SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

What is Tor?

Posted on June 10, 2020

You may have heard of Tor — perhaps you’ve seen it in films or TV shows that dramatize hacking, or mentioned in news stories about cybercrime and the “dark web”. But if you’re like many people, you probably still have lots of questions about what it is, and what it does. 

We’ll answer some common questions we’ve heard about Tor — touching on issues of functionality, safety, and privacy. Then, if you decide you’d like to explore Tor for yourself, we’ll also walk you through the installation process on macOS.

What is Tor?

Tor stands for “The Onion Router”, and can refer to either the Tor browser, or the Tor network. Tor offers a way to access the Internet safely and anonymously. The Tor browser is simply a custom build of Firefox designed to route data through the Tor network. The Tor network is a distributed, volunteer-run network of relay servers spread out around the world.

How does Tor browser work?

Tor is similar to other web browsers in that you install it on your computer and use it to access sites and services on the Internet. What makes Tor different is the way it routes data over its network. 

When you send data through the Tor browser to some destination, Tor encrypts your data packet multiple times — “wrapping” it in several layers of encryption — and sends the whole thing to one of its volunteer relay servers. This first server is the “entry node” to the Tor network. The entry node server sends the packet on to a second server. This intermediate server, in turn, sends your packet to a third and final server, the “exit node” which allows your data to leave the Tor network and reach its destination. 

Tor is designed to create an unpredictable path through the network, selecting the entry, intermediate, and exit servers at random. Each server uses just one of the layers of encryption, and only “unwraps” your data packet enough to send it on to its next destination (this type of multi-layered encryption is why it’s called an “onion” router). Because there are multiple relay points in the network, each using a separate layer of encryption, no single server can see who you really are and what you’re doing online. The entry node server may be able to see your IP address, but it won’t be able to tell much more than that — just that some IP address is using Tor. The exit node may be able to see your data if you’re using an insecure protocol like HTTP, but won’t be able to tell where it’s coming from. If you’re using an encrypted protocol (like HTTPS), the third server will only be able to see the destination address, and not the data itself.

Is Tor browser a VPN?

Tor is not a VPN. 

VPNs are typically private companies that operate their own network of secure servers around the world. By contrast, Tor’s servers are operated by volunteers. When you use a VPN, the VPN software on your computer creates an encrypted connection to one of their servers. Data is sent to the VPN server, and then on to its final destination. The way Tor works is more similar to a proxy, although since it uses multiple, encrypted relay points, and because it randomizes the path that data packets take through the network, it is far more secure than an ordinary proxy.

Can I use Tor browser with a VPN?

Tor can be used with a VPN. There are two basic approaches that you can take: VPN over Tor, or Tor over VPN.

VPN over Tor means that you first connect to the Tor network, and then to your VPN. This typically requires a bit of manual configuration, but it’s doable — especially if your VPN provider offers good technical support. When you use VPN over Tor, the Tor exit node doesn’t send data on to your actual destination — it only routes it to a VPN server.

Tor over VPN, by contrast, means that you first connect to your VPN, and then open up your Tor browser to access the Tor network. Because all data leaving your computer is being routed to the VPN server, the only IP address seen by the Tor entry node will be an IP address belonging to your VPN provider. The Tor exit node is still responsible for delivering your data, but if you’re using a secure protocol like HTTPS, that shouldn’t cause any issues. It’s worth noting that some VPN providers have even started to build Tor over VPN options into their software, making it possible to implement Tor over VPN via a single app. 

Is Tor browser legal?

Tor is completely legal in most places (though a handful of repressive regimes around the world attempt to censor it). Because of its association with the dark web, some people mistakenly assume that Tor is somehow illegal — but that would be a bit like concluding that Gmail must be illegal because some people use it to send phishing emails.

That said, cybercriminals do use Tor’s privacy protections to do bad things online without getting caught. This has not escaped the notice of law enforcement, and therefore Tor use can sometimes draw the attention of the authorities. 

Is Tor browser safe?

Tor is arguably safer than most ordinary web browsers, especially if you’re using those web browsers without additional privacy protections like a VPN. Tor blocks third-party tracking and makes it much harder for digital snoops to learn your identity, location, or the details of your system. In addition, Tor’s privacy features definitely make it the safer choice for people who work in dangerous or repressive locations.

It’s true that Tor makes it possible to visit some pretty shady corners of the digital world: Tor can be used to access “dark web” sites that aren’t reachable with other browsers. But in and of itself, this is not a security issue — and many sites on the dark web are completely legitimate, including things like blogs, discussion forums, puzzle games, and even whistleblower sites. However, there is unquestionably bad stuff on the dark web too — lots of it — including fraud and hacking forums, illegal marketplaces for buying drugs and weapons, and sites with child pornography and terrorist content. 

In short, Tor is safe, provided that you use it safely. For ordinary web browsing, it’s probably better than most browsers; and even if you use it to access the dark web, it should be fine, provided that you stay away from websites run by and for criminals. As always, when exploring unfamiliar corners of the web (dark or otherwise), make sure to use your common sense and run a reliable anti-malware solution on your system.

Is Tor browser anonymous?

Tor provides a much greater degree of anonymity than traditional web browsers, but it isn’t completely anonymous — and Tor’s developers are quite upfront about this.

For one thing, Tor can’t control what you do through its network. For example, if you decide to use Tor to log in to your Facebook account as yourself, then clearly Facebook will know that it’s you logging in and will be able to record your activity. Similarly, if you use Tor to fill in a web form with your real name and address, you’ve just used an anonymous browser to de-anonymize yourself! In addition, the kinds of torrent apps used for file-sharing are strongly discouraged by Tor’s developers, because these will often disregard your settings and give away your identity even when you’re using Tor.

Active content (things like Flash, Java, and QuickTime) can also threaten your anonymity. The Tor browser comes with most of these disabled, but some users re-enable them, thus compromising their privacy. Tor also advises against installing standard Firefox browser plugins and add-ons to the Tor browser, as these too can put your privacy at risk.

Another potential issue is that anyone can volunteer to serve as an exit node relay. Both hackers and government surveillance entities have made use of this fact in the past, setting up their own exit node servers on the Tor network for the express purpose of spying on Tor users. Depending on what you’re sending over the Tor network, and how you’re sending it, you could run into privacy and security issues caused by malicious exit nodes.

Lastly, it’s worth bearing in mind that the Tor browser is just software, and like all software, it is prone to bugs and security vulnerabilities. For this reason, if you’re going to use Tor, you should always use the most up-to-date version in order to make sure that you have the latest security patches.

Why doesn’t everyone use Tor?

The biggest reason that people don’t use Tor is that they don’t know anything about it, or that they associate it with criminal activity. After reading this article, that won’t apply to you — but there are still some reasons why people prefer not to use Tor.

Tor is a great privacy tool, but the tradeoff is that it can’t compete with the user experience offered by other (admittedly less private) browsers: a great deal of active content is disabled by default; torrenting doesn’t work well on Tor; you won’t be able to install your favorite Firefox add-ons; using Tor may mean having to deal with more CAPTCHA tests; and some websites and ISPs may actively block Tor nodes, limiting what you can do through Tor.

Another major drawback to Tor is that it’s somewhat slow. This makes perfect sense, of course; any system that requires three encrypted hops to take your network traffic to its destination is going to be slower than something that uses more direct (but less private) routing. 

Even privacy-minded users sometimes don’t see much point in using Tor, because they feel that their VPN provides enough protection without any of the disadvantages. Hardcore proponents of Tor will argue that using a VPN always requires a leap of faith, because you’re relying on the VPN provider to keep your Internet traffic private and to keep their own servers secure. They definitely have a point — and this is precisely why we don’t recommend using free or unproven VPN services. 

However, reputable VPNs that have strict “no logs” policies (meaning that they don’t retain records of your web activity on their servers) can be considered reasonably safe. They build strong security features into their software and server infrastructure; they don’t actually store any sensitive data that can be stolen by hackers or requested by the government; and they are literally in the business of privacy, which gives them zero incentive to compromise their users’ anonymity. In addition, as mentioned above, some VPNs even offer Tor over VPN now, meaning that their users can get the extra protection afforded by Tor if they need it.

How do I install Tor browser?

Tor browser is not available in the Mac App Store, but can be installed like any other third-party macOS app.

On macOS, you start by downloading the .dmg file from the Tor Project website. You may be asked if you want to allow downloads from the Tor website; you’ll need to allow downloads from their site in order to proceed.

Once the file is completely downloaded, go to the file location (for most people, this will be the Downloads folder) and double-click on the file. You will be prompted to drag the file to your Applications folder in order to complete the installation. 

Find Tor browser in your Applications folder and launch it as you would normally launch any app. You may have to confirm that you want to open a third-party application from the Internet; just accept this in order to continue.

It may take a few minutes for the Tor browser to make the initial connection to the network, but the next time you launch the browser it should be much faster.

Once your Tor browser is active, you will be taken to a welcome screen where you can learn more about the browser or simply begin using it. 

If you want to, you can make sure that Tor is working by checking your IP address via the Tor Project website or another IP detection service. In the screenshot below, you can see that the test site registers our IP address as located in France — even though we were definitely not in France at the time (quelle dommage!).

Bear in mind that even though your Tor connection is anonymized, nothing else on your computer is. Other apps and web browsers will still connect to the Internet using your actual IP address (unless you’re using a VPN in addition to Tor).

We hope this article answers some of the questions that you may have had about Tor — and about digital privacy generally. If you have additional questions related to this topic, especially as it pertains to macOS security and privacy, please feel free to write to us and ask.

Join our mailing list for the latest security news and deals