Is The Tor Browser Safe? (Security & Privacy Vulnerabilities)
Tor is safe to download and operate if you’re an advanced user and it’s absolutely necessary. However, it’s not 100% secure.
There are significant vulnerabilities that can put your safety and privacy at risk, and these risks often outweigh the browser’s benefits for most people.
If you’re a casual user, we recommend combining a safe private browser with a top-rated VPN service, instead.
In the table below, we summarize the strengths and weaknesses of the Tor browser when it comes to safety:
|Three layers of encryption shield your activity from tracking and surveillance by your ISP||Traffic at the exit node is exposed to surveillance and man-in-the-middle attacks|
|The websites you visit cannot see your public IP address or location||Data leaks can easily reveal identifying information|
|Tor is decentralised, so users do not have to trust a private VPN service||There is evidence of Tor users being de-anonymized|
|Grants access to the dark web||Tor is less safe on devices using iOS|
|Open-source software||Visiting HTTP sites will make you more vulnerable to surveillance as these sites do not encrypt your traffic|
|.Onion domains can harbour malware|
|Your public IP address is exposed to the guard node|
Here’s a more detailed list of potential safety and security issues when using the Tor Browser:
Tor Is Anonymous, But It Is Not Private
Tor is designed for complete anonymity. A singular node cannot have access to both your traffic and IP address, which means your identity and online activity within the Onion network are never disclosed at the same time.
While Tor is anonymous, it is not private. Your personal IP address is visible to the guard node, and your traffic is visible to the exit node. In theory, someone running an exit node can spy on your activity, although they won’t know who it belongs to.
Tor does provide more general privacy protections than a normal web browser like Google Chrome, including DNS over HTTPS. Your location is hidden and your ISP cannot track your traffic to the same degree – though it will still see that you are using the Tor Network, which can mark you for surveillance by some ISPs.
Despite these protections, it is still possible for certain groups to see at least some of your browsing activity. Vulnerabilities like data leaks or compromised exit nodes mean that it’s possible for some users to be de-anonymized.
Tor Can Leak Your IP & DNS Address
If you’re not concerned with privacy or anonymity, you can safely use Tor like a regular web browser. However, this will almost certainly result in data leaks that can reveal your true identity.
If you want to prevent IP and DNS leaks when using Tor, you should to avoid:
- Using browser extensions
- Downloading and opening files
- Downloading torrent files
All of these activities have the potential to route traffic outside of the Tor Browser or retain information that can de-anonymize you even within the browser.
Another common mistake is accessing HTTP sites. This won’t directly reveal your IP address, but it does make you much more vulnerable to surveillance due to the lack of additional encryption compared to HTTPS.
Malicious Exit Nodes
Anyone can operate an exit node. They have been known to be used for surveillance by criminals and even to operate man-in-the-middle attacks. When an exit node is used for exploitative purposes, it’s known as a malicious exit node.
While your traffic is encrypted for most of its journey through the Onion network, it is exposed when it passes through the exit node. This means that the final server operator has the ability to view your activity, just like an ISP would if you weren’t using Tor or a VPN.
This does not necessarily undermine your anonymity since the exit node has no way to see your true IP address. However, if you were to access an email account or Facebook page associated with your true identity, this could be observed and your identity would be exposed.
As of 2020, it is estimated that over 23% of Tor nodes are considered malicious. This amounts to approximately one in four exit nodes.
Malware Can Be Spread To Your Device
Tor is used to access dark web domains that are hidden from regular browsers. As a result, Tor users are susceptible to malware and viruses if the browser is not used carefully.
The dark web is saturated with malicious actors. Many websites within this space contain malicious scripts or malware that can be passed on to your computer if you click on an unsecured site.
One way this can happen is through port forwarding. Open ports can be dangerous when Tor is in use as infiltrators can hack your device through this method.
When a user clicks on a malicious site, your device is scanned for open ports. A message is sent to each port, where a hacker can identify which ports are open and vulnerable to exploits.
Vulnerable ports can be used to spread malware and gain unauthorised access to personal and financial information, resulting in your accounts being hacked.
Tor Is Less Safe on Some Mobile Devices
The Tor browser is available as an application for Android devices. If you use the app cautiously, using Tor on Android is no more dangerous than using it on desktop. The alpha release is easy to download and use, but the same risks apply as when you use the browser on desktop.
There is not an official Tor application for iOS, but the Onion Browser application can be used to access the Tor network on iOS if you absolutely need to. This is an open-source app designed by Mike Tigas, a lead developer for the Tor Browser.
If you need to use Tor on a mobile device, we recommend choosing Android.
Using Tor Without a VPN
Due to its association with the dark web, government authorities work hard to prevent criminal activity within the Tor network. Therefore the regular use of Tor can mark you for surveillance by the government.
If you don’t connect to a VPN, your ISP can see you are connected to the Tor network. This increases the likelihood of authorities monitoring your traffic and targeting you for de-anonymization.
Without a VPN, Tor’s guard node can also see your public IP address. This can reveal personal information such as your location and your ISP.
However, even with a VPN connection, you’ll still be subject to some of the same risks and vulnerabilities of the Tor network. But, a VPN can add an extra layer of protection.
Windows wasn’t built for anonymity. Even if you are careful and only access the internet from within the Tor browser, the operating system sends information back to Microsoft by default. This can result in your identity being revealed.
It is considered safer and more reliable to run Tor on Linux where possible.
Tails and Whonix are both popular Linux variants, which have been built for use with Tor.
However, you can run the service safely on practically any version of the Linux operating system, and further bolster your protection with a top-rated Linux VPN.