Becoming Anonymous Like a Pro #3: The Inner Workings of TOR
TOR as we know has been broken and hacked, which is why many people are now discarding TOR and moving on. As you should too, because it used to be a great anonymization tool. As we've seen with Sabu.
How TOR Works
When connecting to the TOR network, your real IP address is connected to the entry node, and you're then connected to a second node called the relay node which then connects you to a third node called the exit node. All of this happens in mili seconds.
Your real IP is only visible to the first node, and that node has its own IP, where the second node is the only one who can see that IP. So as you've guessed, whoever sniffs the traffic from X server that you're connected to, will see the exit node.
For the encryption part, it's been criticized a lot that TOR has a weak encryption protocol, because it doesn't provide end-to-end encryption which is a big factor as to why you shouldn't rely on it either.
Now this is where the main reason as to why TOR is a no-go when wanting to become anonymous. Whoever can obtain control of the exit node can see everything. Because all of the traffic is exiting from that node, so if you are in control of the exit node, you're in full control
Also because anyone can setup their own nodes to the TOR network, incl. the NSA, a malicious hacker etc.
Is TOR Dead?
If you ask me, TOR should not be used for anything else than bypassing a website's censorship on its content. Many sites restrict their content to foreign users abroad, so bypassing that feature with TOR is very easy, and that is all I recommend doing with TOR. Nothing more nothing less.
Good news is...
There is a new software in progress at the writing of this article. That particular software is the successor of TOR. It's called Riffle and it's currently in it's beta version, so the official launch is yet to come.
It is faster than TOR and more secure because Riffle is based upon a protocol called anytrust model which means all it needs is one server to be secure, and as long as that is secure, the entire network is secure.
HOW IS RIFFLE MORE SECURE THAN TOR
Riffle (unlike TOR) shuffles every message in the network making it nearly untraceable. So, when a user (e.g., you), sends a message to the Riffle network, your message is sent to something called mixnet which means that your message is sent to a node alongside thousands of other users, which is then mixed up before it's sent to it's successive node. In other words, the destination.