WEBVTT

0
00:01.290 --> 00:02.130
Welcome back!

1
00:02.800 --> 00:10.140
We’ve just seen what a great tool Tor is. It’s used by people all over the world to browse the Web

2
00:10.140 --> 00:17.910
freely, anonymously and circumvent censorship while online surveillance becomes more and more prevalent.

3
00:18.930 --> 00:24.120
It can be used to browse both the surface web and the deep dark web.

4
00:25.500 --> 00:33.030
One of the first questions many users ask is if using Tor or browsing the Dark Web is illegal.

5
00:35.000 --> 00:42.890
The simple answer is that nor using Tor neither browsing the Dark Web is illegal. Tor is just an

6
00:42.890 --> 00:52.190
open network that anonymizes its users and the onion services that run on the dark web are only applications 

7
00:52.400 --> 00:55.100
like web, chat or email servers. 

8
00:55.640 --> 01:01.070
But most of the activities that occurred on the Dark Web are illegal.

9
01:01.580 --> 01:08.300
Note that there are some countries like China or iran that block the Tor network, by blocking

10
01:08.300 --> 01:12.140
the communication with the Tor relays which are public.

11
01:12.560 --> 01:20.240
So the subject of the legality or illegality of the Dark Web, in those countries of the world, is an ongoing

12
01:20.240 --> 01:20.890
discussion.

13
01:22.070 --> 01:26.720
Keep in mind that there is no such thing as 100 % security.

14
01:27.020 --> 01:31.180
And even Tor has some vulnerabilities. In this lecture

15
01:31.550 --> 01:35.060
I'll show you a few things so you can use it securely.

16
01:36.880 --> 01:43.870
For example by putting the entire Tor circuit together, an adversary could be able to see the IP 

17
01:43.870 --> 01:51.700
address of the user on the first relay and the final destination of their web traffic on the last relay,

18
01:52.240 --> 01:56.530
allowing him to match users to their online activity. 

19
01:56.860 --> 02:01.080
Some reports showed that the many exit relays are compromised.

20
02:02.380 --> 02:10.090
FBI, Europol and NSA used this attack to shut down hundreds of Dark Web domains and the arrest

21
02:10.220 --> 02:11.700
tens of criminals.

22
02:13.050 --> 02:18.780
If you want to dig deeper into this attack, you should read its analyses done by the Tor project.

23
02:18.990 --> 02:22.310
I’ll also attach it as a resource to this lecture.

24
02:24.210 --> 02:31.650
Let's see what are the best practices when using Tor so that you don't expose yourself to vulnerabilities

25
02:31.950 --> 02:37.320
and exploits that could compromise your identity, privacy or your device.

26
02:38.460 --> 02:46.020
In my opinion, one of the biggest problems with Tor is the traffic isolation, which means sensitive

27
02:46.020 --> 02:49.620
traffic that is transmitted outside to the Tor network.

28
02:50.100 --> 02:57.360
Just imagine that using Tor you download a document that contains the link you'll click on. That link

29
02:57.600 --> 03:02.280
will be opened with your default browser, which is not Tor and your

30
03:02.300 --> 03:11.010
real identity will be exposed. Or a document could embed a script that automatically accesses a server

31
03:11.310 --> 03:12.660
and you are exposed.

32
03:13.650 --> 03:18.330
So you should use Tor in an isolated, security focused system,

33
03:18.510 --> 03:21.690
that  runs on a dedicated machine or in a VM.

34
03:22.560 --> 03:27.210
The TAILS Linux, distro we’ve talked about in a previous lecture,

35
03:27.510 --> 03:32.340
is a very good candidate because all traffic goes only though the tor network.

36
03:32.760 --> 03:39.060
There are no other applications that you'll connect normally to the Internet to expose your real IP

37
03:39.060 --> 03:39.540
address.

38
03:41.230 --> 03:48.490
So installing and running the Tor browser on Windows is not the smartest decision if you take

39
03:48.550 --> 03:50.320
anonymity seriously.

40
03:51.570 --> 03:58.380
If you want to check if Tor is working and that your connections are really anonymized, you can visit

41
03:58.500 --> 04:03.630
this website that will tell you if you appear to be coming through the Tor network.

42
04:04.900 --> 04:11.290
In this example, I am not using Tor and the website displays the correct message.

43
04:12.710 --> 04:14.420
Let's try it with Tor!

44
04:15.320 --> 04:20.800
I'm opening the Tor browser and I'll paste this address in the url bar.

45
04:23.060 --> 04:26.110
This is Tor and I'm pasting the address.

46
04:27.740 --> 04:32.990
Congratulations, this browser is configured to use Tor. Perfect.

47
04:34.420 --> 04:37.880
The exit relay is located in Luxembourg.

48
04:38.630 --> 04:44.790
A second rule is that you should not open documents downloaded through the Tor browser while you are

49
04:44.790 --> 04:45.210
online.

50
04:45.630 --> 04:51.390
Open them while you are off line or from an operating system like TAILS.

51
04:51.400 --> 04:56.580
As I've just said, they can contain resources that could reveal your IP address.

52
04:57.660 --> 05:00.270
Similarly, do not use torrents over Tor.

53
05:00.720 --> 05:06.630
They will send out your real IP address in the tracker GET request and deanonymouse you. 


54
05:08.330 --> 05:13.700
Do not sign in to websites if you don't want them to find out who you are.


55
05:14.450 --> 05:22.130
Once you sign into a website like Facebook, you have identified yourself to that website and to anyone 


56
05:22.130 --> 05:25.550
who might be observing the activity on that site.

57
05:27.190 --> 05:31.930
Use only HTTPS and other protocols that are encrypted.


58
05:32.320 --> 05:34.000
Do not use HTTP.

59
05:35.120 --> 05:39.770
Tor will encrypt the traffic to anonymize you, but the exit relay 


60
05:40.010 --> 05:42.200
will have access to the original packet. 

61
05:42.560 --> 05:49.040
If it’s not encrypted like say an HTTP packet, then the exit relay can see sensitive data like 

62
05:49.070 --> 05:50.960
usernames and passwords.

63
05:51.710 --> 05:58.490
Take a look at this diagram made by the Electronic Frontier Foundation to get a better understanding.

64
06:05.090 --> 06:11.840
Do not visit the Dark Web or visit only sites you trust. The Dark Web is the criminal's heaven.

65
06:12.260 --> 06:15.260
Many sites will try to infect you with malware.

66
06:15.680 --> 06:18.210
Do not click on ads or random links.

67
06:19.940 --> 06:24.960
Changed the security level of the Tor browser to safer or safest.

68
06:27.360 --> 06:28.740
So go to options -

69
06:30.970 --> 06:32.530
Privacy and security -

70
06:34.380 --> 06:41.490
and there you'll find 3 security levels: standard, which is the default, safer and safest.

71
06:42.620 --> 06:50.060
Note that it’s possible that some websites won’t work because components like JS or


72
06:50.060 --> 06:52.070
HTML5 media will be blocked. 

73
06:54.350 --> 07:01.450
Use the latest version of the Tor browser because security flaws are often discovered and patched.

74
07:02.520 --> 07:09.630
For example, in June 2019, a critical security flaw that has helped cyber criminals to

75
07:09.630 --> 07:14.760
take full control of systems running vulnerable versions was discovered.

76
07:15.800 --> 07:22.670
Also, note that the Secret Services all over the world monitoring the Tor network for illegal activities. 

77
07:23.060 --> 07:25.670
Even if you are just visiting the Dark Web

78
07:25.820 --> 07:28.490
you can become a suspect or even a target.

79
07:29.070 --> 07:29.530
OK.

80
07:29.820 --> 07:30.470
That's all!

81
07:31.350 --> 07:37.740
Follow all of these advice for a secure and anonymous web browsing experience.