Browse Definitions :
Definition

Tor browser

Contributor(s): Matthew Haughn

The TOR (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis. Although Tor is often associated with the darknet and criminal activity, the browser is often used for legitimate reasons by law enforcement officials, reporters, activists, whistle blowers and ordinary security-conscious individuals.

TOR was originally developed by and for the United States Navy to protect sensitive U.S. government communications. While Tor continues to be used by government it is now an open source, multi-platform browser that is available to the public. The browser uses exit relays and encrypted tunnels to hide user traffic within the network, but leaves the end points more easily observable and has no effect beyond the boundaries of the network.

Although TOR is more secure than most commonly-used browsers, it is not impervious to attack. Malware, such as the Chewbacca Trojan, has successfully targeted the TOR network and browser. The FBI has also breached TOR security, in one case, for example tracking threats associated with a bomb hoax at Harvard across the network.   

This was last updated in May 2016

Continue Reading About Tor browser

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

So it was designed by the Navy and then put out into the world as open source. What led to this decision? How do we know it doesn't have some sort of back door in it to catch people who "think" it's secure?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • identity provider

    An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of ...

  • firewall

    A firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or leave a ...

  • encryption

    Encryption is the method by which information is converted into secret code that hides the information's true meaning. The ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close