1
00:00:01,170 --> 00:00:01,620
OK.

2
00:00:01,650 --> 00:00:08,440
So now that we have Tor Browser installed let us go ahead and make sure that it's working as expected

3
00:00:08,680 --> 00:00:13,630
and is routing all of the traffic through the Tor network.

4
00:00:13,690 --> 00:00:20,650
Now I'm going to be using detailed browser on Windows but as seen before the interface is identical

5
00:00:20,650 --> 00:00:24,630
on Windows Linux and OS X the installation is different.

6
00:00:24,640 --> 00:00:28,650
And I showed you how to install it on all of these operating systems.

7
00:00:28,690 --> 00:00:34,480
So once it's installed using the browser is exactly the same.

8
00:00:34,480 --> 00:00:37,090
So I'm going to double click the launcher

9
00:00:40,160 --> 00:00:46,370
and as you can see you get a normal browser window and don't maximize this window ever.

10
00:00:46,400 --> 00:00:52,490
And I'll talk about that later but for now just to check to make sure that Tor is working.

11
00:00:52,490 --> 00:00:56,800
I'm gonna go to check that Tor Project dot org

12
00:00:59,590 --> 00:01:02,160
and as you can see it's saying congratulations.

13
00:01:02,170 --> 00:01:10,840
This browser is configured to use tour and it's given us the IP that our browser appears to be coming

14
00:01:10,840 --> 00:01:11,230
from.

15
00:01:11,230 --> 00:01:13,300
So this is not my real IP.

16
00:01:13,300 --> 00:01:17,560
This is the IP that I will appear that I'm coming from.

17
00:01:18,340 --> 00:01:24,540
So this is all perfect and I'll talk about more tor settings in a future lecture.

18
00:01:25,120 --> 00:01:29,770
But right now I want to show you how to bypass tor being blocked.

19
00:01:30,010 --> 00:01:37,480
So in case you came to this Web site and it didn't load or if you so a warning here say in tour is not

20
00:01:37,480 --> 00:01:45,370
working then this could be because your network administrator or your Internet service provider is blocking

21
00:01:45,370 --> 00:01:47,930
you from using Tor.

22
00:01:48,250 --> 00:01:55,460
See when you tried to access tor as I mentioned before the first thing you'll have to do is connect

23
00:01:55,490 --> 00:02:02,030
to the TOR network and send your traffic to a random TOR node so you're going to pick one of these nodes

24
00:02:02,390 --> 00:02:07,370
and you're going to send your traffic through it as the first node.

25
00:02:07,400 --> 00:02:15,410
The problem is before you can actually connect and send data to this node your data can easily be intercepted

26
00:02:15,650 --> 00:02:24,820
by your network administrator or your Internet service provider before it even reaches the first node.

27
00:02:24,890 --> 00:02:29,520
And before it's even able to connect to the TOR network.

28
00:02:29,600 --> 00:02:38,300
So what your Internet service provider or ISP can do is they could identify all the available tor nodes

29
00:02:38,300 --> 00:02:43,080
right here the white circles because they are publicly available.

30
00:02:43,220 --> 00:02:49,040
And then just block them all prevents you from connecting to any of these wide circles.

31
00:02:49,490 --> 00:02:55,070
So therefore whenever you try to connect to Tor your person by Internet service provider which is running

32
00:02:55,070 --> 00:03:02,210
a firewall checking if you're trying to connect to any of these nodes and if you are to block your connection

33
00:03:03,110 --> 00:03:09,560
the result of this is when you come in to load this page it will either not load or it's going to tell

34
00:03:09,560 --> 00:03:17,400
you that you're not using the Tor network a simple solution to this is to use at Tower Bridge as the

35
00:03:17,400 --> 00:03:21,340
first node what we mean by Todd Bridges.

36
00:03:21,340 --> 00:03:26,100
They are normal nodes similar to all the white circles that we can see in here.

37
00:03:26,320 --> 00:03:29,790
But they are not publicly available.

38
00:03:29,860 --> 00:03:37,000
So the only way that the Internet service provider was able to block us is because they know all the

39
00:03:37,000 --> 00:03:43,480
white circles they know all the public nodes and they have a rule in their firewall to prevent any user

40
00:03:43,540 --> 00:03:47,170
from connecting to any of these white circles.

41
00:03:47,170 --> 00:03:53,200
So to bypass this we can't just use a node that is not publicly available.

42
00:03:53,200 --> 00:04:00,520
It's not being advertised that way when we try to connect to it the Internet service provider will not

43
00:04:00,520 --> 00:04:07,150
have this node in its list and therefore we can connect to it and then continue using Tor going out

44
00:04:07,180 --> 00:04:12,810
to another Web site or even going in and accessing an online service.

45
00:04:12,830 --> 00:04:20,780
So this is pretty good it's a pretty good solution until firewalls and service providers became smarter

46
00:04:20,810 --> 00:04:28,190
and implemented more advanced methods what they started doing is they started using deep packet filtering

47
00:04:28,340 --> 00:04:37,640
or what's known as the API to identify towards traffic and block it so they don't even care about which

48
00:04:37,640 --> 00:04:39,490
node you're trying to connect to.

49
00:04:39,500 --> 00:04:46,970
They started analyzing all traffic that you sent out of your computer and they managed to identify what

50
00:04:46,970 --> 00:04:49,400
Tor traffic looks like.

51
00:04:49,400 --> 00:04:56,690
So like I said before when you use Tor they can't really see which websites you're trying to go to but

52
00:04:56,930 --> 00:05:03,800
they'll be able to see that you're trying to use the Tor network either by identifying the note that

53
00:05:03,800 --> 00:05:10,250
you're trying to connect to or by using deep packet filtering which will tell them that the traffic

54
00:05:10,250 --> 00:05:14,060
of this user match is a signature of Tor traffic.

55
00:05:14,060 --> 00:05:16,330
Therefore this user is using tour.

56
00:05:16,370 --> 00:05:25,440
Therefore we will block this traffic so the solution to this is to use applicable transport plug all

57
00:05:25,460 --> 00:05:31,780
transport will try to make your traffic look similar to any other normal traffic.

58
00:05:32,410 --> 00:05:39,040
So when you're trying to connect to a bridge we're going to use a bridge that can use applicable transport

59
00:05:39,460 --> 00:05:45,160
and this way all the traffic that we're going to send will not look like Tor traffic.

60
00:05:45,200 --> 00:05:51,070
It will look similar to traffic that's generated when you're trying to access Google or Facebook or

61
00:05:51,070 --> 00:05:56,290
any other Web site similar to any normal web traffic.

62
00:05:56,370 --> 00:05:58,280
Now this is a pretty good solution.

63
00:05:58,290 --> 00:06:03,870
It will work in many cases but it can still fail in some instances.

64
00:06:04,140 --> 00:06:10,290
But the worst case scenario even if it fails the Internet service provider will be able to know that

65
00:06:10,290 --> 00:06:16,690
you're using tour but again they won't really know which websites you're trying to access unless they're

66
00:06:16,690 --> 00:06:20,670
on a more sophisticated attack.

67
00:06:20,750 --> 00:06:24,470
Now keep in mind this will slow down your connection.

68
00:06:24,590 --> 00:06:31,790
So if you were able to browse this page and still knew that everything is working then maybe you don't.

69
00:06:31,790 --> 00:06:33,500
You shouldn't really use them.

70
00:06:33,500 --> 00:06:40,910
It really depends on your case and in the next lecture I'm going to show you how to configure Tor to

71
00:06:40,910 --> 00:06:47,690
use a bridge with a local transport to access the Tor network even if it's being blocked.