Tor Browser: The Complete Research Guide
Tor Browser routes your traffic through three volunteer relays for genuine anonymity. Learn how it works, what it protects against, and how to use it safely.
Tor Browser is the standard tool for accessing the dark web and for privacy-conscious browsing across the regular internet. Built on Firefox ESR with preconfigured anonymity settings, it routes your traffic through three volunteer-operated relay nodes before it exits to its destination. This guide explains what Tor is, how it works, what it protects and what it doesn't, and the most common mistakes that undermine its protections.
What Is Tor Browser?
The Tor Project — a U.S.-registered 501(c)(3) non-profit — released the first public version of Tor Browser in 2008, packaging the Tor daemon directly into a modified Firefox ESR build. That bundling is intentional: every Tor Browser instance presents an identical fingerprint to websites, which is far harder to achieve if users configure Tor themselves.
Download numbers reached roughly 8 million per month in 2024, according to Tor Project metrics. The browser is free, open-source under a BSD-style license, and available for Windows, macOS, Linux, and Android. The Tor Project receives funding from the U.S. State Department, the Open Technology Fund, and individual donors — funding sources that are disclosed publicly.
Key components shipped in Tor Browser:
- Tor daemon — handles the three-relay circuit
- NoScript — blocks JavaScript on untrusted origins at higher security levels
- Letterboxing — adds padding around the browser window to prevent screen-resolution fingerprinting
- HTTPS-Only Mode — enforced by default since version 11.0 (2021)
The browser does not require installation in the traditional sense. It runs from a portable folder, which means you can carry it on a USB drive.
How Onion Routing Works
When you load a page through Tor, your traffic doesn't travel directly to the destination. The Tor daemon on your machine builds a circuit — a path through three relays chosen from the roughly 7,000 volunteer-operated nodes in the Tor network.
The three nodes each have a distinct role:
| Node | What it sees | What it doesn't see |
|---|---|---|
| Entry guard | Your real IP | Destination |
| Middle relay | Entry's IP, exit's IP | Your IP, destination |
| Exit relay | Destination URL | Your real IP |
Each relay knows only its neighbors. No single node in the circuit has both ends of the connection. Your data is encrypted in three layers before it leaves your machine — each relay removes one layer, like peeling back segments of an onion. That layered encryption pattern is where the name comes from.
For a detailed technical breakdown, see how onion routing works.
What Tor Protects You From (And What It Doesn't)
Tor Browser is a precisely scoped tool. Understanding its limits matters more than understanding its strengths, because overestimating protection is where real harm happens.
Tor protects:
- Your IP address from destination websites and services
- The content of your traffic from your ISP (encrypted before leaving your machine)
- Your browsing activity from casual network observers
Tor does NOT protect:
- Against browser fingerprinting if you modify the browser or install extensions
- Against malware hosted on destination sites — especially important on .onion services
- Against bad OPSEC: logging into a personal Google account over Tor immediately identifies you to Google, regardless of your IP
- The content of unencrypted HTTP connections from the exit relay — the exit node sees destination-side plaintext unless TLS is in use
- Against a global adversary capable of monitoring large swaths of network traffic simultaneously
The common Tor mistakes that break anonymity almost always fall into one of those last four categories.
Tor Browser Security Levels
Security settings are accessible via the shield icon in the toolbar. Three levels are available:
Standard — All browser features are enabled. JavaScript runs everywhere. This is the default and appropriate for general privacy browsing where you're not concerned about active exploits.
Safer — JavaScript is disabled on non-HTTPS sites. Some fonts and math symbols are blocked. This is the recommended level for researchers accessing unfamiliar .onion services or sites with unknown trust.
Safest — JavaScript is disabled on all sites. Only essential features load. Some .onion services won't function correctly at this level, but attack surface is minimized to the practical minimum.
For journalists using SecureDrop, the Freedom of the Press Foundation recommends Safer or Safest. For routine privacy browsing on the clearnet, Standard is workable.
Legitimate Uses of Tor Browser
Most Tor users are not criminals. The Tor Project's user base is predominantly privacy-conscious ordinary people, journalists, activists, and researchers.
Journalism and source protection. The New York Times, BBC, Deutsche Welle, and other major outlets operate .onion mirrors of their sites specifically to give readers in censored regions unblocked access. SecureDrop — used by major newsrooms to receive source documents — runs exclusively as a .onion service. The Freedom of the Press Foundation maintains SecureDrop and recommends Tor Browser as the access tool.
Circumventing censorship. In countries where large portions of the internet are blocked — Iran, Russia, China, and others — Tor provides access to uncensored news and communication. The Tor Project maintains bridges (unlisted relays) and transport protocols like obfs4 and Snowflake specifically for users in high-censorship environments.
Research and security work. Threat intelligence researchers, academic security researchers, and security journalists regularly use Tor to access .onion services safely. The browser is standard infrastructure in that community.
General privacy browsing. Users who don't want their ISP or advertising networks tracking their browsing across the clearnet use Tor Browser for the same reason they might use a private search engine.
How to Download Tor Browser Safely
The only legitimate source is torproject.org. Every other source — mirror sites, bundled installers on app stores, links from forums — carries risk of tampered builds.
The Tor Project signs every release with a GPG key. Verification takes under two minutes:
- Download the installer and the
.ascsignature file from torproject.org - Import the Tor Browser signing key:
gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org - Run:
gpg --verify tor-browser-*.asc - Expected output:
Good signature from "Tor Browser Developers"
A failed or missing signature means the file is not the genuine build. Delete it and re-download from the official source.
The full step-by-step process — including OS-specific instructions — is covered in how to install Tor safely.
Tor Hidden Services (.onion Addresses)
Tor's hidden service protocol lets servers operate on the Tor network without exposing their IP address. These servers are reachable only via .onion addresses — 56-character strings of random alphanumeric characters followed by .onion. Standard DNS doesn't resolve them; the Tor network handles discovery internally.
The connection architecture differs from regular Tor browsing. When you access an .onion site, both you and the server build separate three-hop Tor circuits toward a shared rendezvous relay — creating a six-hop path with no exit relay. The server's real location is never exposed to you, and your real IP is never exposed to the server.
This makes hidden services fundamentally different from VPN-protected servers: the server's location is hidden by the network's architecture, not obscured behind a proxy that knows the real address.
Mainstream organizations operating .onion mirrors include:
- New York Times —
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ - BBC News —
https://www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion/ - ProPublica —
https://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqg2ad9eq4gkqyd.onion/ - DuckDuckGo —
https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/
SecureDrop — the whistleblower document submission platform used by the New York Times, Washington Post, The Guardian, and over 60 other newsrooms — operates exclusively as a hidden service. Sources submit documents through Tor Browser to a .onion address; the newsroom's SecureDrop server never touches the public internet.
Tor vs. Other Privacy Tools
Tor is not the only privacy-oriented browser or network. Understanding where it fits:
- VPN — encrypts all traffic to one trusted provider. Faster than Tor, but replaces ISP trust with VPN provider trust. Cannot access .onion services. See Tor vs VPN for the full comparison.
- I2P — a separate anonymity network optimized for internal services, not clearnet access. Architecturally different from Tor. See Tor vs I2P.
- Tails OS — a Tor-routing operating system that routes all traffic through Tor at the OS level, leaves no traces on disk, and runs from a USB drive. Recommended for high-risk use cases over Tor Browser alone. See Tails vs Whonix.
For most users, Tor Browser is the starting point. For high-risk work, it's the browser inside a larger, hardened setup.
Frequently Asked Questions
Is Tor Browser legal?
In most countries, yes. Tor Browser is legal software in the United States, European Union, United Kingdom, Canada, Australia, and most democracies. Some authoritarian governments — Russia, China, Belarus — restrict or ban Tor. Legality of the tool is separate from legality of what you do with it; using Tor to access illegal content is still illegal.
Does Tor Browser make you fully anonymous?
No tool provides absolute anonymity. Tor reduces the ability of network observers, websites, and your ISP to identify you — but it has documented limitations. Behavioral mistakes (logging into accounts, downloading and opening files outside Tor, browser modification) reliably break anonymity regardless of the network's technical protections. Treat Tor as one layer in a multi-layered approach, not a complete solution.
What is the difference between Tor Browser and a VPN?
A VPN routes all your device's traffic through a single provider you trust. Tor routes browser traffic through three independent volunteer relays — no single operator controls the full path. Tor provides access to .onion hidden services; VPNs do not. VPNs are faster. The right tool depends on your threat model. A comparison of both is in Tor vs VPN.
Does Tor work on mobile phones?
Yes, with limitations. Tor Browser is officially available on Android via Google Play and F-Droid. For iOS, the Tor Project recommends Onion Browser (open-source, by Mike Tigas) as the best available option, since Apple's platform restrictions prevent a full Tor daemon. Mobile Tor only protects browser traffic — other apps on your phone use your real IP. See Tor on mobile.
Can my ISP see that I use Tor?
Your ISP can see that you're connecting to Tor's entry guard by default. They cannot see what you're doing on Tor or which sites you visit. If you need to hide Tor usage from your ISP — for example, in a country where Tor is blocked or flagged — use Tor bridges with obfs4 or Snowflake transport, or connect to a VPN before Tor.