The Tor Browser itself is safe. It’s just the Tor network having security issues that make it less-than-secure. I’m going to use both terms interchangeably in this article and will explain just how safe the Tor Browser may be.

Table of contents

    Is the Tor Browser safe? Safety benefits vs. issues at a glance

    Before we get into the details, here’s a quick overview on safety issues and benefits to answer the question of whether the Tor Browser is safe:

    Tor safety benefits
    Tor safety issues
    Three layers of encryptions
    Entry node sees your IP, exit node sees your data
    Connects via three random nodes
    Nodes are run by volunteers and thus could be compromised
    Nodes are changed every five minutes
    Your privacy can be compromised by holding entry or exit nodes, or both.

    The security issues with the Tor Browser 

    To fully explain the security issues with the Tor Browser, we should talk about how Tor traffic is handled.

    How Tor works:

    1. Aspiring users need to download and install the Tor Browser to access Tor;
    2. The Tor Browser establishes a connection to the volunteer-maintained Tor network;
    3. The browser creates a circuit of three random Tor nodes;
    4. Any data you send out via the Tor Browser gets bundled into three layers of encryption;
    5. The Tor Browser forwards the data to the entry node (sometimes called the “guard node”);
    6. The entry node knows the data is coming from you, but it can’t see what data you’re sending. The entry node decrypts the first encryption layer to find out where to forward the data – what the middle node is;
    7. The middle node knows that data is coming from the entry node. It decrypts the second layer to find out where to send the data – what the exit node is;
    8. The exit node knows that the data is coming from the middle note. It decrypts the third layer of data to find where to send it – the node can also see the data now;
    9. Incoming data uses the same process, but from the other way around – the exit node is now the entry node, etc.;
    10. The Tor Browser periodically switches to a new random circuit of nodes.

    This allows you to more privately access regular websites as well as specific Tor websites. At this point, you might not see it, but the architecture of the Tor network is vulnerable to certain exploits.

    It’s easy to compromise a volunteer-run network

    The Tor Project doesn’t buy and maintain the nodes on the network – volunteers do. Meaning virtually anyone can host a Tor node. Hackers have the means to seed their nodes in the Tor network, and security agencies (CIA, GCHQ, FSB, etc.) have even more resources they can devote to putting up their own nodes.

    With enough nodes, you can intercept the data going through the entry and exit nodes of the same circuit. 

    Compromised nodes allow malicious parties to triangulate data

    If you control the entry node, you can find out which Tor users were accessing Tor via the node by recording their IP (Internet Protocol) addresses. If you control the exit node, you know what websites and services were accessed from Tor via that node.

    If you have enough nodes to get that data, you can piece together what someone was doing online at one point or another. 

    Malicious parties can monitor data at the exit node

    Exit node eavesdropping means hosting nodes with the intent to harvest data as it becomes deciphered by the exit node. This may have been the case in 2021 when an unknown entity had compromised 900 Tor network nodes

    Suppose your traffic isn’t encrypted by TLS (Transport Layer Security) or VPN (Virtual Private Network). In that case the person monitoring the exit node can capture, say, combinations of account names and passwords. 

    Tor exit nodes may be blocked

    This is more of an inconvenience than a vulnerability: some websites and services block Tor IP addresses from accessing their content. Going by the logic that Tor is a network that may be used for nefarious purposes (such as distributed denial of service (DDoS) attacks), some companies block it.

    For example, Wikipedia editing and BBC’s iPlayer block IPs from the Tor network.

    In addition, using Tor may be illegal in some countries due to dark web connections or just “security” concerns. Since your internet service provider can tell that you’re using Tor, this can expose you to the authorities.

    But outside of someone knowing that you’re using Tor, let’s consider whether they can track you while you’re using Tor.

    Can they track you on Tor?

    It is technically possible to track you on Tor. As discussed before, there are ways to compromise the volunteer-run network. 

    Tracking method #1: Triangulation

    Triangulation is possible by matching the entry and exit node use. It requires having enough nodes to compromise both ends of the circuit. This way, they could, for example, match Activist X (via his IP address) sending data via entry node at 15:04:37 and a post criticizing the government appearing on a block at 15:04:38. 

    Tracking method #2: Eavesdropping 

    Eavesdropping the exit node may allow for the theft of Tor users’ data. As the entry node removes the last layer of Tor decryption to forward the data, it may be possible to read it. In that case, it doesn’t take a genius to figure out that someone submitting your user name and password to a website is you (or just stealing those same log-ins they just saw you enter). 

    Tracking method #3: Noticing Tor use

    Noticing Tor use is something that can become dangerous if Tor Browser use is declared illegal. Your ISP (Internet Service Provider) doesn’t see what you do on Tor, but it can detect your internet traffic going via the Tor network. Thus, they can track when you use Tor and for how long. 

    What are the safety benefits of using Tor?

    While there are some dangers when using the Tor Browser (no greater than those of regular browsers), there are many reasons to use it to beef up your security:

    • It’s free: as a free tool, Tor is miles above using any free proxy or free VPN; 
    • It’s easy to use: you only need the Tor Browser, which is a) free, b) no more complicated to use than any other browser, and c) teaches you how to use it; 
    • It’s harder to compromise: with a proxy or VPN, you have to trust the supplier not to spy on you. With Tor, the network is decentralized, and your circuit changes constantly; 
    • It improves privacy: Tor encrypts your data, hides your browsing from the ISP, and keeps your IP address secret.

    Unfortunately, Tor is not a good solution for everyday use. The volunteer nature of the network means the connections are of variable quality, and the need to bounce over three nodes makes Tor Browser slow

    But if you’re using it for noble causes that demand secrecy, there are ways to improve it. 

    How to use the Tor Browser safely 

    We have a great article on how to use Tor safely, but here’s a short version for you: 

    1. Set your Tor Browser security settings: stricter modes are safer but harder to use; 
    2. Fiddle with other security settings: it’s possible to disable automatic cookie deletion, though you shouldn’t; 
    3. Change browsing habits: Tor doesn’t help much if you use it to log into your public Gmail account; 
    4. Try new circuits and identities: those are the two methods to switch up how the Browser reaches the rest of the network;
    5. Keep your security updated: this means using only the latest versions of your Tor Browser, VPN app, and antivirus;
    6. Use Tor over a VPN: some people can’t tell the difference between VPN and Tor. In a nutshell, a VPN is a different tech that can hide your entry node’s real IP, and its encryption can hide the exit node data. Not sure how it works? Check this:

    These steps should help keep you safe from being tracked while using Tor.

    In conclusion: it’s mostly safe to use Tor 

    It’s impossible to be completely anonymous online, but using the Tor Browser is one of the ways to make yourself more private. And there are ways to improve your safety while using it. As mentioned before, a VPN can help protect you at the entry and exit nodes. So why not get Surfshark?

    Use Tor over a VPN

    Get Surfshark

    FAQ

    Does Tor hide your IP?

    Tor hides your IP from the website or service you want to access. However, the Tor entry node sees your real IP unless you’re using a VPN. 

    Is Tor anonymous?

    Nothing is anonymous online. In the case of Tor, the entry node knows your IP, and the exit node can see the data you’re sending. It doesn’t pose a risk unless the same entity owns both nodes. 

    Is the Tor Browser safe without a VPN?

    Using Tor without a VPN may be unsafe under certain circumstances. Use it to maintain your security and privacy. 

    Is using Tor illegal?

    Tor, like VPNs, is legal in most of the world. Doing crime over Tor is, obviously, illegal.