1 00:00:00,000 --> 00:00:07,000 So now that we have Tor browser installed, let's go ahead and make sure that it's working as expected 2 00:00:07,000 --> 00:00:11,000 and is routing all of the traffic through the Tor network. 3 00:00:11,000 --> 00:00:19,000 Now I'm going to be using the Tor browser on Windows, but as seen before, the interface is identical 4 00:00:19,000 --> 00:00:21,000 on Windows, Linux and OSX. 5 00:00:21,000 --> 00:00:26,000 The installation is different and I showed you how to install it on all of these operating systems. 6 00:00:26,000 --> 00:00:32,000 So once it's installed, using the browser is exactly the same. 7 00:00:32,000 --> 00:00:35,000 So I'm going to double click the launcher. 8 00:00:37,000 --> 00:00:42,000 The first time you run it, it's going to ask you if you want to connect to the Tor network and you 9 00:00:42,000 --> 00:00:47,000 can tick this box so that it automatically connects to the Tor network. 10 00:00:47,000 --> 00:00:50,000 So I'm going to tick the box and I'm going to click on Connect. 11 00:00:52,000 --> 00:00:58,000 Once connected, I'm going to double check that I am actually connected to the Tor network by going 12 00:00:58,000 --> 00:01:02,000 to check dot tor project.org. 13 00:01:05,000 --> 00:01:08,000 And as you can see, it's saying Congratulations. 14 00:01:08,000 --> 00:01:16,000 This browser is configured to use Tor and it's given us the IP that our browser appears to be coming 15 00:01:16,000 --> 00:01:17,000 from. 16 00:01:17,000 --> 00:01:18,000 So this is not my real IP. 17 00:01:19,000 --> 00:01:23,000 This is the IP that I will appear that I'm coming from. 18 00:01:23,000 --> 00:01:30,000 So this is all perfect and I'll talk about more Tor settings in a future lecture. 19 00:01:30,000 --> 00:01:35,000 But right now I want to show you how to bypass Tor being blocked. 20 00:01:35,000 --> 00:01:42,000 So in case you came to this website and it didn't load, or if you saw a warning here saying Tor is 21 00:01:42,000 --> 00:01:50,000 not working, then this could be because your network administrator or your internet service provider 22 00:01:50,000 --> 00:01:52,000 is blocking you from using TOR. 23 00:01:53,000 --> 00:02:01,000 See, when you try to access Tor, as I mentioned before, the first thing you'll have to do is connect 24 00:02:01,000 --> 00:02:06,000 to the Tor network and send your traffic to a random Tor node. 25 00:02:06,000 --> 00:02:11,000 So you're going to pick one of these nodes and you're going to send your traffic through it as the first 26 00:02:11,000 --> 00:02:12,000 node. 27 00:02:13,000 --> 00:02:20,000 The problem is before you can actually connect and send data to this node, your data can easily be 28 00:02:20,000 --> 00:02:29,000 intercepted by your network administrator or your Internet service provider before it even reaches the 29 00:02:29,000 --> 00:02:34,000 first node and before it's even able to connect to the Tor network. 30 00:02:35,000 --> 00:02:44,000 So what your Internet service provider or ISP can do is they could identify all the available Tor nodes 31 00:02:44,000 --> 00:02:50,000 right here, the white circles, because they are publicly available and then just block them all, 32 00:02:50,000 --> 00:02:55,000 prevent you from connecting to any of these white circles. 33 00:02:55,000 --> 00:03:00,000 So therefore, whenever you try to connect to Tor, you're passing by Internet service provider, which 34 00:03:00,000 --> 00:03:05,000 is running a firewall, checking if you're trying to connect to any of these nodes. 35 00:03:05,000 --> 00:03:08,000 And if you are, it will block your connection. 36 00:03:08,000 --> 00:03:15,000 The result of this is when you come in to load this page, It will either not load or it's going to 37 00:03:15,000 --> 00:03:17,000 tell you that you're not using the Tor network. 38 00:03:18,000 --> 00:03:24,000 A simple solution to this is to use a Tor bridge as the first node. 39 00:03:24,000 --> 00:03:26,000 What we mean by third bridges. 40 00:03:26,000 --> 00:03:34,000 They are normal nodes similar to all the white circles that we can see in here, but they are not publicly 41 00:03:34,000 --> 00:03:35,000 available. 42 00:03:35,000 --> 00:03:42,000 So the only way that the Internet service provider was able to block us is because they know all the 43 00:03:42,000 --> 00:03:48,000 white circles, they know all the public nodes, and they have a rule in their firewall to prevent any 44 00:03:48,000 --> 00:03:52,000 user from connecting to any of these white circles. 45 00:03:52,000 --> 00:03:58,000 So to bypass this, we can just use a node that is not publicly available. 46 00:03:58,000 --> 00:04:01,000 It's not being advertised that way. 47 00:04:01,000 --> 00:04:08,000 When we try to connect to it, the Internet service provider will not have this node in its list and 48 00:04:08,000 --> 00:04:14,000 therefore we can connect to it and then continue using Tor going out to another website or even going 49 00:04:14,000 --> 00:04:17,000 in and accessing an onion service. 50 00:04:18,000 --> 00:04:20,000 So this is pretty good. 51 00:04:20,000 --> 00:04:21,000 It's a pretty good solution. 52 00:04:21,000 --> 00:04:29,000 Until firewalls and service providers became smarter and implemented more advanced methods, what they 53 00:04:29,000 --> 00:04:39,000 started doing is they started using deep packet filtering or what's known as DPI to identify tor traffic 54 00:04:39,000 --> 00:04:40,000 and block it. 55 00:04:40,000 --> 00:04:45,000 So they don't even care about which node you're trying to connect to. 56 00:04:45,000 --> 00:04:52,000 They started analyzing all traffic that you sent out of your computer, and they managed to identify 57 00:04:52,000 --> 00:04:54,000 what your traffic looks like. 58 00:04:54,000 --> 00:05:01,000 So like I said before, when you use Tor, they can't really see which websites you're trying to go 59 00:05:01,000 --> 00:05:08,000 to, but they'll be able to see that you're trying to use the Tor network either by identifying the 60 00:05:08,000 --> 00:05:15,000 node that you're trying to connect to or by using deep packet filtering, which will tell them that 61 00:05:15,000 --> 00:05:19,000 the traffic of this user matches a signature of a tor traffic. 62 00:05:19,000 --> 00:05:21,000 Therefore this user is using tor. 63 00:05:21,000 --> 00:05:24,000 Therefore we will block this traffic. 64 00:05:25,000 --> 00:05:29,000 So the solution to this is to use a pluggable transport. 65 00:05:30,000 --> 00:05:37,000 Pluggable transports will try to make your traffic look similar to any other normal traffic. 66 00:05:37,000 --> 00:05:43,000 So when you're trying to connect to a bridge, we're going to use a bridge that can use a pluggable 67 00:05:43,000 --> 00:05:44,000 transport. 68 00:05:44,000 --> 00:05:50,000 And this way all the traffic that we're going to send will not look like tor traffic. 69 00:05:50,000 --> 00:05:56,000 It will look similar to traffic that's generated when you're trying to access Google or Facebook or 70 00:05:56,000 --> 00:06:01,000 any other website similar to any normal web traffic. 71 00:06:01,000 --> 00:06:03,000 Now, this is a pretty good solution. 72 00:06:03,000 --> 00:06:09,000 It will work in many cases, but it can still fail in some instances. 73 00:06:09,000 --> 00:06:15,000 But the worst case scenario, even if it fails, the Internet service provider will be able to know 74 00:06:15,000 --> 00:06:16,000 that you're using Tor. 75 00:06:16,000 --> 00:06:23,000 But again, they won't really know which websites you're trying to access unless they run a more sophisticated 76 00:06:23,000 --> 00:06:24,000 attack. 77 00:06:26,000 --> 00:06:29,000 Now, keep in mind, this will slow down your connection. 78 00:06:29,000 --> 00:06:36,000 So if you were able to browse this page and it's telling you that everything is working, then maybe 79 00:06:36,000 --> 00:06:38,000 you don't you shouldn't really use them. 80 00:06:38,000 --> 00:06:41,000 It really depends on your case. 81 00:06:41,000 --> 00:06:48,000 And in the next lecture I'm going to show you how to configure Tor to use a bridge with a pluggable 82 00:06:48,000 --> 00:06:53,000 transport to access the Tor network, even if it's being blocked.