First Up, What is this TOR Network? TOR or The Onion Router funnels all the data traffic from the device to its end user or master update servers via a Tor-Kind connection, instead of using the public Internet.
The software is run to turn on a Tor configuration, which, in a simplified explanation, sets up a special Onion site on the device. Remote users who want to access the IoT device will need to know the Onion link to the software first, which will then relay the connection to the actual IoT device, working as a proxy. The advantages of using such a system are palpable, for both users and IoT vendors, who might be interested in embedding such technology into their devices by default.
First off, there’s no need to complicate software development with setting up complex SSL/TLS certificates for supporting HTTPS connections, since all Tor connections are encrypted by default, with several layers of encryption (Onion protocol).
Secondly, users don’t need to uselessly open firewall ports or use VPNs to access their IoT devices.
Here’s a simple illustration of how a traditional TOR network Works.Overview
The IonToR SDK provides the ability to connect your things or Devices to the Internet and the ability to control them across a TOR Network via a TOR Browser.
The IonToR SDK for Single Board Computers (SBC) like Raspberry-PI, Intel Edison, and Beagle Bone is a collection of source files that enables you to connect to the IonTor service. It includes the tor libraries to connect to TOR network. It is distributed in the application form and intended to be built into customer solution along with other libraries. The below Image represents how IonTor works.
The IonToR SDK simplifies access to the TOR network and automatically configures an .onion DNS name along with a hidden service for accessing a UI on a TOR browser. The SDK installs all necessary software and creates a simple web UI through which sensor data can be viewed and actuators controlled. The SDK has been tested to work on the Raspberry Pi 3 running Raspbian Jessie. Support for Other SBC’s running any flavors of Linux would be available shortly.
Installation of the IonTor SDK is a matter of a few simple steps and viola! You are ready to control and read sensor information from anywhere in the across a TOR network. The TOR SDK can be installed from the GitHub location. Following the steps in the installation guide (Readme file) will complete the installation.
Installation includes the following modules.
- HostAPD: to provide an access point for Wireless sensors to connect.
- LAMP Serve: Facilitate the being up of the UI on the SBC.
- TOR Installation : Configures Hidden service and provides the “dot onion” DNS address.
- Configuration files need to be edited to give proper names to Sensors and Actuators
Running the given script enables the data gathering from sensors after configures interval and is stored in the DB.
Tor Client Access Setup
The TOR Browser allows you to access your PAASMER-IonToR instance over Tor from your laptop or mobile device, using Tor Browser
A Hidden Service Authentication credentials must be added to the TOR browser to allow the access of the Hidden Service configured on the SBC. Once connected to the “dot onion” site, you are presented with a graphical representation of your sensor data and Actuator control. This Sensor data being displayed is live data and you can turn on and Off Actuators.
The IonToR SDK can be used to create Proof of Concept projects that can be later developed into fully fledged modules. There are many more features that can be added as a part of customization for specific requirements.
The IonToR SDK provides a completely anonymous way of accessing your devices, things, sensors and it protects the users and the devices from attacks like DOS, Bot-nets etc.
All connections will go through the Tor hidden network, and nobody will know to what you’re connecting. It could be your IoT baby cam at home or a drug marketplace. It’s anyone’s guess.
Scanning Tor-protected IoT devices are technically impossible. This means no more searching for vulnerable IoT devices via Shodan and blindly stumbling upon vulnerable equipment.
Please feel free to contact us at the firstname.lastname@example.org for any information or customization.