The issue of anonymity on the Internet has always been acute for users of a personal computer. To protect sensitive data as much as possible, people installed Linux operating systems on their PCs or used hobbyist builds of Windows that removed the traceability feature.

With the proliferation of Android smartphones, more and more people are visiting their favorite sites using their mobile devices. Unfortunately, in terms of privacy, Android users are much more at risk of personal data leakage. Not only that, Google freely owns the user's personal information, phone number, place of residence, etc. Another thing is scary, since the phone transmits such information, it can always be intercepted by another application. As a result, a person's personal data can fall into the hands of intruders.

Simple ways to improve your privacy

Unfortunately, any increase in privacy comes with inconvenience. For example, if, you can not connect a Google account, but at the same time, the user is deprived of the ability to synchronize contacts from the address book, bookmarks in the browser and much more. In addition, a person can completely delete Google services.

The most reliable way to secure the device is to flash it. On any popular smartphone, you can find dozens of amateur firmwares on the Internet, in which any tracking tools have been removed. At the same time, a person must still carefully handle the device, not including once again the GPS navigator and access to geodata via an Internet connection (the location is especially accurately determined via Wi-Fi).

Installing Tor on Android

If a person does not use, the installation files will have to be downloaded from third-party resources. In the event that there is an account, the user should enter the Play Store, enter the words "Tor" and "Orfox" in the search bar. The search will display Orfox: Tor Browser and Orbot Proxy, you must install both applications.

As in the stationary version, the program is divided into a browser and a client through which the program connects to the Tor network. Only in the PC version they are combined - together with the browser, the client is also launched. In general, the applications have many similarities, like the PC version, the mobile browser is based on Mozilla Firefox.

First, launch the Orbot client, then press the "Start" button in the lower left corner and wait for a connection to the Tor network.

Unlike a regular VPN connection, Tor has several servers all over the world at once, the transmitted information between which is encrypted. For example, the data requested by the user passes in encrypted form, first through one server in Europe, after which it is sent to another server through the USA, and then a third in Asian countries. Unfortunately, the increased reliability of the connection negatively affects the connection speed. Sometimes the requested page may take more than ten seconds to load.

After connecting to the network, you can open the notification curtain and view the speed and countries through which the requested data passes.

When you swipe from left to right, an additional menu opens, in which you can select the country that will be determined (the last server from the route).

In addition, in this menu you can enable VPN mode for all applications on the phone, however, this function does not guarantee anonymity in other programs. If a person turns off the " VPN mode”And will enter the Chrome browser, its data will be an easy target for intruders.

In fact, the Tor client is configured, now you can minimize it and launch the Orfox browser. The main page contains the most frequently visited resources, the other two tabs contain bookmarks and history. The default search engine is the anonymous search engine duckduckgo. This search engine positions itself as a confidential system that does not collect data on queries, and also does not display thematic advertisements.

You can already visit various resources while remaining anonymous. If you enter in the search box " My ip”, You can see that user data is being spoofed. A different IP address, provider and country of the user are indicated.

The main purpose of the Tor browser

One way or another, the main purpose of Tor is not only in the anonymous use of publicly available resources. For the Tor network, there is a huge database of resources that can be accessed exclusively using this browser.

Sites designed for Tor consist of a set of numbers and Latin letters, and ends with an address with the onion domain. Sites on the onion domain have perhaps the maximum protection of confidential data, because, unlike other resources, the location of the site's servers is unknown to anyone except the site owner. The relevance of the Tor network is at least evidenced by the fact that the onion domain has a "mirror" of the most popular social network in the world, Facebook.

In addition, in recent years, resources are increasingly faced with the problem of blocking, as a result, almost every popular peer-to-peer network has a "mirror" in the Tor network.

Summing up, it can be noted that at the moment, Tor is one of the few tools that offer reliable confidentiality of personal data. Of course, one application is not enough, a person must use it competently. For example, never use old accounts on the Tor network created from a physical IP address, otherwise all confidentiality will not be worth a pittance.

• Translation

Tor is an anonymity tool used by people seeking privacy and fighting censorship on the Internet. Over time, Tor has become very, very good at doing its job. Therefore, the security, stability and speed of this network are critical to the people who rely on it.

But how does Tor work under the hood? In this article, we'll dive into the structure and protocols used on the network to get up close and personal with how Tor works.

A brief history of Tor

The concept of onion routing (we will explain this name later) was first proposed in 1995. First, this research was funded by the Ministry of Naval Research, and then in 1997, DARPA joined the project. Since then, the Tor Project has been funded by various sponsors, and not so long ago, the project won a fundraising campaign on reddit.

The current version of Tor software was released in October 2003, and it was the 3rd generation of onion routing software. Its idea is that we wrap traffic in encrypted layers (like an onion) to protect the data and anonymity of the sender and recipient.

Tor basics

With the history sorted out - let's get down to the principles of work. At the highest level, Tor works by relaying the connection of your computer to target computers (for example, google.com) through several intermediary computers, or relays.



Package path: guard node, intermediate node, exit node, destination

Now (February 2015), about 6,000 routers are engaged in the transmission of traffic on the Tor network. They are located all over the world and are powered by volunteers who agree to donate some traffic for a good cause. It is important that most nodes do not have any special hardware or additional software - they all run using Tor software configured to act as a node.

The speed and anonymity of the Tor network depends on the number of nodes - the more, the better! And this is understandable, since the traffic of one node is limited. The more selection of nodes you have, the more difficult it is to track the user.

Types of nodes

By default, Tor transmits traffic over 3 nodes. Each of them has its own role (we will analyze them in detail later).

Client, security node, intermediate node, exit node, destination

Entry, or watchdog node - the point of entry into the network. Input nodes are selected from those that operate for a long time, and have proven themselves to be stable and high-speed.
Intermediate node - transmits traffic from security guards to weekends. As a result, the former do not know anything about the latter.
An egress node is an egress point from the network that sends traffic to the destination that the client needs.

The usually secure method for starting a sentry or staging node is a virtual server (DigitalOcean, EC2) - in which case the server operators will only see encrypted traffic.

But the operators of the exit nodes have a special responsibility. Since they send traffic to their destination, any illegal activity done through Tor will bind to the exit node. And that can lead to police raids, notices of illegal activities and other things.

Meet the exit node operator - thank him. He deserves it.

What does the bow have to do with it?

Having figured out the route of connections going through the nodes, we ask ourselves the question - how can we trust them? How can you be sure they won't hack into the connection and extract all data from it? In short, we don’t need to trust them!

The Tor network is designed so that nodes can be treated with a minimum of trust. This is achieved through encryption.

So what about the bulbs? Let's take a look at how encryption works when establishing a client connection over the Tor network.

The client encrypts the data so that only the output node can decrypt it.
This data is then encrypted again so that only the intermediate node can decrypt it.
And then this data is again encrypted so that only the sentry node can decrypt it.

It turns out that we have wrapped the original data in layers of encryption - like onions. As a result, each node has only the information it needs - where the encrypted data came from and where it needs to be sent. This encryption is useful for everyone - client traffic is not open, and nodes are not responsible for the content of the transmitted data.

Note: Output nodes can see the original data because they need to send it to the destination. Therefore, they can extract valuable information from the traffic, transmitted in clear text over HTTP and FTP!

Nodes and bridges: problem with nodes

After starting the Tor client, he needs to get a list of all input, intermediate and output nodes. And this list is not a secret - I'll tell you later how it spreads (you can search the documentation for the word “concensus” yourself). The publicity of the list is necessary, but there is a problem in it.

To understand it, let's pretend to be an attacker and ask ourselves: What would the Authoritarian Government (AP) do? By thinking this way, we can understand why Tor works this way.

So what would AP do? Censorship is serious, and Tor allows it to be bypassed, so the AP would want to block users from accessing Tor. There are two ways to do this:

• block users logging out of Tor;
• block users logging into Tor.

The first is possible, and is a free choice of the owner of the router or website. He just needs to download a list of Tor exit nodes and block all traffic from them. That would be bad, but Tor can't do anything about it.

The second option is seriously worse. Blocking users logging out of Tor can prevent them from visiting a certain service, and blocking all incoming users will prevent them from going to any sites - Tor will become useless for those users who already suffer from censorship, as a result of which they turned to this service. And if there were only nodes in Tor, this would be possible, since the AP can download a list of sentinel nodes and block traffic to them.

It's good that the Tor developers thought about this and came up with a clever solution to the problem. Get to know the bridges.

Bridges

Basically, bridges are unpublished nodes. Users trapped behind the wall of censorship can use them to access the Tor network. But if they aren't published, how do users know where to look for them? Is there a special list needed? Let's talk about it later, but in short, yes - there is a list of bridges that the project developers are working on.

It's just not public. Instead, users can receive a small list of bridges to connect to the rest of the network. This list, BridgeDB, only gives users a few bridges at a time. This is reasonable, since they do not need many bridges at once.

By issuing over multiple bridges, it is possible to prevent the network from being blocked by the Authoritarian Government. Of course, receiving information about new nodes, you can block them too, but can someone find all the bridges?

Can someone discover all the bridges

The list of bridges is highly secret. If the AP gets this list, it can block Tor completely. Therefore, the network designers have been researching the possibilities of obtaining a list of all bridges.

I will describe in detail two points from this list, the 2nd and the 6th, because it was in these ways that I managed to get access to the bridges. At point 6, researchers looking for Tor bridges scanned the entire IPv4 space with the ZMap port scanner, and found 79% to 86% of all bridges.

The second point implies the launch of an intermediate Tor node, which can track incoming requests to it. The intermediate node is accessed only by sentry nodes and bridges - and if the accessing node is not in the public list of nodes, then it is obvious that this node is a bridge. This is a serious challenge to Tor, or any other network. Since users cannot be trusted, it is necessary to make the network as anonymous and private as possible, which is why the network is done that way.

Consensus

Let's take a look at how the network functions at a lower level. How it is organized and how to find out which nodes in the network are active. We have already mentioned that there is a list of nodes and a list of bridges on the network. Let's talk about who makes these lists.

Each Tor client contains fixed information about 10 powerful nodes maintained by trusted volunteers. They have a special task - to monitor the state of the entire network. These are called directory authorities (DAs).

They are distributed around the world and are responsible for distributing a constantly updated list of all known Tor nodes. They choose which nodes to work with and when.

Why 10? Usually, you shouldn't make a committee of an even number of members, so that no tie happens during the voting. The bottom line is that 9 DAs deal with the lists of nodes, and one DA (Tonga) deals with the list of bridges

DA list

Building consensus

So how do DAs keep the network up and running?

The status of all nodes is contained in an updated document called Consensus. DA supports it and is updated hourly by voting. This is how it works:

• each DA creates a list of known nodes;
• then calculates all other data - host flags, traffic weights, etc .;
• sends the data as a "status vote" to everyone else;
• gets the votes of everyone else;
• combines and signs all parameters of all voices;
• sends signed data to others;
• most DAs must agree on the data and confirm that there is a consensus;
• consensus is published by each DA.

The consensus is published over HTTP so that everyone can download the latest version. You can check it yourself by downloading the consensus through Tor or through the tor26 gate.

And what does it mean?

Anatomy of Consensus

Just reading the specification makes this document a bit tricky to understand. I like the visual representation to understand how the structure works. For this I made a corkami-style poster. And here's a (clickable) graphical representation of this document.

What happens if the knot goes bad

When considering in detail the principles of the network, we have not yet touched the principles of the output nodes. These are the last links in the Tor chain, providing a path from client to server. As they send data to their destination, they can see it as if they just left the device.

This transparency implies a lot of trust in the exit nodes, and they usually behave responsibly. But not always. But what happens when the exit node operator decides to turn against Tor users?

The sniffer case

Tor exit nodes are a near-reference example of man-in-the-middle (MitM). This means that any unencrypted communication protocols (FTP, HTTP, SMTP) can be monitored by it. And these are logins and passwords, cookies, uploaded and downloaded files.

Egress nodes can see traffic as if it had just left the device.

The ambush is that there is nothing we can do about it (other than using encrypted protocols). Sniffing, passive network eavesdropping, does not require active participation, so the only defense is to understand the problem and avoid transmitting sensitive data without encryption.

But let's say the operator of the exit node decides to damage the network in a big way. Listening is a fool's business. Let's modify the traffic!

We squeeze the maximum

Recall that the exit node operator is responsible for ensuring that the traffic going from and to the client is not altered. Yeah of course…

Let's see in what ways it can be changed.

SSL MiTM & sslstrip

SSL ruins all raspberries when we try to screw up users. Fortunately for attackers, many sites have implementation issues that allow us to force the user to go over unencrypted connections. Examples are redirecting from HTTP to HTTPS, enabling HTTP content on HTTPS sites, etc.

Sslstrip is a convenient tool for exploiting vulnerabilities. We only need to pass all outgoing traffic through it, and in many cases we will be able to harm the user. Of course, we can just use a self-signed certificate and peek into the SSL traffic going through the host. Easily!

Let's add browsers to BeEF

After seeing the details of the traffic, you can start sabotage. For example, you can use the BeEF framework to gain control over browsers. Then you can use the function from Metasploit "browser autopwn", as a result of which the host will be compromised, and we will be able to execute commands on it. We have arrived! ..

Backdoor binaries

Let's say binaries are being downloaded through our node - software or updates to it. Sometimes the user may not even be aware that updates are being downloaded. We just need to add a back door to them with tools like The Backdoor Factory. Then, after executing the program, the host will be compromised. We've come again! ..

How to catch Walter White

While most Tor exit nodes behave decently, it is not uncommon for some of them to behave destructively. All the attacks that we talked about in theory have already taken place.

In addition, the developers have thought about this and developed a precaution against customers using bad exit nodes. It works like a flag in a consensus called BadExit.

To solve the problem of catching bad exit nodes, a clever exitmap system has been developed. It works like this: for each output node, a Python module is launched that deals with logins, downloading files, and so on. The results of his work are then recorded.

Exitmap works using the Stem library (designed to work with Tor from Python) to help you build a diagram for each exit node. Simple but effective.

Exitmap was created in 2013 as part of the spoiled bulbs program. The authors found 65 exit nodes changing traffic. It turns out that although this is not a catastrophe (at the time of operation, there were about 1000 output nodes), the problem is serious enough to track violations. Therefore, exitmap is still working and supported.

In another example, the researcher simply made a fake login page and logged in there through each exit node. Then the server's HTTP logs were looked at for example login attempts. Many sites tried to penetrate the site with the username and password used by the author.

This problem is not unique to Tor.

It's important to note that this isn't just a Tor problem. There are quite a few nodes between you and the photo of the cat you want to look at. Just one person with hostile intentions is enough to cause a lot of harm. The best thing to do here is to force encryption on where possible. If the traffic cannot be recognized, it cannot be easily changed.

And remember, this is just an example of bad operator behavior, not the norm. The vast majority of exit nodes take their role very seriously and deserve a lot of gratitude for all the risks they take in the name of the free flow of information.

Browser Tor(Further Tor browser) ensures the anonymity of your online activities. It hides your identity and protects your web connections from many types of online surveillance. Tor can also be used to bypass internet blocking.

• How to stay anonymous and bypass Internet censorship

What will you learn from this chapter

• How to hide your digital identity from the websites you visit
• How to hide visited websites from internet access providers and spyware
• How to bypass internet censorship and filters
• How to protect yourself from unsafe and potentially malicious websites with an add-on NoScript

1. Introduction to Tor Browser

2.1 Downloading the Tor Browser

Figure 2. Tor Browser bridging settings

Step 2. Please select Yes.

Figure 3. Configuring bridges

Step 4. Please select option Connect to predefined bridges.

Step 5. Click on button [Further] to customize proxy.

Tor Browser will ask if you need to access the Internet local proxy... For this example, we will assume that you do not need this. If necessary, look at the parameters of your usual browser and copy the proxy settings from there. (In Firefox you can find this in the menu Settings> Advanced> Network> Customize... In other browsers, you can find the same settings in the Internet access settings. You can refer to support system browser for help.

Figure 4. Proxy settings

Step 6. Please select option [No].

Step 7. Click on button [Connect] to launch launch Tor Browser.

Figure 5. Connecting to the Tor network

Tor Browser will open in a couple of moments.

3.2.2. Connecting to the Tor network with other bridges

You can also connect to the Tor network by specifying bridges on one's own. This is rarely used (mostly, they prefer predefined bridges), and therefore the chances that this method will be blocked are less. If you can't access the Tor Project website, you can ask for the addresses of the bridge sites by sending an email to [email protected] , provided that you are using an account Riseup, Gmail or Yahoo... Insert words get bridges into the body of the letter.

If you have there is get access to the Tor Project, you can find out the addresses of such bridges, Go to the page https://bridges.torproject.org/options and follow the steps.

Step 1. Click on button Just give me the addresses of the bridges!.

Figure 1. Getting the addresses of the Tor bridges

Step 2. Type the characters from the picture ( captcha) and press Enter.

Image 2. Captcha

You will see three bridge addresses.

Figure 3. Bridge addresses

Step 3. Now that you have the bridge addresses, you can to dial them in Tor bridging settings as shown below.

Note. If this is your first time launching Tor Browser, you may see the screen Tor bridging settings by simply following the steps from. If Tor Browser is already configured, refer to the.

Figure 4. Tor bridging settings

3.3. Changing access settings for the Tor network

You can change Tor settings when the program is already configured. Let's say you are traveling to a country where Tor is blocked. How do I change the settings? Follow the steps:

Step 1: Click on button to see the Tor Browser menu.

Figure 1. Tor Browser settings menu

Step 2. Please select Tor network settings to determine how Tor Browser connects to the internet.

Figure 2. Tor network settings

In the settings, you can enable or disable bridges, select other options.

When done, click button and restart Tor browser.

4. Anonymous Internet access via Tor Browser

It is important to remember that Tor browser provides anonymity only for those actions that occur in the Tor Browser window. Tor does not protect all other online activities by itself.

Note. In accordance with privacy policy , Tor browser configured not to save browser history to hard drive. Whenever you exit the Tor Browser, the history is deleted.

4.1. How to check if Tor Browser is working

Tor Browser hides your IP address from the sites you visit. If the program is configured correctly, everything should look as if you are accessing a website on the Internet from an IP address that is different from your usual IP address, and your physical location cannot be calculated from the IP address.

The easiest way to make sure the program works is to check it on the developer's site https://check.torproject.org/ .

If you do not use Tor, you will see:

Figure 1. Verification shows that Tor is not working as expected

If you are using Tor, the image will look like this:

Figure 2. Verification shows that Tor is working as expected

Do you want to find out the IP address under which you are connecting to the Internet through the network Tor? There are many possibilities on the internet to do this, including encrypted websites. https(making life difficult non-providers who want to "fake" the result):

If you go to this site not through the Tor Browser, you can see your real IP address associated with your real location. If you log in through the Tor Browser, a different IP address will be displayed.

4.2. Creation of a new personality

You can create a "new identity" in the Tor Browser. At the same time, Tor Browser will randomly select a new set of relavers. From the outside, it will look as if you are logging in from a new IP address when you visit this or that website. To create a new personality:

Step 1. Click on button to bring up the Tor Browser settings menu.

Figure 1. Creating a new identity in the Tor Browser

Step 2. Please select paragraph New personality.

Tor Browser will delete your browsing history and cookies, then restart and continue with a different IP address.

4.3. NoScript add-on

4.4. Tor Browser update

You will be notified when Tor Browser updates are released.

Step 1. Click on button to bring up the Tor Browser menu.

Figure 1. Tor Browser settings

Step 2. Please select Check for Tor Browser Updates.

Figure 2. Checking for Tor Browser updates

The program will tell you if there is a new version of Tor Browser and if an update is required.

Figure 3. Software updates

FAQ

Question. Why do I need Tor browser?

Answer. Tor browser- a useful program if you need to bypass censorship and gain access to certain sites. Tor Browser comes in handy if you don't want your ISP to know which sites you visit. The program also hides your Internet location from sites.

Question. I run Tor browser; now all programs that go online work through the Tor network?

Answer. No, by default, only what you work with is forwarded through the Tor network. Tor browser... Other programs work as usual - directly through your internet service provider. You can find out if the Tor network is working by going to Tor verification page by the address https://check.torproject.org... The Tor developers also expect people to be careful, use common sense, and act wisely when visiting new and unfamiliar websites.

Question. Is what I do in Tor browser?

Answer. Tor encrypts all communications inside the Tor network. Please be aware that Tor cannot encrypt data that leaves the Tor network. To protect data between exit Tor node and the site you are linking to, it is still better to use HTTPS.

To get more anonymity on the Internet and not have to set up VPN over and over again, you can download a browser called Tor. This browser is a modification of Mozilla Firefox, has many built-in functions for creating a proxy server, enhancing anonymity, various tips for setting. At the first start, Tor will ask you to configure your connection for further access to the network. Your usual stay on the Internet will practically not change, however, the connection will be somewhat slow, the request for a location is disabled, which means that all search parameters are reset: you will not see your most visited sites or the selection of a feed by advertising, this can also slow down your Internet surfing. Of course, in exchange for small inconveniences, you get full anonymity and access to any information or website.

Download the browser from the official site if you haven't already. Follow the link http://tor-browser.ru and choose your download method. On the same page it is possible to make a donation to the project. Once the browser is saved, you will see the “Tor Browser” folder and find the “Start Tor Browser” file either there or on your desktop.

You will have a few seconds to customize your browser settings, or else it will log you in on standard. Your connection will pass through several addresses in different parts of the world, only then will it reach the site.
Click “Open Settings” to change the settings.

You will have three options:

• “My ISP is blocking access to Tor” is a setting for people who are network savvy. You will be prompted to enter bridges manually to bypass the ISP blocking. In fact, this kind of blocking is rare.
• The second point implies your own proxy for anonymous access to the Internet. You will need to configure the port and account.
• “My firewall only allows me to connect to certain ports” - again, often many ports are closed by the ISP and you cannot connect to them. Find out which ports are open for you and enter them here.

This is how the setting for each item looks like. If you do not need them and you just want to replace the VPN, then undo these edits and exit the settings.

When you first open it, Thor gives you a hint: do not stretch the browser to full screen so that no one knows its true size. If you are not a sophisticated anonymous user, you can ignore this hint.

The search itself on the Internet occurs in the most usual way: you enter a request and receive an answer. Of course, everything will look a little different than usual:

• The dominant language in the browser is English so that no one will recognize your region.
• The second point follows from the first: your region is not specified, which means there is no smart selection of pages in the search.
• There is no advertising or marketing tracking for you.

It's better to know right away which site you want.

To customize your browser, as well as see what IPs you went through, you need to find the green onion icon in the bar at the top.

By clicking on it, IP addresses and countries will appear on the right. On the left is the settings panel.

• "New identity" - resets all the parameters you previously set and opens the browser again.
• The item “New chain for this site” changes the IP addresses on the right.

You may need security settings and Tor settings. The browser settings lead to the same window that you saw at the beginning: there you can configure a proxy and specify open ports.

In the security settings, it is better to leave all the checkboxes enabled so as not to expose yourself to verification by sites.

There you will also see a slider that adjusts the overall level of your protection. By moving it, on the right you will see a description of the changes.

You can also customize the duckduckgo search engine, which is used by the default Tor browser. To do this, click on the three stripes on the top right.

In addition to choosing a color scheme, the main section “Settings” is available to you.

This is where you can specify your language, region, enable or disable tracking, browser loading at startup, and other options. However, it is recommended to leave the parameters as they were set by the browser itself, as it is this combination that helps you stay anonymous.

Now you don't have to set up a VPN for yourself, but just use the Tor browser when you really need it. It is poorly suited for everyday use, since it takes longer to load pages and does not select the search according to your preferences, but in some situations it remains indispensable.

Tor Browser provides anonymity on the Internet. In addition, it allows you to bypass site blocking. Due to these qualities, it is in great demand among users.

What is Tor Browser

The Tor system was developed in the early 2000s in the US Navy laboratory. The source code of the technology was made publicly available so that anyone can check the development for errors and vulnerabilities.

Tor software is based on onion routing technology: Tor users create nodes, and the system forms chains from them through which encrypted information is transmitted.

Tor Browser is the official browser from The Tor Project, Inc. There are versions for Windows, Mac, Linux, Android. Distributed through the official website.

Advantages:

• easy installation. Despite the complex operating principle, the browser is installed as easily as conventional software;
• simple use. The browser is used in the same way as Google Chrome, Mozilla or Opera without additional manipulation;
• anonymity. The user does not leave any traces by visiting the sites;
• bypassing locks. The browser allows you to visit prohibited sites.

Disadvantages:

• long loading of web pages. Due to the onion routing system, each request goes through a chain of nodes, which increases the response time;
• lack of Flash Player. The browser does not allow third-party applications to collect location information and other personal data that Flash Player requests.

Installing Tor Browser

The browser is distributed free of charge, so you can try it now. First, make sure your PC meets the minimum system requirements.

Table: System Requirements for Windows

Windows OS version	XP, Vista, 7, 8, 10
CPU frequency	1.5 GHz
Video memory	64 MB
Hard disk space	120 Mb
RAM	256 MB

The required performance is rather low. The browser will work quickly for most users.

How to find out the version and language of the file being installed

Before downloading the installation file, you can view its version and change the browser language. Here's how to do it:

1. Go to the download page.
2. The version of the file will be written on the line "Version". For example, Version 7.5.3.

   The version of the file will be written in the line "Version"

3. The language of the file can be viewed and changed under the big purple Download button. English is selected by default. Click on "English" to open the list and select "Russian" if you want to use the browser in Russian.

   To change the language, click on the current language (highlighted in red) and select "Russian" in the list (highlighted in green)

Installation instructions

Follow the steps of the instruction:

1. Go to the official website of the browser. Registration is not required. Click on the "Download" button at the top right of the screen.

   To go to the download page, click on the "Download" button

2. Change the language of the file to Russian, as shown above. Click on the big purple Download button.

   Don't forget to specify the language of the file before uploading

3. Wait for the download to finish and run the installer by opening the file.

   The location of the download bar may differ in different browsers

4. Select Russian for the installer.

   If Russian is not selected by default, click on it (highlighted in green), select "Russian" and click "OK" (highlighted in red)

5. In the line for selecting the installation folder, you can select the desired directory by clicking on "Browse ...", or leave it as default. Then click "Install".

   Select the directory by clicking on "Browse ..." to the right of the red rectangle, or leave it as default; then click on the "Install" button

6. To create shortcuts on the desktop and in the Start menu, check the box next to Add Start Menu & Desktop shortcuts. To launch Tor Browser right now, check the box next to “Launch Tor Browser”. Click Finish.

   To create shortcuts in the Start menu and on the desktop, select the item highlighted in yellow; to launch Tor Browser, select the item highlighted in green; press the "Finish" button highlighted in red

7. The browser is installed!

Video: Installing and Configuring the Tor Browser for the First Time

Browser setting

On first launch, the browser will open a window with a Tor connection. If you are not in a Tor-banning country, or are not connecting from a private network that requires a proxy, click Connect.

To connect, click the "Connect" button

The browser will connect to the Tor network and a new tab will open.

Wait for the connection to be created

Here's how to set up your network:

1. Enter the settings by clicking the "Configure" button.

   To go to the settings, click on the "Configure" button

2. If Tor is banned in your country of residence, select "Tor is banned in my country."

   If Tor is illegal in your country, please select this option.

3. By default, Select Built-in Bridge is selected. Bridges are unregistered relays that make it difficult to block connections to the Tor network. Different types of bridges use different techniques to avoid blocking by censors. Bypass devices make traffic look like random noise and simulate connecting to this service instead of Tor. Leave this item enabled if you do not know other bridges. Click "Connect" to finish.

   Leave the "Select built-in bridge" option if you do not know other bridges, then click the "Connect" button

4. If you know the bridge to which you can connect, select Specify the Bridge I Know and enter the bridge information in the box. Then click "Connect".

   Select the item "Specify the bridge that I know" (highlighted in red) and enter the address in the field (highlighted in green), then click on the button "Connect" (highlighted in purple)

5. If you are using a proxy, select "I am using a proxy to connect to the Internet."

   If you are connecting through a proxy, select this item

6. Enter your proxy information. Click "Connect" to finish.

   In the brown rectangle, indicate the type of proxy, in the red - its address, in the green - the port, in the purple and blue - the username and password; then click on the "Connect" button highlighted in yellow

Browser settings

Here's how to go to settings:

Let's go through the internal settings of the program:

• in the "General" category, you can customize the start page, specify the path for saving files and customize the order of opening tabs;

  The launch settings are highlighted in red, the file download settings are in green, the tab parameters are in blue.

• in the "Search" section, you can configure the default search engine, as well as add other search engines;
  

  By clicking on the item in the red rectangle, you can set the default search engine

• in the Content category you can find adjusting notifications and pop-ups. Here you can set the font and language for displaying web pages;

  Notification settings are highlighted in red, pop-up windows are in green, fonts and colors are in blue, languages ​​are yellow.

• in the "Applications" section, you can configure the built-in browser add-ons. For example, change the program for reading pdf files;

  By clicking on the "Preview in Tor Browser" button (highlighted in red), you can select a program for reading pdf files (highlighted in blue)

• in the "Privacy" category, you can turn off browsing history and tracking protection;

  Tracking protection settings are highlighted in red, history and cookies are stored in green, and auto-entry in the address bar is blue.

• the "Protection" section contains browser security settings. You can enable the blocking of dangerous content on web pages, configure the storage of logins;

  Red and green highlighted settings for warning about installing add-ons and blocking dangerous content, purple - settings for storing logins

• in the "Synchronization" category, you can sign in to your Firefox account to sync bookmarks, tabs and passwords;

  To sign in to your Firefox account, click "Sign in" (highlighted in green) or create a new one by clicking on "Create a new account" (highlighted in red)

• There are five sections in the Advanced section and are navigated in the row below the heading. The General section contains settings for page scrolling and advanced browser options;

  You can enable advanced browser capabilities by checking the boxes next to the desired items in the red rectangle, and adjust the browsing options for sites in the orange rectangle

• in the "Network" category in the advanced settings, you can clear the cache of the application and web content, configure the Tor connection to the Internet;

  You can configure the Tor Browser connection to the Internet by clicking on the "Configure ..." button (highlighted in purple), configure the page cache (highlighted in red) and the application cache (highlighted in blue)

• the "Updates" section in the advanced settings contains the parameters for updating the browser and search plugins;

  You can manage program updates (highlighted in red) and enable plug-in auto-update (highlighted in green)

• the "Certificates" category in the advanced settings contains settings for requesting certificates from servers. A certificate is a file that uniquely identifies servers. The purpose of the certificate is to provide a secure connection between the server and the user's browser.

  The settings for issuing certificates are highlighted in red; to view certificates, click on the "View certificates" button (highlighted in purple)

Creation of a new personality

Tor supports the ability to quickly change a set of nodes. This will clear all cookies and change the IP address. Here's how to change your Tor identity:

1. Press Ctrl + Shift + U or the onion icon at the top, to the left of the address bar.

   Click on the onion icon (highlighted in red)

2. In the list that opens, select "New Identity".

   Click on "New Personality"

3. Confirm by clicking on "Confirm" in the new window.

   Click on the "Confirm" button indicated by the red arrow; if you do not want to receive more alerts, select the "Do not ask me again" item

4. Ready! You now have a new personality.

Extension NoScript

NoScript is an extension that blocks execution of JavaScript, Java, Flash and other potentially dangerous components of HTML pages. It is present by default in the Tor Browser. Here's how to set it up:

1. Click on the extension icon in the upper left corner of the window.

   The arrow points to the NoScript extension icon

2. Select "Settings".

   Select the "Settings ..." item in the drop-down menu

3. Go to the "White List" tab.

   Navigation is at the top, the "White List" button is highlighted in red

4. Uncheck the "Global Script Resolution" box.

   Uncheck the box "Global Script Resolution"

5. Go to the "Built-in Objects" tab.

   Go to the "Built-in Objects" tab highlighted in red

6. There should be a checkmark in all items, except for "Do not show placeholder ..." and "Collapse locked objects". Click OK.

   Check the boxes in accordance with the ones highlighted in the screenshot and click on "OK"

Adjusting security settings

You can customize the most appropriate security level yourself. For this:

1. Repeat the first step from the previous instructions, opening the menu.
2. Select "Security Settings".

   Click on the button with the onion and select "Security Settings" (highlighted in red)

3. Here you can adjust the security level. Use the slider to select the "Most Safe" level.

   Raise the slider to "Most Safe"

4. Click OK.
5. Ready! Security settings have been changed.

Additional security settings

There are additional security measures that you can apply at will:

1. Go to the settings as in the instructions above.
2. Navigation is on the left. Go to the "Privacy" category.
3. Check the boxes next to "Use tracking protection in private windows" and "Always work in private browsing mode".

   Check the checkboxes to protect yourself from tracking and work in private mode

4. Go to the "Protection" category.
5. Check the boxes next to Warn when websites try to install add-ons and Block dangerous and deceptive content.

   Check the checkboxes to protect against dangerous content

How to bypass a firewall

Here's what you need to do to bypass the firewall:

1. Click on the onion icon in the upper right corner as in the instructions above.
2. Select "Tor Network Settings".

   Select "Tor Network Settings" in the drop-down menu

3. Here are the same settings as in the instructions above, except for the item "My firewall allows me to connect only to certain ports." Select it if you want to bypass the firewall.

   Select the item "My firewall allows me to connect only to certain ports"

4. In the field that appears, enter the allowed ports separated by commas. They can be found in the firewall settings. Then click "OK".

   Enter allowed ports separated by commas in the field and click "OK"

Troubleshooting

Problems can sometimes occur while using the browser. They are rare, individual and related not so much to the browser as to the provider. The main difficulty is the lack of an Internet connection: for example, pages do not load. Adding to exceptions or checking the date and time can help here.

Tor Browser won't connect to internet

If the page does not load for more than a minute, then most likely the browser cannot connect to the network.

If the content of the page does not appear for a long time, and the inscription "Connecting ..." does not change to the title of the site, then most likely the browser cannot connect to the Internet

Solution # 1: checking the date and time

Check if the correct date and time is set on the computer. If they are wrong:

1. Right click on the clock; they are located at the bottom right of the taskbar.