Here’s how Tor Project and Mozilla will make harder de-anonymizing Tor users

Tor Project and Mozilla are working together to improve the security of Tor users and make harder for attackers to unmask them.

Intelligence and law enforcement agencies continue to invest in order to de-anonymize Tor users. In the past, we received news about several techniques devised by various agencies to track Tor users, from the correlation attacks to the hack of a machine with the NIT script.

In many cases, authorities and cyber spies targeted individual users’ computers for this reason the experts the Tor Project alongside with the experts from Mozilla’s Firefox involved in the project are working on a series of improvements to make harder the exploitation of flaws in the browser component of the Tor architecture.

The improvements aim to block malware from trying to gather information to unmask users.

“We’re at the stage right now where we have created the basic tools and we’re working on putting them together to realize the security benefits,” Richard Barnes, Firefox Security Lead, told Joseph Cox from Motherboard via email.

The Tor Browser is composed of two components, a modified version of the Firefox browser, and the Tor proxy which implements routing functionalities in the Tor network. An attacker can try to hack the browser component forcing it to connect to other than the legitimate Tor proxy part, for example, a server set up by the attacker that gathers user data.

“That means if an attacker can compromise the Firefox half of Tor Browser, it can de-anonymize the user by connecting to something other than the Tor proxy,” Barnes said.

Barnes a series of improvements, including the use of Unix domain sockets that are data communications endpoints for exchanging data between processes executing on the same operating system.

This will allow the Tor Browser to securely communicate with the FireFox component without underlying the network protocol. In this was the experts will sandbox the Firefox component, any manipulation or attacks will have no effects on the user’s privacy because the Tor Browser wouldn’t be able to make a network connection to de-anonymize the user.

Basically the intent of the experts at the Tor Project is to sandbox the Tor browser to insulate our users from attacks such as the NIT and similar ones. According to Motherboard, the Tor developer Yawning Angel just finished an experimental prototype that will likely appear in some versions of the Tor Browser later this year.

“That means that you could run it in a sandbox with no network access (only a Unix domain socket to the proxy), and it would still work fine. And then, even if the Firefox half of Tor Browser were compromised, it wouldn’t be able to make a network connection to de-anonymize the user,” added Barnes.

As explained by Barnes such kind of security measures is actually supported only on platforms that have implement Unix domain sockets, such as Linux and Mac OS.

The experts are now working to extend it to Windows platforms.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Tor Project, Tor Browser)