• Home
  • About Us
    • Advent IM – What Makes Us Tick?
    • Downloads
    • Advent IM Media
    • Advent IM News
    • Industry News
    • Certifications and Memberships
    • Vacancies
    • Trusted Partners
    • Useful Links
    • Legal Info
    • Privacy
  • Consultancy
    • Cyber Security
      • GDPR/MyDPO
      • ISO27001
      • ISO27552
      • Data Protection/GDPR
      • Educational Cyber Security
      • Information Risk Management
      • PCI-DSS
      • Cyber Essentials
      • Police Cyber Security
      • NIS Directive/Regulations
      • Supply Chain Assurance
      • MySecurityManager
      • NHS Data Security and Protection toolkit
    • Physical Security
      • Review and Audit
      • Educational Physical Security
    • Business Continuity
  • Training
    • Data Protection/GDPR Training
    • Police Senior Information Risk Owner (SIRO)
    • Police Data Protection/GDPR Training
    • Police Information Asset Owner (IAO)
    • Public Sector Senior Information Risk Owner (SIRO)
    • Public Sector Information Asset Owner (IAO)
    • NIS Directive Training
    • Technical Information Risk Management (TIRM)
    • Bespoke Training
    • Use our Training Facilities
  • Blog
  • Contact Us
    • Press and Media
    • Downloads
  • Home
  • About Us
    • Advent IM – What Makes Us Tick?
    • Downloads
    • Advent IM Media
    • Advent IM News
    • Industry News
    • Certifications and Memberships
    • Vacancies
    • Trusted Partners
    • Useful Links
    • Legal Info
    • Privacy
  • Consultancy
    • Cyber Security
      • GDPR/MyDPO
      • ISO27001
      • ISO27552
      • Data Protection/GDPR
      • Educational Cyber Security
      • Information Risk Management
      • PCI-DSS
      • Cyber Essentials
      • Police Cyber Security
      • NIS Directive/Regulations
      • Supply Chain Assurance
      • MySecurityManager
      • NHS Data Security and Protection toolkit
    • Physical Security
      • Review and Audit
      • Educational Physical Security
    • Business Continuity
  • Training
    • Data Protection/GDPR Training
    • Police Senior Information Risk Owner (SIRO)
    • Police Data Protection/GDPR Training
    • Police Information Asset Owner (IAO)
    • Public Sector Senior Information Risk Owner (SIRO)
    • Public Sector Information Asset Owner (IAO)
    • NIS Directive Training
    • Technical Information Risk Management (TIRM)
    • Bespoke Training
    • Use our Training Facilities
  • Blog
  • Contact Us
    • Press and Media
    • Downloads

What is TOR ?

An opinion piece post from Advent IM Consultant, Del Brazil

TOR is a service that is freely downloadable that assists in providing anonymity or improves privacy for users who wish to keep, among other things, their internet location secure.  In essence it provides a defensive mechanism against traffic analysis, network surveillance and assists in protecting confidential business activities, relationships and potentially assists in maintain security.  It can also be used to circumnavigate certain country restrictions such as the ‘Great Firewall of China.’

TOR operates by operating through a series of virtual tunnels or a system of TOR relays (other TOR users) which facilitates the use of the TOR network.  In essence the more TOR relays (users) the faster, the more secure and more robust the TOR network is.  TOR relays (users) can be either Middle Relays, Exit Relays or Bridges each with a distinctive role to play in the TOR Network.  A Middle Relay allows internet traffic to be passed onto the next relay whilst the Exit Relay is the final relay before any internet traffic reaches its destination.  A user operating as a Middle Relay will have their IP Address masked and hence be hidden to the rest of the internet but visible to the TOR Network.  Any user/organisation conducting illegal or objectionable activities whilst operating as an Exit Relay may be answerable to policing agencies, complaints or copyright infringement notices etc.    TOR Bridges are vital TOR relays that enable users to circumnavigate censorship software deployed by various countries to ensure that information is freely available or distributed to all persons.

It was developed by the US Department of Defense and is still currently used today by the US Navy for open source intelligence gathering whilst some Journalists use it to contact whistle blowers.  A few organisations use TOR to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organisation. For example if you’re travelling abroad and you connect to your employer’s computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.  Some TOR users, such as research development engineers, journalists and seekers of democracy are clear that their use of TOR is for legitimate purposes; however it is clear that criminals are frequently using TOR to conduct illegal activities.  There are concerns from various organisations that TOR assists the criminal underworld in conducting illegal activities whilst remaining near enough un-discoverable such as drugs, person or arms trafficking, child abuse or identity theft; That said there has been a few high profile convictions of persons conducting illegal activities whilst using TOR, this includes the Silk Road investigation which resulted in the hidden underground illegal-drugs website being shut down in October 2013.

It has been reported that in the USA the NSA have attempted to target TOR users through cyber-attacks aimed at security weaknesses within various internet browsers.  These targeted attacks only go to reinforce the necessity to ensure that security measures are developed with browsers, applications, operating systems, software and hardware and are also updated on a regular basis.

There are a few security experts that have highlighted TOR as being the first step in attempting to remain secure against cyber-attacks; however as attacks methods and frequency increase, the likelihood of TOR remaining secure are rapidly diminishing.  This will not deter some elements of the internet community from utilising TOR as they strive to remain anonymous whilst corporate and government surveillance increases.

Is there a future for TOR in the corporate or even the government sector within the UK?  In the author’s opinion TOR is unlikely to be used in its current form as potentially throws up a multitude of questions as to why persons or organisations feel the need to conduct business behind ‘closed doors’.  In this age of where transparency and honesty go hand in hand the use of TOR may invoke a distrusting attitude which can harm business opportunities despite the legitimate use of TOR.  TOR does have its uses and in certain circumstances can assist with maintaining confidentiality whilst ensuring that the freedom of speech is maintained.  It is, as always, a fine balance between promoting a business whilst also protecting it as even though using of TOR is not illegal it may, if disclosed or later discovered deter businesses or organisations from interacting with each other.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to email this to a friend (Opens in new window)
  • More
  • Click to print (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on Skype (Opens in new window)
  • Posted by Ellie Hurst
  • On 3rd September 2015
  • 0 Comments
Tags: anonymous browsing, cyber security, dark web, deep net, privacy, Security, Tor

0 Comments

Content Search
Blog Categories
Post Tags
advent advent calendar advent IM business business continuity christmas CNI cyber attack cybercrime cyber crime cyber security cyber threat data breach data protection data protection act data security Ellie Hurst GDPR hack hackers hacking HMG ICO IFSEC information security Infosec Insider threat ISO27001 IT security Julia McCarron malware Mike Gillespie NCSC passwords phishing physical security privacy ransomware resilience risk management Security security tips surveillance camera commissioner Tony Porter training vulnerabilities
Blog Archive

Security Specialists Security Breached - from Dale Penn

Attack of the Drones - guest post from Julia McCarron - Advent IM Director

Scroll
Advent IM Limited

Advent IM is the UK’s leading independent information security and physical security consultancy.

We specialise in holistic security management solutions and have a proven track record of successful certifications.

Privacy Information

Legal Information

Latest Blog Posts
  • Solutions for yesterday’s DPD19 Crossword puzzle…
  • Top of the Breach – Data Protection Day – Top 5 Cyber Causes
  • Mike’s Medicine Show…a cautionary Data Protection Day tale…
  • New Crossword for Data Protection Day 2019
Our Tweets
  • Managing the physical protection of records is part of #dataprotection how good is your business at this… https://t.co/iy5E6PMiy418th February 2019 - 4:54 pm
  • If you need guidance through the process of gaining certification to the UK Government’s #CyberEssentials Scheme, t… https://t.co/hFOFXsU1D918th February 2019 - 4:50 pm
KEEP IN TOUCH…

Your Email (required)

Head Office: 0121 559 6699
London Office: 0207 100 1124
Email: bestpractice@advent-im.co.uk

Copyright @ 2016 Advent IM Limited.

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.