1
00:00:00,240 --> 00:00:08,000
Who would have thought that one of the best ways to preserve your privacy would

2
00:00:04,240 --> 00:00:09,840
be to hide behind an onion? And no, I'm

3
00:00:08,000 --> 00:00:13,519
of course not talking about growing a literal massive onion and standing

4
00:00:11,759 --> 00:00:18,880
behind it hoping that the smell will keep everyone else at bay. Today's

5
00:00:16,000 --> 00:00:25,359
episode is all about the onion router, better known as tour. used by dissident,

6
00:00:22,720 --> 00:00:30,400
uh, cyber criminals, and even ordinary folks the world over to keep their

7
00:00:27,680 --> 00:00:36,800
online activities away from the prying eyes of governments, advertisers,

8
00:00:33,280 --> 00:00:39,360
stalkers, or maybe even me. Dang it. But

9
00:00:36,800 --> 00:00:44,960
how does it work? Why is it considered so secure? And does it have any

10
00:00:41,920 --> 00:00:47,120
weaknesses? We touched on tour in our

11
00:00:44,960 --> 00:00:50,719
video about the deep web and the dark web, which you can check out here, but

12
00:00:49,120 --> 00:00:58,000
we're going to dive into it in a little bit more detail. Tour tries to anonymize

13
00:00:54,800 --> 00:01:00,480
your online activity by encasing your

14
00:00:58,000 --> 00:01:05,519
traffic in multiple layers of encryption, then sending it through a

15
00:01:02,879 --> 00:01:11,600
number of nodes that peel back those layers one at a time, hence the onion

16
00:01:08,080 --> 00:01:13,680
nickname. Each node only decrypts enough

17
00:01:11,600 --> 00:01:19,439
information in the packet to know where to send it next. So none of the nodes

18
00:01:16,400 --> 00:01:21,759
know both your identity and the identity

19
00:01:19,439 --> 00:01:26,880
of whatever website or server you are trying to connect to. This high level of

20
00:01:24,400 --> 00:01:33,200
encryption and repeated bouncing of network traffic makes tour quite secure,

21
00:01:30,000 --> 00:01:36,240
but it isn't entirely foolproof. At some

22
00:01:33,200 --> 00:01:38,720
point, your data has to leave the tour

23
00:01:36,240 --> 00:01:43,439
network to get to wherever it's going through something called an exit node.

24
00:01:41,200 --> 00:01:47,759
The very last tour node that your data travels through. And when your data

25
00:01:45,439 --> 00:01:53,200
leaves an exit node and is sent to its destination, it is no longer necessarily

26
00:01:50,479 --> 00:01:58,479
encrypted. While it's very difficult still for the recipient to tell that

27
00:01:55,200 --> 00:02:00,960
it's you connecting, any unencrypted

28
00:01:58,479 --> 00:02:05,040
personal information can be read by both the operator of the exit node and

29
00:02:03,520 --> 00:02:09,599
whatever site it is that you're connecting to. In fact, a team of

30
00:02:07,280 --> 00:02:14,959
researchers several years ago harvested a bunch of unencrypted email addresses

31
00:02:12,000 --> 00:02:19,920
and passwords in this manner even though they were sent over tour. The fact that

32
00:02:17,599 --> 00:02:24,879
anyone can run an exit node also means that you don't know who could be looking

33
00:02:22,080 --> 00:02:30,400
at your information on the other end. To alleviate this problem somewhat, the Tor

34
00:02:27,760 --> 00:02:34,879
Foundation provides the tour browser for free, which is a modified version of

35
00:02:32,560 --> 00:02:42,160
Firefox that, among other things, attempts to use the encrypted HTTPS

36
00:02:38,720 --> 00:02:45,599
standard instead of regular HTTP for as

37
00:02:42,160 --> 00:02:48,480
much web activity as possible and also

38
00:02:45,599 --> 00:02:54,239
disable certain plugins that can leak your IP address. Many plugins and other

39
00:02:51,840 --> 00:03:00,080
applications for that matter won't run over the tour network by default and can

40
00:02:57,040 --> 00:03:01,920
thereby give away your identity even if

41
00:03:00,080 --> 00:03:07,440
your other traffic your normal web browsing traffic is going through tour.

42
00:03:04,720 --> 00:03:12,640
It is possible to force other applications to use the tour network

43
00:03:10,319 --> 00:03:17,360
either by manually configuring them or using programs like tallow that do it

44
00:03:14,879 --> 00:03:22,400
for you. But since any unencrypted information that you send or receive can

45
00:03:19,760 --> 00:03:26,640
still be seen by exit nodes, some users have tried using virtual private

46
00:03:24,400 --> 00:03:30,239
networks or VPNs, which you can learn more about here, by the way, in

47
00:03:28,319 --> 00:03:35,920
conjunction with Torah to create an encrypted tunnel at every point of the

48
00:03:33,360 --> 00:03:40,640
connection. Not a bad solution as long as you can trust your VPN provider not

49
00:03:37,920 --> 00:03:46,080
to keep tabs on you. Of course though, the best idea is not to send anything

50
00:03:43,519 --> 00:03:51,840
personally identifying over tour or anywhere if you can help it. Tour also

51
00:03:49,519 --> 00:03:57,360
has the limitation of being a rather slow network. So it might not be too

52
00:03:54,159 --> 00:04:00,239
useful for downloading large amounts of

53
00:03:57,360 --> 00:04:04,239
you know stuff uh streaming in 4K or using Bit Torrent especially the latter

54
00:04:02,400 --> 00:04:09,519
as the Bit Torrent protocol can broadcast your IP address if you aren't

55
00:04:06,959 --> 00:04:15,280
careful. Nevertheless though, tour is still a great help to activists, uh,

56
00:04:12,879 --> 00:04:19,519
victims of crime and people who are just plain concerned about preserving

57
00:04:17,280 --> 00:04:26,080
personal privacy in an age where it feels like we can always be watched. Tor

58
00:04:23,680 --> 00:04:30,000
may not be perfect, but it is a good first line of defense against aggressive

59
00:04:28,320 --> 00:04:36,000
advertisers, shady government shenanigans, or, you know, Skynet.

60
00:04:33,840 --> 00:04:41,120
Speaking of online security, Tunnel BearVPN lets you tunnel to 20 different

61
00:04:39,520 --> 00:04:45,840
countries, allowing you to browse the internet and use online services as

62
00:04:43,520 --> 00:04:49,280
though you were in that different country. And of course, if you clicked

63
00:04:47,440 --> 00:04:53,680
on the explanation of VPNs that I referred to earlier in this video, you

64
00:04:51,120 --> 00:04:58,000
would already know that. Aha. They have easy to use apps for iOS, Android, PC,

65
00:04:56,320 --> 00:05:02,560
and Mac. They also have a Chrome extension. You just choose the country

66
00:05:00,320 --> 00:05:07,199
that you want. You click the little virtual button and boom, your little

67
00:05:04,720 --> 00:05:10,800
bear tunnels over to wherever it happens that you want to be tunneling through.

68
00:05:09,440 --> 00:05:16,479
When you turn on tunnel bear, your connection gets encrypted and your public IP address gets switched so that

69
00:05:14,240 --> 00:05:22,400
you can show up as though you were in a different country, letting you bypass

70
00:05:19,280 --> 00:05:25,280
stupid things like geographical region

71
00:05:22,400 --> 00:05:28,800
restrictions. Super thumbs up. It's also easy to use. You don't have to do any of

72
00:05:26,960 --> 00:05:33,199
that, you know, port configuration and DNS or blah blah, etc. nonsense. It's so

73
00:05:31,360 --> 00:05:37,600
easy that your mom could use it and they have a top-rated privacy policy and do

74
00:05:35,199 --> 00:05:42,400
not log their users's activity. So, you can actually try out Tunnel Bear for

75
00:05:39,360 --> 00:05:44,800
free with 500 megs of data included. And

76
00:05:42,400 --> 00:05:47,360
you can save 10% on your unlimited package, which only costs a few bucks a

77
00:05:46,479 --> 00:05:52,479
month by heading over to tunnelbear.com/Linus linked in the video description. So,

78
00:05:51,360 --> 00:05:57,280
thanks for watching, guys. If you like this video, hit the like button. If you

79
00:05:55,039 --> 00:05:59,759
disliked it, hit the dislike button. If you want to check out our other

80
00:05:58,240 --> 00:06:02,960
channels, hey, go ahead and do that. We've got Channel Super Fun, which we've

81
00:06:01,440 --> 00:06:06,880
had some pretty rocking videos on lately. Maybe we've got one over there to show you. If you have suggestions for

82
00:06:05,520 --> 00:06:10,960
future fastest possibles, leave them in a comment below the video. And as always, don't forget to subscribe and

83
00:06:09,440 --> 00:06:15,120
follow and all that good stuff so you don't miss any other tech quickies.