Anonymity has becoming a big topic during the last years: Edward Snowden disclosure’s or “Safe Harbor” disrespect are some of the scandals that made Internet users to feel spied on.

But today, a player who was regarded for a long time as the Internet platform for illegal trade is taking advantage of the situation: The Onion Router (TOR).

Several projects including one linked to Facebook are being discussed now and are almost ready for implementation. TOR offers new perspectives regarding data protection and anonymity. How does it work?

The Onion Router is an alternative network of relay servers scattered around the world, which mainly serve to cover tracks: thanks to TOR, any user can remain anonymous and untraceable. The TOR servers can also host “hidden services” such as illegal websites or services like Ricochet.

TOR’s principle is the onion routing. It was designed in the mid-1990s by US Army lab, the Naval Research Laboratory, whose specialties is information warfare. The mathematician Paul Syverson and the engineers Michael Reed and David Goldschlag participated in its design. The Defense Advanced Research Projects Agency (DARPA) developed it.

The onion routing overcomes certain shortcomings of existing systems (including proxies) that are not enough to guarantee anonymity.TOR is the second onion routing system generation (the first generation contained many defects and therefore never had real success).

Let’s now see the potential implementations TOR offers to the Internet user.

A secure messaging: Ricochet

Encrypting software available on the Internet for the public is becoming more efficient and easy to use, but to date, they still have some weaknesses. Thus, they do not hide much “metadata”: the technical information routers need to route messages: sender, recipient, date sent, sometimes document size…

Developed by a 23 years old American who calls himself “Special”, Ricochet is a free peer-to-peer program, which has the double advantage of being completely decentralized and protects metadata through the onion routing.

TOR allows Ricochet users to find and identify themselves thanks to the distribution on different servers, which change randomly. When registering, each user is assigned a unique identifier automatically generated, which serves both as address and login ID. Then each connection is authenticated with a temporary password. Correspondents can connect themselves via TOR relay and then exchange encryption keys and messages without revealing their location or their Internet address. Each user has his own contact list and doesn’t share it with people. Communications are encrypted from end to end, encryption taking place in the computer of the sender and decryption in the recipient’s one. The Internet service provider will only see that you’re using TOR but nothing more.

Ricochet is a complex program, but for end user, it is almost as simple as a regular messaging service: no need to understand how TOR works or the encryption keys principle, just download the software to obtain the address of a correspondent and send a request for contact with a click. The interface is purposely minimalist and stripped. Only constraint: both parties must be online simultaneously. In the future, Ricochet could be equipped with new features such as file transfer, multi-party conversations, or even audio and video streaming.

A Facebook connection through TOR

The Android Facebook application will be able to offer a function that will please a lot of users looking for anonymity.tor 2

Facebook announced it would integrate a setting on a next version of its Android application and Orbot will link the social network and Tor. This new project was initiated by a trainee at Facebook and quickly realizing the potential of this idea, a team worked on the project. However, Facebook had already installed the basics of this concept since late 2014, the company had acquired a .onion address and already recommends installing Orbot to support the TOR network.

For now, this possibility would not be available for Messenger which is totally independent of the social network, it is not unreasonable to think that if Facebook goes in that direction, it will probably offer one day this type of functionality also on its messaging. The real need of users is the ability to communicate with friends anonymously from a mailbox. In addition, it is unlikely that Facebook directs users to TOR Messenger or Ricochet, therefore a change is expected in this regard.

TOR is slowly changing its bad image and a lot of Internet players start to be interested in the opportunities TOR offers. Even if the onion routing is still used for paedophilia, weapons sales and drugs sales networks, it is also becoming a good way for simple Internet users to protect their private lives. But you also have to know that it isn’t a 100% anonymous connection and that the NSA has set up several Tor nodes to collect information on the network. But still, it is almost impossible to follow someone using the onion routing except if at some point, he forgot to hide his email address (which is often the case).

Will TOR really change the data protection or is it a new way to bring more control in the onion routing?