TOR Browser Unmasked: A Deep Dive into Anonymous Browsing

Written by: Nearchos Nearchou



Time to read 6 min


TOR aims to provide online anonymity by using a unique architectural network topology, which involves thousands of nodes deployed worldwide. If a hacker gains access to a node (relay), he/she can see the traffic that runs through it, but he/she cannot see where it comes from or goes next. The anonymous nature of TOR along with the use of cryptocurrencies, e.g., Bitcoin, Ethereum, Monero, etc., makes TOR one of the most sophisticated technologies of all time


Without the dedication of powerful resources and the use of advanced techniques, it is practically impossible to backtrack and trace someone’s identity. The figure below shows how traffic flows through the TOR network.

Despite its advanced capabilities and features, a TOR browser deployment is a relatively straightforward process that requires no advanced knowledge and it does not differ from traditional browser installations. It is compatible with all major computer and mobile operating systems, i.e., Windows, Linux, macOS, Android, and iOS. With at least three layers of encryption or the layers of an onion, onion routing bounces traffic through a network of relays. Throughout this process, it masks the user’s original IP address, making the connection highly anonymous and secure.


The TOR network consists of four main components:

  • The TOR client: It is a piece of software that a TOR user has installed on their device. This program generates an anonymous circuit and manages all of the cryptographic keys required to communicate with each of the circuit's necessary nodes.

  • Entry/Guard node: The client request is received by the first relay in the circuit, which then passes it on to the following network node.

  • Middle nodes: Middle nodes are neither a guard nor an exit, but act as the connection between the two. 

  • Exit node: It is the final TOR relay.

The link between the entrance and exit relays is encrypted, as seen in the figure above. The "Advanced Encryption Standard" is used for this (AES). However, there is no encryption used for the communication between the exit node and the ultimate destination. This suggests that an attacker waiting near the destination will be able to see data packets if the connection between the client and the final destination is not encrypted as part of a higher security protocol, like HTTPS. The following table shows the characteristics of the popular browsers Google Chrome and the TOR browser


Orbot: The mobile version of the TOR browser

Orbot is a free app that provides anonymity for Android users. This app is integrated with TOR and allows traffic to route through several nodes on the TOR network. The TOR Project team stated that Orbot has a built-in VPN feature that helps users bypass firewalls and access blocked content. Orbot ensures that the users’ data and privacy remain protected from the prying eyes of the government and Internet Service Providers.


Orbot’s user interface is straightforward to learn, and users do not have to configure anything for basic use. However, a more advanced configuration is also available for experienced users, allowing them to configure Orbot as they prefer. The Orbot app is available on Android devices via the Google Play Store. Presently, users cannot download Orbot on a computer unless they use an Android emulator. The following list describes some of Orbot’s most significant advantages.

  • Ad-free and Open-source: Unlike traditional VPN apps that promote ads whenever the apps are opened or used, Orbot is free of ads. This is because Orbot is open-source, and anyone can check the code of the software.

  • Protection against network surveillance: Orbot encrypts users’ traffic, and the data packets travel through several nodes before reaching the end-server. In this way, the app ensures that the users’ data remains protected from hackers, law enforcement authorities, and the government.

  • Root access: Users can proxy (route) all of their outgoing traffic from their Android device through Orbot if they have root/administrative access. The users can also manage which apps they want to use with Orbot.

Conclusion to the TOR network

What has been discussed so far constitutes only a part of the complex mechanisms and advanced procedures taking place in the TOR network. There are specific key characteristics that substantially affect TOR’s workflow. The TOR browser has been designed in such a way that users can adjust performance and anonymity based on their needs. For instance, users who value their anonymity greatly (such as dissidents) might prefer that their traffic flow uniformly across all routers to reduce the possibility of their traffic being compromised by high-bandwidth routers. 


On the other hand, customers who are less concerned with privacy and only utilize the network for casual web browsing may place a higher emphasis on performance and feel more at ease utilizing high-bandwidth routers. However, both types of users benefit from high levels of anonymity and security and can browse the Internet without worrying about having their identities compromised.


The use of TOR and other anonymous browsers is not illegal. In fact, such dark browsers can be used to privately access both the public Internet and the deeper parts of the web. The privacy offered by the TOR network is significant in the current digital era. Corporations, organizations, and governing bodies participate in mass unauthorized surveillance of users’ online activity. Some people do not want the government or even Internet Service Providers to monitor their web browsing. Users in authoritarian regimes are often prevented from accessing some parts of the Internet. The combination of TOR and a Virtual Private Network (VPN) can help these users access blocked content without being tracked

Nearchos Nearchou

Nearchos Nearchou is a determined person and 1st Class BSc (Hons) Computer Science and MSc Cyber Security graduate. He is a big tech-lover and spent several years exploring new innovations in the IT field. Driven by his passion for learning, he is pursuing a career in the Cyber Security world. Passionate about learning new skills and information that can be used for further personal and career development. Finally, he is the author of the book “Combating Crime On The Dark Web”.

1. What is the TOR network, and how does it provide online anonymity?

The TOR (The Onion Router) network is a decentralized system designed to enhance online privacy and security. It operates by routing internet traffic through a series of volunteer-operated servers, encrypting the data at each step. This process helps to anonymize users' online activities by concealing their IP addresses, making it difficult to trace their online behavior back to them.

2. What are the key components of the TOR network, and how do they function?

The TOR network comprises four main components: the TOR client, responsible for generating anonymous circuits and managing cryptographic keys; entry/guard nodes, which receive and forward user requests; middle nodes, serving as connectors between entry and exit nodes; and exit nodes, the final relays in the TOR circuit. The TOR client on a user's device encrypts and bounces traffic through this network of nodes, obscuring the user's original IP address for enhanced anonymity. The encryption between entry and exit relays uses the Advanced Encryption Standard (AES), ensuring the secure transmission of data within the TOR network.

3. How does the TOR browser differ from mainstream browsers like Google Chrome?

The TOR browser differs from mainstream browsers like Google Chrome by prioritizing privacy and anonymity. It allows access to hidden onion sites, operates on a free and open-source model, and ensures safe and private browsing, making it a preferred choice for users seeking heightened online security.

4. What is Orbot, and how does it contribute to mobile privacy on the TOR network?

Orbot is the mobile version of the TOR browser, providing anonymity for Android users. It contributes to mobile privacy by integrating with TOR, allowing traffic to route through TOR nodes, encrypting user data, and protecting it from surveillance by government and Internet Service Providers. Orbot's straightforward user interface and root access features enhance privacy for Android users seeking a secure browsing experience on the TOR network.

5. Is the use of TOR legal, and how can it benefit users in terms of online privacy?

The use of TOR is legal, and it benefits users by providing a shield against online surveillance. TOR allows users to browse the internet anonymously, protecting their privacy from corporations, organizations, and government entities that engage in unauthorized surveillance. It is particularly valuable for users in authoritarian regimes, helping them access blocked content without being tracked.

Leave a comment