- The Tor
Technical FAQ Wiki should be the first place you look. The
Guide
to Torifying various applications is also popular. (While we
monitor the Wiki page to help ensure accuracy, the Tor developers are
not responsible for the content.)
- The Abuse FAQ is a collection of
common questions and issues discussed when running a Tor relay.
- The Tor Legal FAQ is written by
EFF lawyers. It aims to give you an overview of some of the legal issues
that arise from the Tor project in the US.
- The manual
lists all the possible entries you can put in your torrc
file. We also provide a manual for
the development version of Tor.
- The Tor
wiki provides a plethora of helpful contributions from Tor
users. Check it out!
- The Tor IRC channel (for users, relay operators, and developers)
is #tor on irc.oftc.net.
- We have a bugtracker.
If you have a bug, especially a crash bug, read how
to report a Tor bug first and then tell us as much information
about it as you can in the bugtracker. (If your bug is
with Privoxy, your browser, or some other application, please don't put
it in our bugtracker.)
- Try the or-talk mailing list below.
- As a last resort, look through the Tor
contact page.
- The or-announce
mailing list is a low volume list for announcements of new releases
and critical security updates. Everybody should be on this list.
There is also an
RSS
feed of or-announce at gmane.org.
- The or-talk list
is where a lot of discussion happens, and is where we send notifications
of prerelease versions and release candidates.
- The or-dev list
is for posting by developers only, and is very low traffic.
- A list for svn commits
may be interesting for developers.
-
First, read the overview page to get a
basic idea of how Tor works, what it's for, and who uses it.
-
Install the Tor bundle and try it out.
Make sure you've got Firefox installed first, and be sure to read the
list of warnings about ways you
can screw up your anonymity.
-
Download and watch Roger's overview talk from What The Hack (video,
slides, abstract).
This talk was given in July 2005, back when we were funded by EFF and back
when the network was quite small, but it still provides good background
on how Tor works and what it's for.
-
Our FAQ
covers all sorts of topics, including questions about setting up a client
or relay, concerns about anonymity attacks, why we didn't build Tor in
other ways, and discussion of Tor users and abuse.
-
Tor has a blog now.
We try to keep it updated every week or two with the latest news.
-
Look through our Design
Documents. Notice that we have RFC-style specs to tell you exactly
how Tor is built.
-
There's a skeletal list of items
we'd like to tackle in the future. Alas, many of those items need
to be fleshed out more before they'll make sense to people who aren't
Tor developers, but you can still get a general sense of what issues
need to be resolved next.
-
Download and watch Nick's "Technical changes since 2004" talk from
Defcon in July 2007 (video, slides),
Roger's "blocking-resistance
and circumvention" talk from 23C3 in December 2006 (video,
slides,
abstract,
design paper),
and Roger's "Current events in 2007" talk from 24C3 in December
2007 (video,
slides,
abstract).
We also have the What The Hack tutorial on hidden services (video,
slides).
-
See Mike's "Securing the Tor network" talk from Defcon in July 2007
(video,
slides).
It describes common ways to attack networks like Tor, how we try
to defend against them and introduces the Torflow
script collection.
-
Learn about the Tor
proposal process for changing our design, and look over the existing proposals.
-
Our developer TODO file starts with a
timeline for external promises — things our
sponsors have paid to see done. It also lists many other tasks
and topics we'd like to tackle next.
-
Once you're up to speed, things will continue to change surprisingly fast.
The or-dev mailing list is where the complex
discussion happens, and the #tor IRC channel
is where the less complex discussion happens.
- The design document (published at Usenix Security 2004)
gives our justifications and security analysis for the Tor design:
PDF and
HTML
versions available.
- Our follow-up paper on challenges in low-latency anonymity
(still in draft form) details more recent experiences and directions:
PDF
draft.
- Our paper at WEIS 2006 — Anonymity Loves Company:
Usability and the Network Effect — explains why usability in
anonymity systems matters for their security: PDF.
- Our preliminary design to make it harder for large firewalls to
prevent access to the Tor network is described in
design of a blocking-resistant anonymity system:
PDF draft and
HTML draft.
Want to help us build it?
- The specifications aim to give
developers enough information to build a compatible version of Tor:
Browse the Tor
source repository: (which may not necessarily work or even compile)
- Regularly updated SVN sandbox
- Browse the repository's source tree directly
- ViewCVS
- Subversion access:
- Make a new empty directory and cd into it.
- svn checkout https://tor-svn.freehaven.net/svn/tor/trunk tor
- svn checkout https://tor-svn.freehaven.net/svn/website/trunk website
- To check out the maintenance branch, use
svn checkout https://tor-svn.freehaven.net/svn/tor/branches/tor-0_1_2-patches
HTTPS certificate fingerprint: 11:34:5c:b1:c4:12:76:10:86:ce:df:69:3d:06:a9:57:fa:dc:c9:29
