12

How should I explain the operation of Tor to a reasonably-intelligent but non-technical audience? I'm looking for a way to introduce folks to Tor in a way that helps them to understand its basic operation without overwhelming them.

Kinnard Hockenhull
  • 348
  • 1
  • 9
  • 3
    This is too broad of a question; can you be more specific? Are you asking about the routing protocol, the browser bundle, etc.? –  Sep 25 '13 at 19:28
  • To put Sam's question another way, are you looking for an answer suitable for a general audience ("lies we tell to children"), for folks looking to implement clients or services, for someone looking to get started using Tor, what? – Shog9 Sep 25 '13 at 19:43
  • Somewhere in between actually as the "lies we tell to children" should at least help them work their way to the truth ;) – Kinnard Hockenhull Sep 25 '13 at 21:27
  • It is broad but that doesn't prevent people from seeking or giving an answer to this question. A lot of people will come here looking for just this. – Kinnard Hockenhull Sep 25 '13 at 21:28
  • Hi Kinnard, at this stage, we really need to focus on the types of questions that would attract experts, people serious about the subject. You could improve this by focusing on a certain aspect of how Tor works. For instance, if you don't ask it, I'm prob going to ask what the SOCKS/proxy stuff does in the browser's configuration settings and how that works with the Tor relay. If you focus on specifics, it also creates more opportunities for more questions and more content. Hope this helps! :) – jmort253 Sep 25 '13 at 21:40
  • This is definitely a question for an expert to weigh in on and for which they'd receive A LOT of upvotes. – Kinnard Hockenhull Sep 26 '13 at 00:48
  • I think my question/answer includes this one http://tor.stackexchange.com/questions/73/how-does-tor-pass-my-traffic-around-and-should-i-be-worried-about-malicious-rela/74#74 – Sherief Alaa Sep 26 '13 at 05:39
  • 1
    I've edited this question to be more specific and reopened - please review! – Shog9 Sep 26 '13 at 17:48
  • Hmm, that's not quite what I meant. I'm actually thinking semitechnical rather than nontechinical. People who know what cryptography is and basically how it works but who aren't cryptographers, people who know how networks work basically but aren't network engineers. – Kinnard Hockenhull Sep 26 '13 at 19:03
  • @Shog9, love it - as written, it's clearly looking for a discussion among experts (discussing how they could explain it to non-experts), and seems likely to elicit useful answers. – Jaydles Sep 26 '13 at 19:10
  • Hmm, that is a bit different from this, and... That may be two separate questions, @Kinnard. Perhaps start from the network aspect: ask a question that assumes familiarity with TCP/IP and the basic routing structure of the Internet, but no understanding of "onion routing". – Shog9 Sep 27 '13 at 00:11

2 Answers2

6

Tor works by using a technique called onion routing.

Your client sets up a secure tunnel to a relay (its first node). It then uses that tunnel to mask its connection to a second relay (the middle node). It then uses the second tunnel (and thus the first) to create a secure connection to a third relay (a relay that has volunteered to be an exit node).

When you browse a webpage, your request is sent through the three-layer tunnel to the final exit node, who then sends the request out to whatever server you were talking to. The response from the server is similarly routed back through the three nodes to your computer.

In this way, no-one in the connection knows both your IP (the address of your computer) and what you're browsing for (the site you were talking with). Various parties know one or the other, but barring the various attack models, they cannot correlate the information.

Ry-
  • 113
  • 5
Megan Walker
  • 2,640
  • 1
  • 22
  • 30
4

For non-technical audiences I like to use the oft-quoted (but still reasonably good) safe analogy.

Imagine you want to send a message to somone via a (randomly selected) courier, but you don't want the person on the other end to know the message came from you, and you don't want the courier to read the letter. You can put the letter in a locked briefcase and have the courier take that (assuming the person on the other end has the key already), but they can still tell the person that the letter came from you. But what if you put that briefcase in another locked briefcase, and that briefcase in another locked briefcase, and pass it between three couriers. The first courier will have the key to the outermost briefcase, the second to the secon briefcase, and the final one to the innermost briefcase. Each one gets their briefcase, unlocks it, passes the next briefcase onto the next courier, until the letter gets passed to the recepient. Now only the last courier can read the letter, and only the first courier sees your face. Of course, the first courier might still try to tell the second one who you are, but it probably won't trickle all the way to your recepient (it's much less likely that someone will be able to find and pay off all three of your randomly selected couriers than it is just one).

People seem to get this okay, even if they know nothing about encryption, routing, computers, etc.