Tor究竟是什么、运作方式原理、为什么使用它

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's onion services let users publish web sites and other services without needing to reveal the location of the site. 人们也使用 Tor 进行一些涉及社会敏感信息的交流：例如，为强奸和虐待幸存者或患病人士提供的聊天室和网络论坛。

记者们使用 Tor 来更安全地与举报人和异见人士沟通。 非政府组织 (NGO) 使用 Tor 允许其工作人员在国外时连接到其总部网站，而不会让附近的所有人意识到他们正在为该组织工作。

Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. 企业使用 Tor 作为进行竞争分析的安全方式，并保护敏感的采购模式免受窃听者的窥探。 They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?

The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. 了解你的网络流量来源和目的地，就能让别人追踪你的行为和兴趣。 This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. 它甚至会泄露你的身份和位置，从而威胁你的工作和人身安全。 例如，如果您在国外旅行，并连接到雇主的计算机来查看或发送邮件，即使连接已加密，您也可能无意中向任何观察该网络的人透露您的国籍和职业关系。

流量分析是如何运作的？

互联网数据包由两部分组成：数据有效载荷和用于路由的头部。 The data payload is whatever is being sent, whether that's an email message, a web page, or an audio file. 即使你对通信的数据有效载荷进行加密，流量分析仍然可以揭示很多关于你在做什么以及你可能在说什么的信息。 That's because it focuses on the header, which discloses source, destination, size, timing, and so on.

A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.

但还有功能更强大的流量分析方法。 Some attackers spy on multiple parts of the Internet and use sophisticated statistical techniques to track the communications patterns of many different organizations and individuals. Encryption does not help against these attackers, since it only hides the content of Internet traffic, not the headers.

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you - and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.

To create a private network pathway with Tor, the user's software or client incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. 任何一个中继站都无法得知数据包的完整路径。 The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.

Once a circuit has been established, many kinds of data can be exchanged and several different sorts of software applications can be deployed over the Tor network. Because each relay sees no more than one hop in the circuit, neither an eavesdropper nor a compromised relay can use traffic analysis to link the connection's source and destination. Tor only works for TCP streams and can be used by any application with SOCKS support.

为了提高效率，Tor 软件对大约十分钟内发生的连接使用相同的链路。 后续请求会给予新的链路，以防止人们将你之前的操作与新的操作联系起来。