Home Internet with Anonymity Built In
A router that runs the Tor software prevents Web tracking.
Many political activists, nonprofits, and businesses use an anonymity system called Tor to encrypt and obscure what they do on the Internet. Now the U.S.-based nonprofit that distributes Tor is developing a low-cost home router with the same privacy protection built in.
The Tor software masks Web traffic by encrypting network messages and passing them through a series of relays (each Tor client can also become a relay for other users’ messages). But using Tor has typically meant installing the software on a computer and then tweaking its operating system to ensure that all traffic is routed correctly through the program.
“We want to make anonymity something that can happen everywhere, all the time,” says Jacob Appelbaum, a Tor project developer. “When you are connected to a router with Tor inside, all your traffic goes through Tor without you changing your system at all. It makes it simple to use.”
Appelbaum says volunteers are already testing a small number of modified routers with Tor installed. The prototypes were made by installing new software onto a popular low-cost wireless router made by Buffalo Technology. The software was developed by Appelbaum and colleagues at Tor and is based on the work of the OpenWrt project, which offers open source code for networking equipment. The finished routers can be configured to pass all traffic through Tor, or only some kinds of communications. “You might want to run your VOIP device through Tor but not your other traffic,” Appelbaum explains. They will also be capable of simultaneously offering Tor-protected and conventional wireless networks.
“If we find that these routers are useful [in the trials],” he says, “we could partner with OpenWrt and Buffalo to offer a version for sale that helps support the Tor and OpenWrt projects.” The software will also be made available for people to install on routers they have bought themselves, Appelbaum says.
Besides serving as Tor clients, the new routers will help anonymize the traffic of other Tor users. This means that they could help boost the performance the Tor network.
When a person uses Tor to bring up a Web page, the request is encrypted and sent along a random path through other Tor computers that act as relays. This obscures the originating IP (Internet protocol) address—a unique code that can be used to track down a Web user, to filter access to certain sites or services, or to build up a profile of a person’s Web use.
Generally, the process results in lag and restricts bandwidth, which deters some people from using Tor, says Chris Palmer, technology director at the Electronic Frontier Foundation. “The primary way to address that problem is to have more Tor relays in more places, connected to high-bandwidth, low-latency lines,” he explains. “Wireless routers may fit the bill well, if they can be built with the computational resources necessary to run a Tor relay of decent capacity.” Although consumer-grade routers are necessarily relatively low-powered, their capabilities have grown markedly in recent years, Palmer notes.
Tor routers could also make the entire Tor system better able to resist government attempts to block its use. An individual installation of Tor software hooks into the network by referring to a list of relays in a directory maintained by the Tor project. It is possible to block Tor by checking the same directory and preventing connections to the servers listed—a tactic apparently used by the Chinese authorities. It is possible to get around such a block, however, by configuring the Tor software to act as a “bridge,” or a private relay, that can only be discovered by word of mouth. A Tor router can also act as a bridge, and Appelbaum is considering making that a default setting.
During the protests in Iran that followed the 2009 election, the EFF campaigned for more people to act as Tor bridges to keep the government from blocking the tool, and Palmer says increasing the supply of bridges remains important. “It makes the adversary’s job more difficult when there are more possible bridges to advertise and use,” he says.
Appelbaum says, “If you have 10,000 people using these little routers, then China would have a lot more difficulty blocking Tor.”
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today