!
lol
I can already suspect what alot of dumbasses are using Tor for. I think they should expect a visit from you-know-whom.