Running Tor

Getting up to speed on Tor's past, present, and future

First, read the overview page to get a basic idea of how Tor works, what it's for, and who uses it.
Install the Tor bundle and try it out. Make sure you've got Firefox installed first, and be sure to read the list of warnings about ways you can screw up your anonymity.
Our FAQ covers all sorts of topics, including questions about setting up a client or relay, concerns about anonymity attacks, why we didn't build Tor in other ways, etc. There's a separate Abuse FAQ to answer common questions from or for relay operators. The Tor Legal FAQ is written by EFF lawyers, and aims to give you an overview of some of the legal issues that arise from the Tor project in the US.
The manual lists all the possible entries you can put in your torrc file. We also provide a manual for the development version of Tor.
If you have questions, we have an IRC channel (for users, relay operators, and developers) at #tor on irc.oftc.net. If you have a bug, especially a crash bug, read how to report a Tor bug first and then tell us as much information about it as you can in our bugtracker. (If your bug is with Privoxy, your browser, or some other application, please don't put it in our bugtracker.) The or-talk mailing list can also be useful.
Tor has a blog now. We try to keep it updated every week or two with the latest news.
Download and watch Roger's overview talk from What The Hack (video, slides, abstract). This talk was given in July 2005, back when we were funded by EFF and back when the network was quite small, but it still provides good background on how Tor works and what it's for.
Look through our Design Documents. Notice that we have RFC-style specs to tell you exactly how Tor is built.
There's a skeletal list of items we'd like to tackle in the future. Alas, many of those items need to be fleshed out more before they'll make sense to people who aren't Tor developers, but you can still get a general sense of what issues need to be resolved next.
Download and watch Nick's "Technical changes since 2004" talk from Defcon in July 2007 (video, slides), Roger's "blocking-resistance and circumvention" talk from 23C3 in December 2006 (video, slides, abstract, design paper), and Roger's "Current events in 2007" talk from 24C3 in December 2007 (video, slides, abstract). We also have the What The Hack tutorial on hidden services (video, slides).
See Mike's "Securing the Tor network" talk from Defcon in July 2007 (video, slides). It describes common ways to attack networks like Tor and how we try to defend against them, and it introduces the Torflow script collection.
Learn about the Tor proposal process for changing our design, and look over the existing proposals.
Our developer TODO file starts with a timeline for external promises — things our sponsors have paid to see done. It also lists many other tasks and topics we'd like to tackle next.
Once you're up to speed, things will continue to change surprisingly fast. The or-dev mailing list is where the complex discussion happens, and the #tor IRC channel is where the less complex discussion happens.

Mailing List Information

The or-announce mailing list is a low volume list for announcements of new releases and critical security updates. Everybody should be on this list. There is also an RSS feed of or-announce at gmane.org.
The or-talk list is where a lot of discussion happens, and is where we send notifications of prerelease versions and release candidates.
The or-dev list is for posting by developers only, and is very low traffic.
A list for svn commits may be interesting for developers.

Design Documents

The design document (published at Usenix Security 2004) gives our justifications and security analysis for the Tor design: PDF and HTML versions available.
Our follow-up paper on challenges in low-latency anonymity (still in draft form) details more recent experiences and directions: PDF draft.
Our paper at WEIS 2006 — Anonymity Loves Company: Usability and the Network Effect — explains why usability in anonymity systems matters for their security: PDF.
Our preliminary design to make it harder for large firewalls to prevent access to the Tor network is described in design of a blocking-resistant anonymity system: PDF draft and HTML draft. Want to help us build it?
The specifications aim to give developers enough information to build a compatible version of Tor:
- Main Tor specification
- Tor version 3 directory server specification (and older version 1 and version 2 directory specifications)
- Tor control protocol specification
- Tor rendezvous specification
- Tor path selection specification
- Special hostnames in Tor
- Tor's SOCKS support and extensions
- How Tor version numbers work
- In-progress drafts of new specifications and proposed changes

Neat Links

The Tor wiki provides a plethora of helpful contributions from Tor users. Check it out!
A list of supporting programs you might want to use in association with Tor.
The Tor detector or the other Tor detector try to guess if you're using Tor or not.
Check out the Tor Status page, the other Tor Status page, or Xenobite's Tor node status page. Remember that these lists may not be as accurate as what your Tor client uses, because your client fetches all the authoritative directories and combines them locally.
Read these papers (especially the ones in boxes) to get up to speed on the field of anonymous communication systems.

For Developers

Browse the Tor source repository:

Regularly updated SVN sandbox
Browse the repository's source tree directly
ViewCVS
Subversion access:
- Make a new empty directory and cd into it.
- svn checkout https://tor-svn.freehaven.net/svn/tor/trunk tor
- svn checkout https://tor-svn.freehaven.net/svn/website/trunk website
- To check out the maintenance branch, use
  svn checkout https://tor-svn.freehaven.net/svn/tor/branches/tor-0_1_2-patches
HTTPS certificate fingerprint: 11:34:5c:b1:c4:12:76:10:86:ce:df:69:3d:06:a9:57:fa:dc:c9:29