Jump to content
Fi8sVrs

Warning: Critical Tor Browser Vulnerability Leaks Users' Real IP Address - Update Now

Recommended Posts

tor-browser-min.png

 

If you Please login or register to see this link. , you must be aware that since yesterday we have been warning Mac and Linux users of the Tor anonymity browser about a critical vulnerability that could leak their real IP addresses to potential attackers when they visit certain types of web pages.

Discovered by Italian security researcher Filippo Cavallarin, the vulnerability resides in FireFox that eventually also affects Tor Browser, since the privacy-aware service that allows users to surf the web anonymously uses FireFox at its core.

Dubbed by the researcher as TorMoil, the vulnerability affects Tor browser for macOS and Linux and not for Windows, but keeping in mind the security and privacy of Tor users, details about this flaw has not been yet publicly revealed.

Cavallarin, CEO of the security firm We Are Segment, privately reported the security vulnerability to Tor developers on Thursday (October 26), and the Tor developers have rolled out an emergency update Please login or register to see this link. .

According to a short blog post Please login or register to see this link. Tuesday by We Are Segment, the TorMoil vulnerability is due to a Firefox issue in "handling file:// URLs."
 
 

 

TorMoil is triggered when users click on links that begin with file:// addresses, instead of the more common https:// and http:// addresses.

Quote
"Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address," the blog post reads.
"Once an affected user [running macOS or Linux system] navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser."
he Tor Project has currently issued a temporary workaround to prevent the real IP leakage.
So, macOS and Linux users may found the updated versions of the Tor anonymity browser not behaving properly while navigating to file:// addresses, until a permanent patch becomes available.
Quote
"The fix we deployed is just a workaround stopping the leak. As a result of that navigating file:// URLs in the browser might not work as expected anymore. In particular entering file:// URLs in the URL bar and clicking on resulting links is broken," the Tor Project said in a Please login or register to see this link. published Friday.
"Opening those in a new tab or new window does not work either. A workaround for those issues is dragging the link into the URL bar or on a tab instead. We track this follow-up regression in bug 24136."

According to the Tor Project, users of both the Windows versions of Tor, Tails and the sandboxed-tor-browser that's in alpha testing are not affected.

The Tor Project also said there's no evidence the TorMoil vulnerability has been actively exploited by hackers to obtain the IP addresses of Tor users.

However, lack of evidence does not prove the bug was not exploited by nation-state attackers and skilled hackers, given the high-demand of Please login or register to see this link. in the market, where Zerodium is ready to pay anyone $1 Million for its exploit.

In an attempt to keep its users' privacy protected, the Tor Project has recently announced the release of Tor 0.3.2.1-alpha that includes support for the Please login or register to see this link. , with the integration of new cutting-edge encryption and improvement of overall authentication into its web service.

 

 

Via Please login or register to see this link.

  • Upvote 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×