Monday, 07 November 2016 08:01

Tor and Mozilla Working on To Make Malware Attacks More Difficult


Law enforcement agencies and malicious hackers may have a harder time getting access to the IP addresses of Tor users.

Thanks to upcoming security upgrades that Tor Project and the creators of Mozilla Firefox have been discreetly working on.

Since Tor’s security is never-ending as it stands, hacking an individual user’s computer has proved to be the only vulnerability on which the authorities have banked on time and again to de-anonymize Tor users.

By hacking these endpoints, investigators are able to acquire the IP addresses of the users and thus, their locations.

The new twists and upgrades serve to make the process of unmasking these users a lot harder, if not impossible.

Firefox Security Lead, Richard Barnes explained in an email to Motherboard that currently, they had already created all the basic tools needed for the security upgrades and were in the process of gaining those tools in order to turn to realize the concept.

Where the Vulnerability Lies

To break it down, Barnes explained that the Tor Browser has two major constituents: the Tor proxy that is necessary to route the browser’s traffic through the Tor network itself and the modified part of Firefox that makes accessing the network possible.

The Firefox part of the Tor Browser is where the vulnerability lies, according to Barnes, as it is dependent on network access in order to communicate with the Tor proxy.

When compromised, the Firefox part of the Tor Browser can be used to connect to another entity—say a government server—which then puts the user’s anonymity at risk as it reveals information such as the user’s IP address.

FBI Has Successfully Breached Tor Using That Weakness

The FBI has manipulated this vulnerability before in February 2015 when they used a NIT (Network Investigative Technique) to reveal the IP address of a visitor of a child pornography site.

The malware is suspected to have exploited one of Tor Browser’s weaknesses that people suspect the FBI have under wraps to access the computer before forcing it into contacting a government server outside of the encrypted network.

This way, the law enforcement agency was able to get information that led to the arrest of the suspect.

The upcoming upgrade looks to remove the need for network access in order for the two halves of the Tor Browser to communicate.

With the support of Unix domain sockets’, the two integrated programs should be able to communicate with each other without necessitating an underlying network protocol.

As such, the Firefox side of the Tor browser will no longer be easy to compromise.

Sandboxing Will Cut Off Network Access to the Firefox Half

Barnes added that the new security upgrade will allow Tor users to run it in a sandbox without requiring any network access other than a Unix domain socket to the proxy.

Furthermore, in the event the Firefox half of the Tor browser was compromised, law enforcement agencies would have no network connection with which to relay the user’s information to their servers.

Barnes gave a brief overview of how the Tor Project and the Mozilla Firefox team came to collaborate on this new project.

While Tor Project gave the Tor proxy and the Tor browser Unix socket capabilities, Mozilla made the Firefox browser generally capable of talking to proxies over Unix domain sockets.

Afterward, Tor proceeded to add this capability to their browser as Mozilla chipped in every once in a while to fix any bugs that came up.

Release Set For Early Next Year

As it stands, Barnes revealed that the upgrade will only work on MacOS and Linux platforms since they already have the necessary sockets, although they are working on extending the capability to the Windows platform.

However, there are some stipulations to be followed in order to get the plan to work.

Other than the availability of the sockets in question on all the platforms, users will also require a compatible sandbox in order to inhibit the Firefox half of the Tor browser from gaining network access in case it is compromised.

The support will be available in Firefox 51, which is set for release in January 2017.

Source : darkwebnews


World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.