Interview Questions & Answers | TOR
Q1. What is Tor? or Explain the TOR browser
Tor is a program that helps individuals to keep safe on the internet and maintain anonymity. It helps the user to prevent tracking of location and hide access websites.
Now we try to understand how the TOR network works. TOR network basically a group of volunteer-operated servers, where Tor’s user employs this network to create a virtual tunnel, instead of connecting directly.
Suppose a TOR user access http://www.abc.com, instead of directly connecting with the site’s server; the browser uses virtual tunnels and volunteer-operated servers to connect the site.
Q2. Who uses TOR, and why?
1. Journalists and Activists in countries with restrictions on the Internet and expression.
2. For whistleblowers, Tor provides a safe avenue to leak information to journalists. Edward Snowden released information on the NSA’s PRISM program to news organizations via Tor.
3. Many academics and ordinary citizens use Tor as a tool to keep privacy and freedom of expression alive in the Information Age.
4. Tor also uses by criminals for illegal activities.
Q3. What is the Deep web?
The deep web is a term used to signify the web, which Google and other search engines cannot search. It is unindexed by search engines; that’s why it is also called the invisible web.
It is estimated that the size of the deep web is 500 times the surface web. Here, the surface web refers to the internet, which accesses us, and search engines properly index it.
Q4. How can we access the deep web? Why can we not access the deep web with normal search engines?
For accessing the deep web, we need a dedicated browser. TOR is most commonly used, but we can also use I2P and Freenet.
When we use normal search engines, we access data directly from the source. But in the case of the deep web, data is not held on any single page but rather in databases, making it difficult for search engines to index.
Q5. How is Tor different from other proxies?
The proxy provider sets up a server on the internet and hosts a web application on the same. When users access that web application, the user connects directly with the server. In this case, SSL is used to encrypt traffic from client to server, but the provider still knows who you are and what you browse on the internet.
Now, how Tor maintains anonymity, Tor passes your traffic through at least 3 different servers before sending it on to the destination. Because there's a separate layer of encryption for each of the three relays, somebody watching your Internet connection can't modify or read what you are sending into the Tor network. Your traffic is encrypted between the Tor client (on your computer) and where it pops out somewhere else in the world.
Q6. Why is Tor so slow?
Tor passes your traffic through at least 3 different servers before sending it on to the destination, and there's a separate layer of encryption for each of the three relays. In simple words, Tor’s traffic passes through 3 different volunteer servers to connect to the destination server instead of connecting directly in the case of the normal browser; the reason Tor is slow.
Q7. What protections does Tor provide?
Internet communication is based on a store-and-forward model. Data is transmitted in blocks called IP datagrams or packets. Every packet includes a source IP address (of the sender) and a destination IP address (of the receiver), just as ordinary letters contain the sender and receiver's postal addresses.
Tor aims to improve your privacy by sending your traffic through a series of proxies. Your communication is encrypted in multiple layers and routed via multiple servers through the Tor network to the final receiver. Note that all your local ISP can observe now is that you are communicating with Tor nodes. Similarly, servers on the Internet see that Tor nodes are contacting them.
Tor aims to solve three privacy problems:
First, Tor prevents websites and other services from learning your location.
Second, Tor prevents people from watching your traffic locally.
Third, Tor routes your connection through more than one Tor relay, so no single relay can learn what you're up to.
Q8. Can exit nodes eavesdrop on communications? Isn't that bad?
Exit nodes can only know about the destination if traffic is not using end-to-end encryption. This can be easily resolved by using SSL to secure sensitive internet connections.
Q9. Tor guarantees the total anonymity of the user; is it true?
The answer is a BIG NO.
First, When you use TOR, you automatically come under the suspicion of enforcement agencies.
Second, Tor protects network communication. If you access Gmail or Facebook using TOR, ISP does not know which application you are accessing, but Gmail or Facebook knows who you are, although they do not know your location.
Third, some technologies, such as Java and Adobe Flash, run in what is known as a virtual machine. This virtual machine may have the ability to ignore your configured proxy settings, and therefore bypass Tor and share information directly to other sites on the Internet. The virtual machine may store data, such as cookies, separate from your browser or operating system data stores. Therefore, these technologies must be disabled in your browser to use Tor safely.
Q10. Explain all the keys which Tor uses.
Tor uses a variety of different keys, with three goals in mind:
It uses a “circuit key” for TLS link encryption to ensure data privacy within the Tor network.
Authentication, so clients know they're talking to the relays they meant to talk to; it uses an “onion key” as a public decryption key and signatures to make sure all clients know the same set of relays; it uses a long-term public signing key called the "identity key.”
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.