Hacker News new | past | comments | ask | show | jobs | submit login
How Tor Works: Part One (jordan-wright.com)
178 points by billconan on Dec 19, 2015 | hide | past | web | favorite | 16 comments

If you use Tor, or want to support those that need it to communicate safely online, consider donating to (their first ever!) end-of-year fundraising drive: https://blog.torproject.org/blog/our-first-real-donations-ca...

Thanks for the link! I've finally put my money where my mouth is and donated.

Oh, hi there! Author here. Glad y'all like the post! I've been on a break recently working on other projects, but I'm finishing up a post for this series soon, so stay tuned!

I'll be hanging around off and on, and am happy to answer any questions!

This was a fantastic post. Granted the high-level view skirts very technical aspects of Tor, this post is perfect for laypeople who hear about "Tor" and ask about it.

Not being factitious here. Do you have a better (more technical) alternative?

(Do note that many things in the paper have changed, for example, the hidden service design.)

In part2/3 or wherever you discuss hidden services, can you please not call them the "dark web"? That term is being thrown around so much lately that it has lost all useful meaning.

Imho the "dark web" means those parts of the web not publicly visible, ie not indexed by search engines and/or places not accessible to the public. Most hidden services are indexed and are publicly accessible ... so they are not by definition dark.

I agree that terms like "dark web" and "deep web" have been used so much (and often interchangeably), that they've mostly lost their meaning. That being said, I've always used "dark web" in reference to things like hidden services, i2p, etc, and I've used "deep web" to mean unindexed/inaccessible content.

I like "onion services".

Along the same lines, there's an incredible series by Tom Ritter that describes how mix networks work. Here's the first post: https://crypto.is/blog/what_is_a_remailer

I have read all 1-3 parts that seem available at this time. My immediate questions are:

(a) is the client supposed to get a copy of the consensus to start with? (b) what if direct access to all DAs are blocked?

a). Yes, b). That is one of the ways to block access to Tor: either block torproject.org (in which case you use the GetTor service or mirrors), or the DAs, in which case you can't bootstrap. The way around that is to use bridges (unpublished relays to which you connect) or pluggable transports which now come bundled with Tor Browser. (https://www.torproject.org/docs/pluggable-transports.html.en)

This is the best top-level description of Tor that I've ever read!

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact