The Documentalist

Masking on-line activity to protect human rights workers

Posted in Reviews, technology by Sarah on September 24, 2009

One of our goals with this blog is to provide information about various services and technologies we encounter that might interest human rights activists, scholars, or archivists.   If you have suggestions for products or services you think  we should review, please let me know!


Tor Anonymity Online

Interlocking layers of information.

Interlocking layers of information. Image courtesy of

As the world increasingly shifts to the Web for communicating, there seems to be an equal increase in the need of repressive governments, corporations, and agencies to read over people’s shoulders (so to speak), by monitoring the flow of communication and information across the Web.  This is worrisome in general, but is particularly problematic for human rights work.  Activists, whistle-blowers, witnesses, and victims want to share what they know, but they have to be careful of using the Web because repressive regimes have gotten quite good at intercepting emails, blogs, and other electronic forms of communication and using them to identify the physical locations and identities of  senders and the recipients.  They then use the information to detain people, or even as an excuse to torture or execute them.  Recent events in Iran and China are perfect examples of how governments monitor and censor internet communications with the intent to quash popular movements by committing violence against those who try to stand up to repressive policies and practices.

One popular resource for circumventing Web censorship is a free program called Tor–an acronym for “The onion router.”   Onion routing differs from traditional communication on the Web in that it sends encrypted messages along a roundabout path rather than zipping them straight from point A to point B.  Typically, when a user uses their internet browser or email program, messages move directly from sender to recipient across a single, proprietary server (e.g. Yahoo!, Gmail, Hotmail, etc.).   This may be an incredibly efficient means of moving information, but a lot of identifying information is visible to third parties that lurk on these servers—your IP address provides precise information about where you are physically located when you send a given message, and the delivery header that is attached to a message to make sure that it gets to the recipient contains information about the content of the message itself that is easily read by outside parties.  (This, by the way, is what allows Gmail to customize advertisements within their email program—they can scan the content of  headers for messages you send and receive, looing for key words that trigger classes of ads).

An onion router is a program that masks your message from outside view by hiding it in a layered data bundle called an “onion.”  The onion shuttles the hidden message through a randomly selected series of proxy servers, making it much more difficult for anyone monitoring net activity to identify sender, receiver, or the content of the message.   There are several programs that provide this service for a fee, but in Tor’s case, the service is free because the proxy network consists of members who voluntarily make their PCs available as network nodes, or “onion routers.”  Information about the Tor Project (as the program is formally called) is available at, where you can download free software that allows you to send and receive messages anonymously.  There are no limitations on who can use the service, and users aren’t required to volunteer their own PCs to the network, but they are strongly encourage to.

What is Onion Routing?

Imagine standing in a large, crowded room and you are handed a brown paper cylinder with your name on it.  The person who hands it to you tells you to peel the paper with your name on it off of the cylinder to expose a new layer with a new name on it–your task is to deliver the cylinder to the person named, tell her to peel that layer of paper off and pass it on to the next person named and tell him to do the same.  This goes on until the very center of the cylinder is handed off to the person to whom it is addressed.  The idea is that the center of the cylinder contains a message sent to the final recipient by the very first person to hand the cylinder off.  But, because the cylinder traveled through so many hands, and along a random path through the crowd, anyone observing the receipt of the final message (or any of the hand-offs at any point along the way, for that matter) has no idea where it came from originally; he or she only saw the final hand-off in a relay of hand-offs.

Onion routing diagram

Onion routing diagram courtesy of

The situation described above is a good analogy for onion routing.  When a user logs into Tor using the modified version of the FireFox Web browser provided at the Tor Web page, the program automatically scans the network of member PCs to identify which ones are available for data receipt and transfer.  The program then writes a series of layered encryption codes that will route the sender’s message through a randomly selected subset of those PCs.  When each PC in the selected series receives the bundle, it reads the layer of code addressed to it, which will instruct the PC to re-encrypt the message bundle and send it to the next PC in the series, which, in turn will read and execute its layer of coded instructions,  and so on until the message reaches its destination.  Third parties observing the net as the message moves through this roundabout path can see that information is moving, but they only see the activity between one PC and the next—they don’t see the complete path and so cannot easily identify the origin and destination for the message.  Furthermore, because the message is wrapped in layers of encryption, it cannot be read while in-transit.  And, because the message bundle is re-encrypted every step of the way, an bserver will see one unreadable message  arriving to a PC and what looks like a different unreadable message going out to the next PC in the chain.  Thus, Tor offers an effective alternative to such visibility by hiding this information, but the trade off is that delivery is slow and cumbersome.(For more detailed information about how this process functions, see the onion routing article at Wikipedia or the overview page at Tor.)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: