WEBVTT

00:00.760 --> 00:01.720
So what?

00:01.720 --> 00:10.150
A store tour is short for the onion router, and it's basically a network of computers or servers designed

00:10.150 --> 00:13.060
to improve anonymity and privacy.

00:13.780 --> 00:21.280
It's the most common anonymizing network with the most amount of users, and it also allows connected

00:21.280 --> 00:25.790
users to offer hidden services or online services.

00:25.810 --> 00:32.920
So these are basically deep net or darknet websites, and that's what most people refer to when they're

00:32.920 --> 00:40.630
talking about Darknet or the deep net websites, even though it could mean many other anonymizing networks

00:40.630 --> 00:42.670
and hidden services networks.

00:43.570 --> 00:48.520
I should also note that Tor relies on onion routing.

00:48.550 --> 00:56.290
This is a technique that was designed by the US Army in order to protect their intelligence communications.

00:56.800 --> 00:58.720
You might want to use Tor.

00:58.720 --> 01:05.080
Even if you don't want to access the deep net, you can literally just use it if you want to protect

01:05.080 --> 01:07.300
your privacy and anonymity.

01:07.990 --> 01:10.120
So why you might want to do that?

01:10.690 --> 01:14.630
Well, let's see what happens when you connect to a website.

01:14.650 --> 01:21.250
So let's say, for example, you open your browser and you navigate to Google.com or Facebook.com by

01:21.250 --> 01:27.490
default without really doing or trying anything, these websites will be able to see your location,

01:27.490 --> 01:32.590
your browser version, your operating system, and much more information.

01:32.890 --> 01:39.040
And it doesn't stop there, for example, because you use Google to search for a lot of things.

01:39.070 --> 01:45.400
Google can see everything you search right now and even everything that you searched before.

01:46.030 --> 01:53.500
Not only that, but again, big websites such as Google and Facebook, they can even potentially access

01:53.500 --> 01:57.610
your activity outside of these websites.

01:58.030 --> 02:02.520
They use this relying on the features they offer to other websites.

02:02.530 --> 02:07.840
For example, any website that would have a Google or a Facebook share button would have a piece of

02:07.840 --> 02:11.620
code from Google or from Facebook running on their website.

02:11.620 --> 02:17.110
And again, Google and Facebook use this code in order to see which websites you visit.

02:17.110 --> 02:21.850
And obviously they use that in order to serve you ads related to you.

02:21.880 --> 02:27.040
We all know that you search for something and you start seeing it everywhere else, but it doesn't stop

02:27.040 --> 02:27.460
there.

02:27.490 --> 02:34.210
We've all read the Cambridge Analytica scandal and how they were able to access private information

02:34.210 --> 02:35.980
about Facebook users.

02:35.980 --> 02:38.710
And it doesn't even stop at this.

02:38.710 --> 02:46.420
There are several reports reporting that websites such as Facebook creates ghost profiles, so profiles

02:46.420 --> 02:50.430
for people that don't even have a Facebook account.

02:50.440 --> 02:53.890
So you might think, okay, I don't have a Facebook account.

02:53.890 --> 02:55.330
They can't really track me.

02:55.360 --> 03:02.500
No, they still probably have a profile about you because like I said, any website that you visit that

03:02.500 --> 03:09.070
has a Facebook like button or a Facebook share button will collect data about you.

03:09.070 --> 03:11.270
And Facebook is not going to stop there.

03:11.290 --> 03:13.000
They will create a profile.

03:13.000 --> 03:19.150
They'll add some name to it or some identity to it, and they'll have all the things related to you

03:19.180 --> 03:25.090
what you like, what websites you visit, what did you purchase recently, and so on.

03:25.880 --> 03:27.830
This is only what's been reported.

03:27.830 --> 03:33.890
So you can only imagine what's happening without getting caught and without being reported.

03:34.860 --> 03:36.960
So what's the solution?

03:37.140 --> 03:41.220
Well, Thor is actually a pretty good solution to prevent this.

03:41.250 --> 03:50.370
So when you connect to Tor, you can imagine Tor being this really big network and it has a large number

03:50.370 --> 03:51.060
of servers.

03:51.060 --> 03:57.210
So each circle in here is literally a server in the Tor network.

03:57.450 --> 04:02.460
So you'll connect to Tor and let's say you want to go to Google.com.

04:02.580 --> 04:09.270
What's going to happen is your request is going to bounce over three different servers or three different

04:09.300 --> 04:12.780
nodes before it goes to Google.

04:13.410 --> 04:21.960
So Google can only see the last node or the last server or the last computer that the request was sent

04:21.960 --> 04:22.650
from.

04:22.710 --> 04:26.370
It can't see you or the original user.

04:27.120 --> 04:30.030
Keep in mind that these servers are shared.

04:30.030 --> 04:36.000
So at any point of time there would be millions of users using the Tor network.

04:36.000 --> 04:40.310
So there would be lots of requests going in and out of each node.

04:40.320 --> 04:44.690
So when you're going into this node, you're not the only user accessing this node.

04:44.700 --> 04:50.970
So there are lots of requests coming in and out of here, same in here and same in here.

04:51.180 --> 04:58.220
So this node could potentially be sending thousands of requests out to a number of websites.

04:58.230 --> 05:06.390
Therefore, whatever website these requests are going to, it is very hard for it to profile that request

05:06.390 --> 05:09.240
or to know where that request came from.

05:09.900 --> 05:18.160
Also, data sent within the Tor network is always encrypted, so you can see the green arrows in here.

05:18.180 --> 05:26.610
These represent encrypted data and the only two times where your data is sent unencrypted is the red

05:26.610 --> 05:27.150
arrows.

05:27.150 --> 05:34.710
So it's when you try to send something to the terror network and it's when data leave the Tor network.

05:35.610 --> 05:44.520
This arrow right here is not very important because if the Target website uses https or if you're using

05:44.520 --> 05:52.590
a browser plugin that forces https, then this data right here will be encrypted by HTTPS, by SSL.

05:52.950 --> 05:59.880
So the only point where your data is sent unencrypted is when you're sending data to Tor.

06:00.900 --> 06:08.190
Also keep in mind, whenever you're sending data to Tor, even with to your Internet service provider,

06:08.190 --> 06:14.190
they can see that you're trying to access Tor, but they won't be able to see the websites you're trying

06:14.190 --> 06:15.030
to access.

06:15.030 --> 06:20.760
So all they'll be able to see is this person right here is trying to access Tor, but they won't really

06:20.760 --> 06:24.630
be able to see that you're trying to go to Google.com.

06:24.630 --> 06:30.540
So even if there was a hacker or even if there was censorship in place, they really won't be able to

06:30.540 --> 06:32.550
see which websites you're going to.

06:32.580 --> 06:36.930
They'll only be able to see that you're accessing the Tor network.