1. Tor Browser

Category Archives: Tor Browser

Why Did an Internet Censorship App Send My Phone to Hardsextube.com? – Gizmodo

Posted on by

Cannabis.com, GayEgypt.com, Circumcision.org, WhitePower.com, and yes, HardSexTube.com are all sites that the Tor Projects new app pointed my iPhone towards this morning. Dont worry, its all for a good cause.

The Open Observatory of Network Interference (OONI) has been around for the last five years or so, but its software suite, Ooniprobe, only existed as command line-installable a desktop software package. Sponsored by the Tor Projectbest known for its mostly secure Tor web browserOoniprobe seeks to map where internet censorship is taking place via a live map. Unsurprisingly, the US is largely unaffected while Russia, China, and Saudi Arabia arent so lucky.

As of today, Ooniprobe is available as an Android or iOS app that even the least computer savvy but censorship-concerned internet user can easily install. That is, if the warnings in the markedly easier installation process dont scare you half to death.

The mere use of ooniprobe might be viewed as a form of espionage, regardless of the laws in your country, the welcome screen warns, we encourage you to consult with a lawyer prior to installing and running ooniprobe. New York is in the middle of a snowstorm, and I dont exactly keep legal counsel on retainer, so that didnt happen. The same screen warns potential users that the app will download data from provocative or objectionable sites (e.g. pornography) as you may already have guessed.

Ooniprobes risks page describes the possibility of severe civil, criminal, or extra-judicial penalties such as being assaulted or targeted for surveillance. Caveating the whole thing is the disclaimer: The risks described below are quite speculative. To our knowledge, no ooniprobe user has ever faced consequences from the risks described below. Hmm.

As to the app itself, the web connectivity test is the meat of its functionality. Essentially it attempts to visit a slew of sites which range from mundane email portals (hotmail.msn.com) to the Air Forces F-35 Lightning II page (jsf.mil). At the same time, a server tries to get to those same pages and if they load differently its flagged in red as potentially censored. Ooniprobes test sites are, as The Atlantic points out, a list built collaboratively between OONI and Citizen Project and aim to catalog crucial services or controversial content most likely to be censored. (Flatteringly, our sister site Jezebel made the cut.)

The app seems to give plenty of false positives. Among the supposedly censored sites were sex toy site realdoll.com, kids.yahoo.com, myspace.com, and metacrawler.com, all of which worked just fine on desktop. Ooniprobes helpful suggestions to avoid being denied the full scope of Real Dolls online retail website are to use open DNS (check), force HTTPS (which most browsers now do by default), or to use the Tor browser (Tor is not presently available on iOS).

Currently, the only other two tests included in this mobile build of Ooniprobe are an HTTP Invalid request test and a standard speed test. The former showed no anomaly and the latter gave me upload, download, and ping times comparable to Ooklas industry-standard speed test.

So what have we learned from this experience? Internet censorship isnt really happening on an infrastructural level in the USat least not in a way this app can detect it. And even though youre unlikely to be sent to a gulag for installing Ooniprobe, pinging WhitePower.com has definitely landed me on some sort of watchlist.

Excerpt from:

Why Did an Internet Censorship App Send My Phone to Hardsextube.com? - Gizmodo

Windows DRM Files Deanonymize Tor Browser Users – Virus Guides – Virus Guides (blog)

Posted on by

The Hacker House security experts have warned that downloading and opening Windows DRM-protected files can decloak Tor Browser users and reveal their IP addresses.

The attacks via DRM-protected multimedia files in Windows have been known for more than 10 years, though until recently, theyve only been used to spread malware.

Some of the previous attacks tried to make users open and play DRM-protected files. Usually, these files would open in Windows Media Player, and users would see a popup that asked them to visit a URL to validate the files license.

PC users who agreed were transferred to an authorization URL. However, what users dont know is that hackers could modify these links and point victims to exploit kits or malware-laced files.

The Hacker House team has found that the pop up asking users if they wanted to visit the authorization URL would only appear for DRM files which have not been signed with the proper tools.

In case the attacker signed the DRM-protected multimedia files with an official Microsoft SDKs such as Windows Media Encoder or Microsoft Expression Encoder, the popup would not show, and the users player would automatically open an Internet Explorer instance and access the authorization URL.

According to the Hacker House security experts, the cost of properly signing DRM multimedia files ranges around $10,000, a sum that many low-end malware authors arent willing to pay for such a niche attack.

Nevertheless, the same thing doesnt relate to determined state-sponsored hackers or law enforcement agencies, who have the financial and physical resources to support such an attack infrastructure.

For example, law enforcement could host properly signed DRM-protected files on websites pretending to host child pornography. When a user would try to view the file, the DRM multimedia file would use Internet Explorer to ping a server belonging to the law enforcement agency.

Also, this tactic can be used to target ISIS militants trying to view propaganda videos, illegal drug and weapons buyers trying to view video product demos, political dissidents viewing news videos, etc.

Follow this link:

Windows DRM Files Deanonymize Tor Browser Users - Virus Guides - Virus Guides (blog)

Infected DRM Files Can Reveal Tor Data – Security Intelligence – Security Intelligence (blog)

Posted on by

Cybercriminals have been using digital rights management (DRM) files in Windows to transport malware for a while. Social engineering was often an integral part of this process since any attempt to open these files in Windows Media Player (WMP) would then generate a pop-up that redirected the targets default browser to an attacker-controlled website. That website was the beginning of an infection.

Now, attackers are using this process for more than just malware. Researchers recently found that the Tor browser and privacy controls can be affected by a malicious DRM file.

Malicious DRM files work by causing Windows Media Player (WMP) to generate a pop-up requesting permission to redirect the default browser to the content providers website to find out how to obtain the necessary play rights, Hacker House reported. Once a user agrees, he or she is sent to a malware-laden page and the infection process begins. However, this only happens when users attempt to open unlicensed files.

But now, cybercriminals have devised a way for a file with a proper DRM license to redirect the browser without so much as a prompt. Not only could this lead to malware, but it could also contribute to a massive loss of privacy for certain users.

Bleeping Computer, reporting on the Hacker House findings, noted that these DRM files can cause problems when opened in the privacy-enhanced Tor browser. Attackers can capture victims credentials surreptitiously by using cryptographically signed DRM files.

The attackers website appears legitimate to detract attention from the fraudulent URL. Users who interact with the site risk revealing their IP addresses or other credentials through normal system calls. For Tor users, many of whom are using the browser specifically to hide these details, this is a worst case scenario.

Hacker House posted a short video that showed how the malware operators can extract a victims IP with a single click. Its easy to see how a malicious, signed DRM file might also silently ping an attacker-controlled URL to report a victims status and location.

Since the DRM signing process can cost around $10,000, only cybercriminals with deep pockets can fund such a scheme. Those who can afford it, however, have a significant advantage when it comes to spreading malware.

This social engineering scheme is sneaky enough to fool even security-savvy Tor users. To be safe, everyone should avoid all unknown DRM files, no matter how enticing the title may be.

Go here to see the original:

Infected DRM Files Can Reveal Tor Data - Security Intelligence - Security Intelligence (blog)

How to Use Tor Browser for Anonymous Web Browsing

Posted on by

Getty Images (Colin Anderson #532029225)

With increased scrutiny by employers, schools and even governments becoming more commonplace, anonymity while browsing the Web has become a priority. Many users looking for an enhanced sense of privacy are turning to Tor (The Onion Router), a network originally created by the U.S. Navy and now used by countless Web surfers across the globe.

Motives for utilizing Tor, which distributes your incoming and outgoing traffic through a series of virtual tunnels, can range from reporters aiming to keep their correspondence with a secret source private to everyday internet users wishing to reach websites that have been restricted by their service provider. While some choose to exploit Tor for nefarious purposes, most Web surfers simply want to stop sites from tracking their every move or determining their geolocation.

The concept of Tor, as well as how to configure your computer to send and receive packets over the network, can prove overwhelming even to some Web-savvy veterans. Enter the Tor Browser Bundle, a software package that can get you up and running on Tor with minimal user intervention. An open-source grouping of Tor combined with a modified version of Mozilla's Firefox browser along with several key features and extensions, Tor Browser Bundle runs on Windows, Mac and Linux platforms.

This tutorial walks you through the process of obtaining and running Tor Browser Bundle so that your Web communications can once again become your business and yours alone.

Please note that no anonymization method is completely foolproof, and that even Tor users can be susceptible to prying eyes from time to time. It is wise to keep that in mind and always proceed with caution.

The Tor Browser Bundle is available for download on a multitude of sites. However, it is highly recommended that you only obtain the package files from torproject.org, the official home of Tor. Users can choose from over a dozen languages, ranging from English to Vietnamese.

To begin the download process, navigate your current browser to https://www.torproject.org/projects/torbrowser.html.en. Next, scroll down until you find your desired option in the Language column, clicking on the linkfound under the header that corresponds to your specific operating system. Once the download is completed, Windows users should locate the Tor file and launch it. A folder will now be created at your specified location, containing all package files and named Tor Browser. Mac users should double-click on the downloaded file to open the .dmg image. Once open, drag the Tor file shown into your Applications folder. Linux users should utilize the appropriate syntax to extract the downloaded packageand then launch the Tor Browser file.

To ensure that you have received the intended package, and were not duped by a hacker, you may want to verify the signature on your downloaded package prior to utilizing it. To do so you'll need to first install GnuPG and reference the package's associated .asc file, automatically downloaded as part of the browser bundle. Visit Tor's signature verification instructions page for further details.

Now that you've downloaded the Tor Browser Bundle and possibly verified its signature, it's time to launch the application. That's right - no installation is required! Because of this, many users opt to run Tor Browser right off of a USB drive rather than placing its files on their hard drive. This method provides another level of anonymity, as a search of your local disks would reveal no trace of Tor whatsoever.

First, navigate to the location where you chose to extract the files described above. Next, within the folder labeled Tor Browser, double-click on the Start Tor Browsershortcutor launch it via your operating system's command line.

As soon as the browser is launched a connection to the Tor Network is typically initiated, depending on your individual settings.Be patient, as this process can take as little as a couple of seconds or as long as a few minutes to complete.

Once a connection to Tor is established, the Status screen will disappear and the Tor Browser itself should launch after a few brief seconds.

Tor Browser should now be visible in the foreground. All incoming and outgoing traffic generated through this browser will be routed through Tor, providing a relatively safe and anonymous browsing experience. Upon launch, the Tor Browser application automatically opens a Web page hosted on torproject.org which contains a link to test your network settings. Selecting this link displays your current IP address on the Tor network. The virtual anonymity cloak is now on, as you will notice that this is not your actual IP address.

If you'd like to view this content in a different language, utilize the drop-down menu found at the top of the page.

In addition to many of the standard Firefox features, such as the ability to bookmark pages and analyze source via the integrated Web developer toolset, TorBrowser also includes a great deal of functionality unique to itself. One of these components is Torbutton, found on the browser's address bar. Torbutton allows you to modify specific proxy and security settings. Most importantly, it provides the option to switch to a new identity - and therefore a new IP address - with a simple click of the mouse. Torbutton's options, described below, are accessible via its drop-down menu.

TorBrowser also comes prepackaged with an integrated version of the popular NoScript add-on. Accessible from a button on Tor Browser's main toolbar, this custom extension can be used to either block all scripts from running within the browser or just those on specific websites. The recommended setting is Forbid Scripts Globally.

Another well-known extension integrated with Tor Browser is HTTPS Everywhere, developed by the Electronic Frontier Foundation, which ensures that your communication with many of the Web's top sites is forcefully encrypted. HTTPS Everywhere's functionality can be modified or disabled (not recommended) via its drop-down menu, accessible by first clicking on the main menu button (located in the upper right-hand corner of the browser window).

Read more here:

How to Use Tor Browser for Anonymous Web Browsing

The official Tor browser for iOS is free to use | Ars Technica

Posted on by

J.M. Porup (UK) - Jan 9, 2017 1:42 pm UTC

Techno Fishy

When Mike Tigas first created the Onion Browser app for iOS in 2012, he never expected it to become popular. He was working as a newsroom Web developer at The Spokesman-Review in Spokane, Washington, at the time, and wanted a Tor browser app for himself and his colleagues. Expecting little interest, he then put Onion Browser on the Apple App Store at just $0.99/0.69, the lowest non-zero price that Apple allows.

Fast forward to 2016, and Tigas found himself living in New York City, working as a developer and investigative journalist at ProPublica, while earning upwards of $2,000 a month from the appand worrying that charging for it was keeping anonymous browsing out of the hands of people who needed it.

"Given recent events, many believe it's more important than ever to exercise and support freedom of speech, privacy rights, and digital security," he wrote in a blog post. "I think now is as good a time as ever to make Onion Browser more accessible to everyone."

Global concerns also influenced his decision. "Iran is not technically a country where you can get an iPhone, but on the grey market you can," he told Ars. "People over there can't get apps you have to pay for, because you have to have a credit card that Apple actually accepts," he added, noting that economic sanctions forbid Apple from selling to Iranian iOS users.

Onion Browser is the leading, community-supported Tor Web browser for iOS, but it lacks some of the features available for Tor Browser (Linux, MacOS, Windows) and OrFox (Android), due to technical roadblocks peculiar to iOS. (The Tor Project has so far declined to officially endorse an app for iOS.)

Onion Browser for iOS.

Onion Browser settings

The two biggest challenges Tor developers on iOS face, as Tigas outlined in this blog post on the Tor Project website, are Apple's requirement that all browsers use the iOS WebKit rendering engine, and the inability to run Tor as a system-wide service or daemon on iOS.

Developers have found workarounds to both problems, and iOS users can soon expect to see a new, improved Onion Browser, as well as a Tor VPN that routes all device traffic over Torprobably in the first quarter of 2017.

Unlike the Tor or OrFox, Onion Browser is not based on the Firefox Gecko rendering engine. This is goodOnion Browser is not vulnerable to Firefox exploitsbut also bad, because code cannot be reused.

A further challenge, Tigas said, is that Apples WebKit APIs "dont allow a lot of control over the rendering and execution of Web pages, making a Tor Browser-style security slider very difficult to implement."

Many of iOS's multimedia features don't use the browser's network stack, making it difficult to ensure the native video player does not leak traffic outside of Tor.

"Onion Browser tries to provide some functionality to block JavaScript and multimedia, but these features arent yet as robust as on other platforms," Tigas wrote.

Moreover, it doesn't support tabbed browsing, and the UX is pretty basic, but Tigas is working on a rewrite based on Endless. "It adds a lot of important features over the existing Onion Browser, he said, like a nicer user-interface with tabbed browsing, HTTPS Everywhere, and HSTS Preloading. Theres a new version of Onion Browser in the works thats based on Endless that will hopefully enter beta testing this month."

Continued here:

The official Tor browser for iOS is free to use | Ars Technica

Download Tor Browser for Windows 6.0.8 – FileHippo.com

Posted on by

Tor Browser for Windows has been designed to help you preserve your privacy online. Tor Browser is a tool set that can help you anonymize web browsing and publishing, instant messaging, and other applications that use the TCP protocol. This can be helpful for private use and business use.It means that confidential information can be kept from prying eyes. ISPs, key loggers and other types of malware are not able to track your activities easily.

Tor Browser for Windows works by bouncing traffic around a distributed network of servers which it calls "onion routers". The interface allows you to toggle it on and off based upon when you need anonymity online. Tor Browser for Windows also lets you choose from various proxy tunnels based on a world map that displays exactly where each one is located.

Overall, Tor Browser for Windows is a simple, well organized and effective tool for users who are concerned about security or invasions of privacy whilst they are online. The browser interface is a standard, user friendly affair and the application is relatively lightweight.

Follow this link:

Download Tor Browser for Windows 6.0.8 - FileHippo.com

Download Tor Browser for Windows 6.0 – FileHippo.com

Posted on by

Tor Browser for Windows has been designed to help you preserve your privacy online. Tor Browser is a tool set that can help you anonymize web browsing and publishing, instant messaging, and other applications that use the TCP protocol. This can be helpful for private use and business use.It means that confidential information can be kept from prying eyes. ISPs, key loggers and other types of malware are not able to track your activities easily.

Tor Browser for Windows works by bouncing traffic around a distributed network of servers which it calls "onion routers". The interface allows you to toggle it on and off based upon when you need anonymity online. Tor Browser for Windows also lets you choose from various proxy tunnels based on a world map that displays exactly where each one is located.

Overall, Tor Browser for Windows is a simple, well organized and effective tool for users who are concerned about security or invasions of privacy whilst they are online. The browser interface is a standard, user friendly affair and the application is relatively lightweight.

Continue reading here:

Download Tor Browser for Windows 6.0 - FileHippo.com

Tor Browser Download

Posted on by

Preserving your privacy on the net is no easy task nowadays with so many security risks and potential prowlers out there.

Tor Browser is a toolset that's designed for anyone who wants to improve their safety and security on the Internet. It can help you anonymize web browsing and publishing, instant messaging, and other applications that use the TCP protocol. For business users, it means that confidential exchanges of information can be kept from prying eyes and for more general users, it means that ISPs, keyloggers and other types of malware can't track your activities easily.

It works by bouncing traffic around a distributed network of servers which it calls "onion routers" (hence the logo). The Tor Browser interface allows you to easily toggle it on and off based on when you need to go online anonymously - there's no need to restart your computer when you've done so. If you want, you can also choose from various proxy tunnels based on a world map which displays exactly where each one is located.

To check it's working, you can use the online Tor detector to see if you're surfing anonymously or not. Connection can take some time depending on how many users are logged onto the network at any one time but usually its very quick. The Tor onion logo turns from yellow to green in your taskbar when a successful connection has been made.

Tor is simple, well organized and effective tool for anyone worried about security or invasions of privacy online.

Excerpt from:

Tor Browser Download

How to get around gov't curbs on the Internet

Posted on by

Robert Epstein, senior research psychologist at the American Institute for Behavioral Research and Technology, recommended using a program called Tor, an open network software program that lets users surf the web anonymously. Epstein suggested putting the program on a flash drive or SD card rather than on hardware.

"That way, even if your computer is inspected, there will be no sign of Tor on it," he told CNBC.

Once in the program, double-click on "Start Tor Browser" to open a special version of Firefox that gives secure access to any website. Tor works by relaying users' request to visit a site through multiple computers around the world. To speed up that process, click on the tools tab in the upper-left corner of the browser and "change your identity" to reroute and thus get faster access.

"No matter what country you are in, if you want to preserve your privacy online, you should probably never go directly to Google.com through a conventional browser," he said. A proxy from Google known as http://startpage.com is, along with Tor, "for almost anyone, anywhere, the safest ways to access the Internet at the moment."

Reuters contributed to this report.

See the article here:

How to get around gov't curbs on the Internet

Get past government Internet blocks

Posted on by

Robert Epstein, senior research psychologist at the American Institute for Behavioral Research and Technology, recommended using a program called Tor, an open network software program that lets users surf the web anonymously. Epstein suggested putting the program on a flash drive or SD card rather than on hardware.

"That way, even if your computer is inspected, there will be no sign of Tor on it," he told CNBC.

Once in the program, double-click on "Start Tor Browser" to open a special version of Firefox that gives secure access to any website. Tor works by relaying users' request to visit a site through multiple computers around the world. To speed up that process, click on the tools tab in the upper-left corner of the browser and "change your identity" to reroute and thus get faster access.

"No matter what country you are in, if you want to preserve your privacy online, you should probably never go directly to Google.com through a conventional browser," he said. A proxy from Google known as http://startpage.com is, along with Tor, "for almost anyone, anywhere, the safest ways to access the Internet at the moment."

Reuters contributed to this report.

Excerpt from:

Get past government Internet blocks

Bugs in Tor network used in attacks against underground markets

Posted on by

Too many onion circuits can spoil the server, thanks to a Tor hidden service vulnerability.

Aurich Lawson / Thinkstock

The operator of an underground marketplace hosted within the Tor network has reported a flaw in Tor that he claims is being used for an ongoing denial of service attack on the site.

The problem, which is similar to one reported by another hidden site operator in December on the Tor mailing list, allows attackers to conduct a denial of service attack against hidden sites by creating a large number of simultaneous connections, or "circuits," via Tor, overwhelming the hidden service's ability to respond.

The problem is still under review, but it appears to be related to abuse of the "introduce" message in the Tor Hidden Services protocol, which is used to negotiate the connection between the client and the hidden server. By sending multiple "introduce" requests to the same hidden service, an attacker could make the targeted server create multiple circuits (paths over the Tor network used for the session), eating the server's available CPU and network resources and making it inaccessible to users.

An individual associated with Middle Earth, one of the hidden sites targeted by the denial of service attacks, posted to reddit's "darknet markets" subreddit earlier this week to apologize for the long downtime associated with the attack. Using the reddit account name MEMGandalf, he claimed "Middle Earth and Agora are the focus of the most serious attack TOR has ever seen." He additionally reported that Middle Earth's operator had reported the flaw to Tor. (The bug report was opened under the name "alberto.") The attack raised the server's processor load to 100 percent utilization.

While the problem has been reproduced by at least one Tor developer, short-term fixes proposed to prevent the attacks have, thus far, not panned out. A number of long-term fixes have been proposed that require substantial changes to Tor's Hidden Services Protocol implementation, including the use of dedicated bridges to connect larger hidden sites to Tor (part of Tor's Proposal 188, first put forward in 2012 by Tor co-founder and developer Roger Dingledine in June 2012).

There was also a number of Tor client-related security patches pushed out this weeklargely triggered by a critical "safety hazard" alert from Mozilla for Firefox, Firefox Extended Support Release, and the Thunderbird mail client. Both the Tor Browser Bundle and Tails live-bootable operating system were updated to fix problems in the Mozilla browser engine used across all the projects. Because of problems in how the browser engine handled memory safety, "we presume that with enough effort at least some of these (flaws) could be exploited to run arbitrary code," the Mozilla team noted in the alert.

The Tor Browser Bundle and the Tor browser in Tails both use Firefox ESR as their code base. In theory, the flaws could be exploited to run script within a browser session that could be used to launch an attack against the browser by loading code to memory outside the browser's context. Now that the flaw has been made public, Tor and the Tails project are urging users to update their software as soon as possible.

The latest Tails release also fixes more problems in OpenSSL, the open-source crypto kit that was the source of last year's Heartbleed bug. A set of problems in OpenSSL that could have caused memory corruption and software crashes found in the Debian distribution of Linux were patched in mid-March; Tails is based on Debian, and these fixes were rolled into the latest bootable distribution.

See the original post here:

Bugs in Tor network used in attacks against underground markets


  1. Tor Browser