The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.


The name Tor is derived from the acronym for the original software project name “The Onion Router “. It was developed by the Navy and independent researchers in 2002. Tor is free software used of anonymous communication. It directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays to conceal user’s location and usage from anyone conducting network surveillance or traffic analysis.1

The Tor network operates through the computer servers of volunteers around the world. In the Tor network, data are bundled into encrypted packets and strips ways part of the packet’s header, which is also a part of the addressing information which could provide information about the sender and the operating system from which messages are sent. Tor encrypts the rest of the addressing information into a packet wrapper which is not done by a regular internet connection.

Within the Tor network, the modified and encrypted data packets are routed though the servers called relays on its way to the final destination. In each of the relay, only enough data packer wrappers are decrypted to know which relay the data came from and to which relay to send it next. The relay then rewraps the package in a new wrapper and sends it on until it reached the final destination.

The layers of encrypted address information used to anonymize data packets which were sent through Tor are similar to an onion with different layers, hence the paths of the data packets through the Tor network cannot be fully traced.

In order to make use of Tor, one will need a client or a piece of software that interacts with the Tor network such as the Tor Browser Bundle, I2P and Zeronet. For the proper use of Tor, all flash plugins and other scripts on the browser must be disabled for this provide access point in the Internet activity that an outside snoop could exploit.

For hosting a Tor relay means donating some of the computer’s bandwidth to send and receive data on the Tor network. Each of the Tor relays is one of the many possible nodes through which any given data packet can pass, meaning the more relays there are in the Tor network, the more relays each data packet can pass through thus making it more secure.


PNP personnel and the public are reminded that using Tor to browse the Internet is not illegal. The downloading is free and hiding your IP address and browsing history is not in itself illegal. However, many of those that use Tor use it specifically for anonymity because they are doing something illegal, hence, if you are not to use it for a good purpose, better be aware of the implications of your actions. PNP ACG is always conducting cyber patrol to ensure the safety of the netizens in the cyberspace.

For additional information, please refer to the following websites:



Please contact CSRAD, PNP ACG for any inquiries related to this CYBER SECURITY BULLETIN at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 7230401 local 5337.