TOR: how the first anonymous network appeared

TOR: how the first anonymous web came about

We continue our acquaintance with the history of the formation of anonymity and security on the Internet. We have already talked about how VPN-services appeared, got acquainted with the history of the formation of mobile proxies, anti-detect browsers, Telegram (you can read about it here). Now we will focus on such an advanced communication technology as TOR. Like other software products aimed at ensuring the anonymity and security of working on the network, the military, in particular the American ones, are behind its appearance.

Onion Routing Basics

In 1995, the US Naval Research Laboratory created the first drafts of the so-called onion routing. According to this technology, traffic between point "A" and "B" was carried out not directly, but through 3 remote nodes dispersed in different countries of the world. The sequence of data transfer between them was chosen randomly each time. At the same time, traffic was encrypted in each intermediate node. This decision contributed to the fact that the streams of transmitted data could not be traced or decrypted. Why is the technology called onion? The fact is that it is quite multi-layered, like a husk, and in order to get to the middle (directly to the onion itself), it is necessary to remove this same husk layer by layer. That is, it was necessary to decipher the multi-level system after each node.

Data is encrypted here with three keys before being sent: for server 3, then – for 2 and then — for 1. While the data set will arrive at the first node, the top layer will be decrypted. Only after that will information about the next point be opened, that is, only in this way will the server know where to send this packet next. The similar situation is observed on 2 and 3 servers. All this work is carried out on the basis of the SOCKS protocol, which additionally ensures the anonymity of the transmitted data. It turns out that already decrypted information gets to the recipient's device.

Over the years of its existence on the market, the onion routing technology has already proved its practicality and efficiency. Today it is actively used by the TOR browser, although in a slightly modified form. The development of this technology was significantly influenced by specialists from the Massachusetts Institute of Technology. It was they who, in collaboration with representatives of the US Naval Research Laboratory, created The Onion Routing – TOR.

This network appeared on the market in autumn 2002. The main idea that experts put into TOR – it is that all proxy servers running around the world must be maintained by volunteers. Such a decision was supposed to make the network decentralized and open. In support of their idea, the developers posted a code with a free open license on the network, which allowed everyone to join it. Such rather risky actions nevertheless justified themselves and a year later this network included 10 large nodes in the USA and one — in Germany. Gradually, the idea of the site was appreciated by other organizations, including quite large ones, which led to its expansion and the appearance of servers in various countries of the world. The management of this entire system was entrusted to the Tor Project, Inc.

The next few years were a period of active development of the project. Thanks to quite serious financial injections, TOR became known all over the world. Users who are quite savvy from a technical point of view began to actively connect to the network, form their own nodes. Starting from 2007, work began on the formation of the so-called bridges — special nodes within data transmission chains. This was a forced measure, as a number of government agencies, based on censorship considerations, began to block open sites. The addresses of these bridges in the directory service could not be found, as they were hidden from everyone. Thanks to this feature, the network was maintained even if all open nodes were blocked.

2008 can be called the next stage in the development of TOR technology. It was at this time that TOR browser appeared, which is actively used by people around the world today. It was a simple and easy-to-use tool that allowed you to get privacy on the network, protection from unauthorized access, as well as the ability to bypass censorship for everyone. This gave a new impetus to the spread of TOR around the world. In parallel with this, the project actively began to notify users about such a problem as anonymity on the Internet. Today, the only continent where TOR is not used – Antarctica. At the same time, special services, law enforcement agencies, journalists, anti-terrorist public organizations, as well as ordinary users actively use the secure connection provided by this technology.

Well, like everywhere else, TOR has its downside. Despite the fact that the system was created to ensure the protection of the civil rights and freedoms of Internet users, it also became a place for the development of black markets. We will not go into details of what you can buy on the Dark Web today. We only note that not everything is as beautiful and safe as the creators of this project dreamed about.

What is garlic routing?

We've already seen what onion routing is. Along with it, a garlic version soon appeared. It was proposed by a professor of computer science at Princeton University — follower of the creators of the TOR project. At its core, garlic routing — this is a more complex version of the onion. Here it was assumed that the information before sending would be recorded in one or several messages, which would later be combined into one package (by analogy with a head of garlic, consisting of several cloves). The same packet can contain both your message and messages of other users passing through your node in transit. In this case, no one will know which of the "cloves" yours, and which one is transit. Thanks to this feature, attackers who control traffic will not be able to identify both the sender and the recipient of the message.

High anonymity and security of work using the TOR system is also ensured by the use of incoming and outgoing tunnels. Due to this, requests and responses are sent to different nodes, that is, they do not overlap, and the sender and recipient cannot identify each other. And these tunnels are transformed every 10 minutes, which makes data interception almost impossible. Information about where the data should go is built into each individual "clove", which allows the head of garlic to be put together already at the recipient.

Based on this technology, the I2P network was launched in 2003, also called the "Invisible Internet Project". It works on top of the main network and is decentralized. She also received high support among users from around the world. They absolutely free of charge provide their IP addresses through which traffic will be redirected. But I2P is not meant to provide privacy for online activities. It was developed specifically for private hosting sites. It would not be superfluous to mention that all TOR technologies are currently available to users for free.

Is everything so smooth with the TOR network?

We note right away that attempts to destabilize the operation of the TOR network began to be made at the dawn of its appearance on the market and continue to this day. This happened after the browser became widespread and began to be used by various organizations working in the shadows. At one time, TOR was repeatedly hacked, blocked at the legislative level, and limited by technical tools. There were a lot of high-profile litigation scandals, hacker attacks. Some of this has been successful. Here are just a few highlights:

  • In 2009, the Chinese government blocked over 80% of the public network nodes. After state hackers learned how to find and block bridges, the creators of TOR developed a unique Bridge guard system that provides reliable protection for bridge connections. She is still active today.
  • In 2010, hackers managed to crack TOR. They took over 2 of the 7 directory servers, as well as the server where all the statistics were stored. With such a technical base, hackers began to attack other hosts. The TOR developers instantly removed all captured nodes from the system, completely updated the software and keys. They also informed absolutely all users about the need to update the browser to the latest version, where the identified vulnerability has already been fixed.
  • In 2012, Iran, followed by Ethiopia, blocked TOR by banning SSL-connection. In response to this step, the TOR developers created a new Obfsproxy technology that allows you to create special network bridges to hide transmitted data.
  • In 2013, the number of TOR users skyrocketed. At first, the developers of the system thought that this was due to the fact that the consumer market has sharply realized the need to ensure its own security. But they decided to check it out anyway. As a result, it was possible to establish that such activity was created by bots. If they had not caught on in time, the stability of the system would have been seriously impaired. And again, a system update was released in which a similar vulnerability was eliminated.
  • In 2014, both the United States and Russia actively began deanonymizing individual users of the TOR browser in order to reveal their real location. The reason here is quite reasonable, because the Darknet began to bring a lot of trouble to the law enforcement agencies of both countries. In Russia, a closed competition was even launched, in which specialists were asked to find ways to bypass the protection of the TOR system. At the same time, the reward for success was offered very substantial. But the Federal Bureau of Investigation turned to Carnegie Mellon University for help, paying them one million dollars. In both cases, the authorities pursued the goal of identifying the location of the perpetrators.
  • In 2015, IBM issued an official statement to other corporations urging them to consciously stop using this browser. As an argument, information was given that he himself launches hacker attacks and all kinds of hacks.
  • In 2016, all TOR addresses were blocked in Belarus. The government said that by doing so they prevent access to prohibited sites, but anonymous access to the Internet remains. In the same year, it was found that some of the TOR nodes collected user data. All of them belonged to the hidden part of the system and were located in the cloud.
  • In 2020, a major hacker attack was carried out on the TOR browser, as a result of which the attackers managed to seize a fourth part of all system nodes. The main goal — stealing cryptocurrencies from users. It was possible to implement this by gradually adding our own servers to the network. They did it all very systematically and harmoniously. So much so that the TOR administration did not notice any catch. They just changed HTTPS connections to HTTP (not secure). As soon as the user sent the crypt to the mixer, the attackers intercepted this traffic and changed the recipient's address to their own wallets. Such actions lasted 5 months and only then were noticed by the TOR administration. This was followed by three waves of shutdowns of malicious servers, as a result of which they were still able to be eliminated.
  • In 2021 (December), the TOR browser was blocked in Russia by a court decision. As a result, almost all IP addresses of open servers, as well as a fairly impressive part of bridges, became inaccessible to users. The negative consequences of this action were felt by many corporations, including mobile operators and Internet providers. But such restrictions did not last long and soon, by the decision of Roskomnadzor, it was made available to users from the Russian Federation.
  • In 2022 (in May), Roskomnadzor, citing a 2017 court decision, sent an official statement to Google demanding that the TOR browser be removed from Google Play. In parallel with this, litigation was going on. The prosecutor argued that the TOR browser contains information prohibited for distribution in Russia. This request was granted by the court and in December 2021, the TOR browser was blocked again.

What is the situation with the TOR browser today?

The expression "The road to hell is paved with good intentions" relevant in the case of the TOR browser. It was created for good purposes, sincerely wanting to provide users with a truly stable and secure experience on the Internet. The developers wanted people to be able to maintain their right to privacy and privacy of actions. But everything turned upside down. Today there are all prerequisites to say that TOR is not entirely safe. Today, there are a lot of expert opinions on this subject. Moreover, there is an opinion that this project is funded by the Pentagon and works for the US military.

Yes, at one time, both onion and garlic routing were a big breakthrough in technology designed to ensure the anonymity of browsing the Internet. Today they are used by other professionals around the world. But we cannot say that TOR is a completely anonymous and safe network today. And even if you like the comfort and convenience of working with this browser, we would still recommend using additional tools to ensure the security of your network.

We are talking about an additional connection to the work of mobile proxies from the MobileProxy.Space service. This is a reliable tool that will provide you with a high level of security, functional and stable networking without any risks and restrictions. Visit to get a first-hand look at cutting-edge solutions that use data mobile proxy work. You also have the opportunity to take advantage of a two-hour test for free, test your IP-address, Internet connection speed, and many other parameters .

Share this article: