Ask HN: How do I explain Tor to my Mom?

Tor has bad latency & availability characteristics for everyday use. You probably shouldn't try to push your 60+ year old mother into using it unless she's e.g. a journalist or political activist.

When Tor is actually appropriate, the drop-and-go version is the Tor Browser Bundle, which uses a customized Firefox distribution.

https://www.torproject.org/projects/torbrowser.html.en

Note that all this does is proxy your requests, it won't prevent you from deanonymizing yourself through characteristic requests, traffic patterns, or whatever. That's often where people screw up, since it involves a running battle where losing a few bits of entropy here and there can and will expose you.

But to explain it:

A group of people don't want others to be able to snoop on what websites they want to view. So they agree to lump all their requests together, and then they don't keep any records about who ordered what once it has been delivered.

If someone's snooping, all they can tell is that someone in the group requested it - they can't point a finger at any specific person.

You do realize TOR is going to be unsafe for the average person and their every day browsing, right? Your traffic is going to be visible to any person running an exit node, so if you send any personal information or login credentials over a non-https connection, the person on the other end can read your information.

As someone else mentioned, if your mom is a journalist or political activist, and needs to access information anonymously, while at the same time is careful enough not to release any information over TOR that could be used to identify herself, than it might be in her advantage. If you're setting her up on TOR so she can browse her favorite social networks, cooking blogs, and e-mail, then she's most likely going to be less secure, entrusting personal information to strangers instead of her ISP, and waiting on the slow load times of the TOR network.

TOR isn't some magic bullet that makes browsing safe and anonymous. In short, I'd recommend your mom doesn't use TOR. Based on her profile, she's going to make the mistake of sending unencrypted personal information, and when that happens, I think she's better off trusting her ISP over a stranger with that data.

From the top comment on: http://www.reddit.com/r/explainlikeimfive/comments/19twt9/el...

"Let's say I want to access the website that's located at this server. My computer connects to another computer in the Tor network, which connects to another, and so on. Eventually, one of them will connect to the server, which can send back information using this pattern. However, none of the computers in the Tor network know who is getting what. The computer that you connect to isn't the same as the one that connected to the server, so it's very anonymous."

I use the analogy of Russian dolls with secret messages inside them. You don't know how many dolls there are and you can only ever open the doll that was intended for you. The secret message either contains instructions for what to do, or who to pass the dolls to next.

Imagine I want to send a letter to someone, but I am worried that it may be intercepted (by the government, for the sake of argument). So instead of sending it directly to my recepient, I make arrangements with some reliable friends so that if they receive a letter from one of us, they take it out of the envelope and put it in different one, addressed to another friend. To make sure the letter doesn't travel forever we add dots at the end; once there are more than three (four, five...), we send the letter to the original intended recepient. Nobody knows for sure who is the person who sent the letter originally (as I can put different number of dots at the end of the letter). We can also make it so that none of the intermediate parties know what the message says (possibly even who is the final recipient?) by encoding the message at every step and using extra envelopes. At the outset I write my letter, add some dots at the end and send it to one to my friends, picked randomly, together with an extra envelope addressed to the intended recepient.

That should do as far as Tor goes, but the more general problem of explaining why is such a thing needed by your mom is much harder. (Unless she lives in North Korea or some such place).

"It's something you don't have to know about. When and IF there's a decent alternative that's actually useful and doesn't also need you to gap 100 other holes in your whole online process, I'll let you know first."

How to explain it to your mom: "Tor is a method for encrypting Internet traffic. Most of the nodes are operated by the NSA."