Tor and Tails don't protect you by making you look like any random Internet user, but by making all Tor and Tails users look the same. It becomes impossible to know who is who among them.
7
Your Internet service provider (ISP) and local network can see that you connect to the Tor network. They still cannot know what sites you visit.To hide that you connect to Tor, you can use a [[Tor bridges|first_steps/welcome_screen/bridge_mode|doc/anonymous_internet/tor]].
Your Internet service provider (ISP) and local network can see that you connect to the Tor network. They still cannot know what sites you visit.To hide that you connect to Tor, you can use a [[Tor bridge|doc/anonymous_internet/tor]].
The sites that you visit can know that you are using Tor, because the <a href="https://metrics.torproject.org/exonerator.html">list of exit nodes of the Tor network</a> is public.
Parental controls, Internet service providers, and countries with heavy censorship can identify and block connections to the Tor network that don't use Tor bridges.
Exit nodes can intercept traffic to the destination server
12
Tor hides your location from destination servers, but it does not encrypt <i>all</i> your communication. The last relay of a Tor circuit, called the <i>exit node</i>, establishes the actual connection to the destination server. This last step can be unencrypted, for example, if you connect to a website using HTTP instead of HTTPS.
Tor hides your location from destination servers, but it does not encrypt <i>all</i> your communication. The last relay of a Tor circuit, called the <i>exit node</i>, establishes the actual connection to the destination server. This last step can be unencrypted, for example, if you connect to a website using HTTP instead of HTTPS.
13
[[!img htw2-tails.pngdoc/anonymous_internet/tor/tor.svg size="600x" link="no" alt="A Tor connection usuallygoes through 3 relays with the last one establishing the actual connection to the final destination"]]
[[!img doc/anonymous_internet/tor/tor.svg size="600x" link="no" alt="A Tor connection goes through 3 relays with the last one establishing the actual connection to the final destination"]]
Observe your traffic. That is why <i>Tor Browser</i> and Tails include tools, like [[<i>HTTPS Everywhere</i>|doc/anonymous_internet/Tor_Browser#https-everywhere]], to encrypt the connection between the exit node and the destination server, whenever possible.
Observe your traffic. That is why <i>Tor Browser</i> and Tails include tools to encrypt the connection between the exit node and the destination server, whenever possible.
Pretend to be the destination server, a technique known as <i>machine-in-the-middle</i> attack (MitM). That is why you should pay even more attention to the security warnings in <i>Tor Browser</i>. If you get such a warning, use the [[New Identity|doc/anonymous_internet/Tor_Browser#new-identity]] feature of <i>Tor Browser</i> to change exit node.
To learn more about what information is available to someone observing the different parts of a Tor circuit, see the interactive graphics at <a href="https://support.torproject.org/https/https-1/">Tor FAQ: Can exit nodes eavesdrop on communications?</a>.
Tor exit nodes have been used in the past to collect sensitive information from unencrypted connections. Malicious exit nodes are regularly identified and removed from the Tor network. For an example, see <a href="https://arstechnica.com/information-technology/2007/09/security-expert-used-tor-to-collect-government-e-mail-passwords/">Ars Technica: Security expert used Tor to collect government e-mail passwords</a>.