[10] The core principle of Tor, known as onion routing, was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag, to protect American intelligence communications online.

In 2004, the Naval Research Laboratory released the code for Tor under a free license, and the Electronic Frontier Foundation (EFF) began funding Dingledine and Mathewson to continue its development.

[25][11] Tor was one of a dozen circumvention tools evaluated by a Freedom House-funded report based on user experience from China in 2010, which include Ultrasurf, Hotspot Shield, and Freegate.

[32][33] Tor can be used for anonymous defamation, unauthorized news leaks of sensitive information, copyright infringement, distribution of illegal sexual content,[34][35][36] selling controlled substances,[37] weapons, and stolen credit card numbers,[38] money laundering,[39] bank fraud,[40] credit card fraud, identity theft and the exchange of counterfeit currency;[41] the black market utilizes the Tor infrastructure, at least in part, in conjunction with Bitcoin.

[43][44] According to CNET, Tor's anonymity function is "endorsed by the Electronic Frontier Foundation (EFF) and other civil liberties groups as a method for whistleblowers and human rights workers to communicate with journalists".

[52] In March 2015, the Parliamentary Office of Science and Technology released a briefing which stated that "There is widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the U.K." and that "Even if it were, there would be technical challenges."

The report further noted that Tor "plays only a minor role in the online viewing and distribution of indecent images of children" (due in part to its inherent latency); its usage by the Internet Watch Foundation, the utility of its onion services for whistleblowers, and its circumvention of the Great Firewall of China were touted.

Applications whose traffic is commonly anonymized using Tor include Internet Relay Chat (IRC), instant messaging, and World Wide Web browsing.

"[84] A BBC source cited a "technical breakthrough"[85] that allowed tracking physical locations of servers, and the initial number of infiltrated sites led to the exploit speculation.

[88][90][89] Concerns raised included the role of an academic institution in policing, sensitive research involving non-consenting users, the non-targeted nature of the attack, and the lack of disclosure about the incident.

[91] When using Tor, applications may still provide data tied to a device, such as information about screen resolution, installed fonts, language configuration, or supported graphics functionality, reducing the set of users a connection could possibly originate from, or uniquely identifying them.

In 2011, the Dutch authority investigating child pornography discovered the IP address of a Tor onion service site from an unprotected administrator's account and gave it to the FBI, who traced it to Aaron McGrath.

[111][112][113] News reports linked this to a FBI operation targeting Freedom Hosting's owner, Eric Eoin Marques, who was arrested on a provisional extradition warrant issued by a United States' court on 29 July.

[115][116][117] The FBI acknowledged the attack in a 12 September 2013 court filing in Dublin;[118] further technical details from a training presentation leaked by Edward Snowden revealed the code name for the exploit as "EgotisticalGiraffe".

Once installed, it saved browsing history and form data that genuine Tor forgot by default, and downloaded malicious components if the device's IP addresses was in China.

[citation needed] To allow download from places where accessing the Tor Project URL may be risky or blocked, a GitHub repository is maintained with links for releases hosted in other domains.

[66] The Guardian Project is actively developing a free and open-source suite of applications and firmware for the Android operating system to improve the security of mobile communications.

[178] Critics say that Tor is not as secure as it claims,[179] pointing to U.S. law enforcement's investigations and shutdowns of Tor-using sites such as web-hosting company Freedom Hosting and online marketplace Silk Road.

[181] On 7 November 2014, for example, a joint operation by the FBI, ICE Homeland Security investigations and European Law enforcement agencies led to 17 arrests and the seizure of 27 sites containing 400 pages.

[182][dubious – discuss] A late 2014 report by Der Spiegel using a new cache of Snowden leaks revealed, however, that as of 2012[update] the NSA deemed Tor on its own as a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, ZRTP, RedPhone, Tails, and TrueCrypt was ranked as "catastrophic," leading to a "near-total loss/lack of insight to target communications, presence..."[183][184] In March 2011, The Tor Project received the Free Software Foundation's 2010 Award for Projects of Social Benefit.

The citation read, "Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity.

[195] In June 2015, the special rapporteur from the United Nations' Office of the High Commissioner for Human Rights specifically mentioned Tor in the context of the debate in the U.S. about allowing so-called backdoors in encryption programs for law enforcement purposes[196] in an interview for The Washington Post.

[205] In September 2015, Luke Millanta created OnionView (now defunct), a web service that plots the location of active Tor relay nodes onto an interactive map of the world.

[213] Also in March 2016, the first Tor node, specifically a middle relay, was established at a library in Canada, the Graduate Resource Centre (GRC) in the Faculty of Information and Media Studies (FIMS) at the University of Western Ontario.

[216] On 16 May 2016, CNN reported on the case of core Tor developer "isis agora lovecruft",[217] who had fled to Germany under the threat of a subpoena by the FBI during the Thanksgiving break of the previous year.

[218] On 2 December 2016, The New Yorker reported on burgeoning digital privacy and security workshops in the San Francisco Bay Area, particularly at the hackerspace Noisebridge, in the wake of the 2016 United States presidential election; downloading the Tor browser was mentioned.

[223] In June 2017 the Democratic Socialists of America recommended intermittent Tor usage for politically active organizations and individuals as a defensive mitigation against information security threats.

[224][225] And in August 2017, according to reportage, cybersecurity firms which specialize in monitoring and researching the dark web (which relies on Tor as its infrastructure) on behalf of banks and retailers routinely share their findings with the FBI and with other law enforcement agencies "when possible and necessary" regarding illegal content.

For example, downloading a video through the Tor browser and then opening the same file on an unprotected hard drive while online can make the users' real IP addresses available to authorities.

At the most basic level, an attacker who runs two poisoned Tor nodes—one entry, one exit—is able to analyse traffic and thereby identify the tiny, unlucky percentage of users whose circuit happened to cross both of those nodes.