Tor is okay to use and has the same legal status as any other sort of proxy.



Tor can be used as a layer of protection for provide anonymity but there are several things that can screw you out of it. Tor wasn't meant for privacy originally, but as a way to securely relay from an untrusted network to a trusted one.



First is any exploit against the browser. Run the latest stable version with all pugins and extensions disabled as well as disabling javscript.



Second is leaking of information through DNS, flash or other means. Use of privoxy prevents this (and allows you to block ads without a filter on the browser level. Proxying though to tor on a different machine can also help minimize this.



Third is that your browser may leak information through it's user agent string and other behaviors. It may be worth modifying some things to blend in better.

https://panopticlick.eff.org/



Fourth is untrusted exit nodes and watering hole attacks.



Fifth is possible timing attacks or an attacker controlling a large enough number of nodes that they might be able to track all of the hops that are made.



Sixth is you giving away information. (like going to a hidden site and giving them a mailing address)



Really Tor is just as effective as it ever was, it just should be known it's just one layer of protection. If you just want to bypass censorship (what tor is best at) then just running the tor browser bundle is good enough. If you want to start a presidential assassination meet-up group, there are other better-suited systems to do it with like Freenet which operates only within the darknet, serving content from a distributed storage system. If fact with freenet it's possible to create a members-only net where you need the approval of at least three other members before you can join.

It's OK, it's legal, it's interesting, it's slow.



Last time I looked there weren't a lot of sites, legal or not, in dot.onion. Silk Road has now been taken down. There were some child porn sites, illegal in most jurisdictions, regular porn, conspiracy theory sites, I forget now. Sites come and go, Google can't get in, and there was no good search engine. Kind of like the regular web 20 years ago.



Yes, it works on recent Linux - both the browser bundle and the server/system based stuff. There's instructions to set up your own onion server with Apache.



You can find a starter page on Google. There's one kind of like Yahoo 20 years ago - a list of other sites.

A lot of people are just putting Tor on their PC/laptops thinking that they're instantly anonymous and they aren't. It's no secret that the U.S. and U.S. intelligence friendly countries operate exit nodes expressly for the purpose of monitoring them (your data on that last hop is unencrypted).



Be wary of the browser bundle from Tor. This bundle is the subject of special interest by U.S. authorities and they are constantly trying to exploit whatever version of Firefox that it uses and was recently successful ( http://arstechnica.com/security/2013/08/attackers-wield-firefox-exploit-to-uncloak-anonymous-tor-users/ ).



You could take the DIY route to be safe and just build a Tor router (powered by Linux) but you need to be a geek to do it or if you just want a fast solution get a PAPARouter ( http://paparouter.com ). It's inexpensive (less than $100.00), allows you to anonymize several devices at once and best of all it excludes all U.S. and U.S. intelligence friendly exit nodes ( over 50 at last count ) built into it. Given all the uproar that other countries are having with U.S. spying ( and rightfully so ), making your last Tor relay outside of the U.S. to your target site is great security and using https would be massive protection by encrypting your data from that last hop to the target site. The EFF has a great interactive page that demonstrates this.



TOR AND HTTPS PAGE

https://www.eff.org/pages/tor-and-https

Tor is no longer safe.

http://www.fierceitsecurity.com/story/hackers-steal-host-names-and-mac-addresses-tor-browser-bundles-users/2013-08-06

https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html

http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/



Remember, any computer can be configured for use as a Tor router and that includes hackers.

Be safe and do one of two things:

1. Be completely paranoid and do something like Julian suggests.

2. Never use Tor.

My spouse and i endorse making use of VPNPower to unblock websites. I've been with them since 5 years. http://www.vpnpower.net

My spouse and i highly recommend using http://www.vpnmaster.org to unblock sites. I am using their services for more than 4 years without having difficulties.