Page 11234..1020..»

Category Archives: Tor Browser

What is Tor? A beginner’s guide to using the private browser – CNET

Posted: May 24, 2020 at 3:11 pm

Tor is an "onion-routing" network that protects your privacy online.

If you're new to internet privacy and security, you've still probably already read references to something called Tor -- a widely hailed piece of internet-connected software with its own internet browser. Tor is embraced by privacy aficionados for its reliable encryption and its history of covering users' internet tracks.

At first glance, the terminology around Tor can seem intimidating and alien. Don't worry, though. It's simpler than it seems.

Here's everything you need to know about Tor.

Read more: The best VPN service for 2020

Back in the mid-'90s, when the US Navy was looking into ways to securely communicate sensitive intelligence information, a mathematician and two computer scientists emerged from the Naval Research Lab with something called "onion routing." It was a new kind of technology that would protect your internet traffic with layers of privacy. By 2003, The Onion Routing project, acronymed Tor, was in the hands of the public, where its vast network of users -- the engine enabling Tor -- has since continued to grow.

Today, thousands of volunteers all over the world are connecting their computers to the internet to create the Tor network by becoming "nodes" or "relays" for your internet traffic.

At a basic level, Tor is a type of internet-connected network with its own internet browser. Once you connect to the internet with the Tor browser, your internet traffic is stripped of its first layer of identifying information as it enters the Tor network, and is then sent bouncing through those relay nodes, which serve to encrypt and privatize your data, layer by layer -- like an onion. Finally, your traffic hits an exit node and leaves the Tor network for the open web.

Once you're in the Tor network, it's nearly impossible for others to track your traffic's manic pinballing path across the globe. And once you leave the Tor network via an exit node, the website you view (assuming it has HTTPS in front of its address) isn't sure which part of the world you're hailing from, offering you more privacy and protection.

Read more: The best antivirus protection of 2020 for Windows 10

Normal web browsing is easy with Tor. Head to the official site and download the Tor browser. Follow the installation instructions as you would with any other program. When you open Tor for the first time, the program will ask you to either configure your connection (if you're in a country where Tor has been banned, like China or Saudi Arabia) or simply connect. Once you click connect, Tor may take a few minutes to find a set of relays to connect you through.

But once you're in, you can use Tor just as you would any other browser. You'll also be prompted to review your Tor browser security settings. If you're aiming for maximum privacy, I'd advise leaving the settings on their default selections.

If you start experiencing slower-than-normal speeds, you can nudge Tor into action by checking for a quicker connection path to the website you're trying to view. In the top right corner of the Tor browser, click the three-line menu icon and select New Tor Circuit for this Site.

The privacy-focused Brave browser also has an option to route traffic through Tor when inside a private window.

Now playing: Watch this: Brave browser gets more private with Tor


Because Tor is a volunteer-run network, speed can often be an issue. As your traffic moves from node to node, you're likely to notice more speed loss than you would, for instance, with most commercial virtual private networks. This becomes particularly noticeable if you try to watch streaming Netflix content over Tor or make voice-over-IP phone calls or video calls with an app like Zoom. Tor technology isn't necessarily built to provide seamless audio-video experiences.

Speaking of videos, there are also limits to the amount of privacy Tor can offer you if you enable certain browser media plugins like Flash. Likewise, your browser's JavaScript plug-in -- which enables you to view a lot of websites' embedded media -- can still leak your IP address information. Torrenting files with Tor also exposes you to privacy risks. Because of these risks, Tor's privacy settings have these kinds of plug-ins disabled by default.

If you're just looking to do general, daily internet perusal using a browser that will better hide your traffic from spying eyes, Tor probably isn't the best choice due to its slow speeds and incompatibility with most embedded media. But if you're concerned enough about privacy around a particular topic of internet research (and you don't have a VPN), Tor is probably the best choice for you.

In some cases, yes. Most of the time, however, it takes some know-how to be able to configure your VPN's connection to work in harmony with Tor. If you don't get it right, you can risk making both Tor and your VPN ineffective when it comes to protecting your privacy. We recommend getting familiar with both types of software before marrying the two.

On the plus side, however, a successful combination of the two can be useful. While Tor protects your internet traffic, your VPN can be set to encrypt the internet traffic of any other applications running on your device in the background.

To investigate VPNs further, check out our beginner-friendly guide to all the VPN terms you need to know and our directory of the best VPNs of 2020.

Now playing: Watch this: Top 5 reasons to use a VPN


Continue reading here:
What is Tor? A beginner's guide to using the private browser - CNET

Posted in Tor Browser | Comments Off on What is Tor? A beginner’s guide to using the private browser – CNET

How to activate DNS-over-HTTPS in the latest version of Google Chrome – Komando

Posted: at 3:11 pm

Google Chrome is many things, but private aint one of them. Compared to browsers like Firefox, which offer features like disabling cookies by default, Chrome is more of a run-of-the-mill platform to consume content online.

Thats not to say Chrome is a bad browser by any means. Despite being compatible with almost every part of the web and deeply integrated with your Google account, options like Tor Browser and Firefox provide a much more private experience that keeps prying eyes out of your business. Tap or click here to see which browser is best and why.

But the days of privacy-envy for Chrome users may be coming to an end thanks to a new feature rolled out by Google. Once its activated, it disguises the websites you access via encryption and not even your ISP can tell where you go. Heres how to get it on your browser.

DNS lookups are some of the most basic processes that happen online. Every website has a unique number code, or IP address, which allows it to be accessed online. The DNS system puts a name to this number, and allows you to access websites using the familiar .coms and .orgs you know and love.

Unfortunately, there is a drawback to DNS lookups: Theyre unencrypted. Even if youre accessing an encrypted website, the process of matching the URL you type with the websites IP address is potentially visible to hackers, law enforcement and even your internet service provider.

But now, Chrome users will be able to harness the power of encryption when logging on to their favorite sites. In a new blog post from Google, the company outlined its new Secure DNS feature for Chrome which encrypts the DNS lookup step automatically.

According to Google, this will keep your web history truly private, and can even prevent hackers from redirecting your connections to phishing sites. Tap or click here to see how they can do this using DNS hijacking.

Its a much-needed feature for the worlds most popular web browser, and users can start taking advantage of it as Google rolls it out over the next few months.

Fortunately, you dont have to wait for the official release of the feature to hit your browser before using it its already there in the latest version of Chrome. All you need to do is take a few developer-level steps to activate it.

Heres how you can get an early preview of the Secure DNS feature on Google Chrome:

Once Chrome relaunches, youll have access to this brilliant privacy feature. You wont notice it working since it happens in the background, but the security it offers cannot be overstated. This may be one of the biggest privacy wins for Chrome since the program released in the first place! Tap or click here to explore another feature that lets you flag scam websites.

Read more:
How to activate DNS-over-HTTPS in the latest version of Google Chrome - Komando

Posted in Tor Browser | Comments Off on How to activate DNS-over-HTTPS in the latest version of Google Chrome – Komando

The Patriot Act and your privacy – Security Boulevard

Posted: at 3:11 pm

On May 14, the Senate reauthorized the USA Freedom Act, which extends the expansive domestic surveillance powers contained in the Patriot Act.

The original Freedom Act had expired in March. Now that it has been reauthorized, it grants the FBI (and other law enforcement agencies) broad warrantless access to sensitive personal information, including Internet browsing and search history, for national security investigations.

This law restarts a massive domestic surveillance program that the US government can use to spy on its citizens with little oversight. This is a clear violation of the right to privacy.

Many articles have been written recently about this news, but few have analyzed the actual powers the legislation grants to surveillance agencies and what regular citizens can do to prevent their activities from being monitored. Here we break down what is happening, what you can do to protect your privacy, and how Proton products are designed to resist this type of intrusion.

The reauthorized version of the Freedom Act is a continuation of the vast surveillance program that began under the Patriot Act. The original Patriot Act permitted the untargeted, bulk collection of a wide range of documents, records, and other kinds of personal data. The Patriot Act (specifically section 215) allowed the collection of tangible things (including books, records, papers, documents, and other items) for an investigation to obtain foreign intelligence information. This was the section that permitted the untargeted bulk data collection of phone call metadata that Snowden revealed in his 2013 whistleblower leaks.

The Freedom Act, which was signed in 2015 in response to the Snowden revelations, was designed to curtail some of the most flagrant abuses of the Patriot Act. It prohibits dragnet bulk data collection and introduces public advocates to FISA court proceedings who can argue against the proposed surveillance of individuals. (The FISA court, or Foreign Intelligence Service courts, oversees surveillance requests. Its proceedings are usually confidential.) However, section 215 is still in force, which means that if the investigation pertains to national security, authorities can access vast amounts of your personal data, including your Internet browsing and search history.

The only check on the governments surveillance powers is the supervision of the FISA court. This is a significantly lower threshold than a warrant. On May 13, the Senate rejected an amendment that would have required authorities to get a warrant before they access your Internet browsing and search history. The final bill the Senate passed does contain an amendment (proposed by Senators Patrick Leahy and Mike Lee) that expands the role that outside legal experts can play in offering advice to the FISA court.

Still, section 215 and the FISA courts represent grave threats to citizens privacy. They are also ineffective. One of the governments own oversight boards found that information gathered under section 215 has only led to one actionable lead in four years, and another study found that FISA courts have widespread problems.

The system is clearly broken.

As a Swiss company, we are not subject to US law. Any requests from US law enforcement must be reviewed and approved by the proper Swiss authorities before we can comply.

If the Swiss authorities do approve such a request, we must share the data they have requested. Because ProtonMail uses end-to-end encryption and zero-access encryption, we cannot access your messages, and because ProtonVPN has a strict no-logs policy, we have very little information to share. Proton also minimizes the amount of data we require to set up an account, and we allow users to make privacy-friendly payments via Bitcoin or cash.

Detailed information is available in our privacy policy for ProtonMail and ProtonVPN.

US authorities could try to coerce the data centers that run our US VPN servers to give them access. However, because we do not keep logs of user activity, there is virtually no information on these servers that authorities could use. Still, we have implemented full-disk encryption on all our VPN servers, which secures all the software and configurations on them. This prevents the authorities from being able to steal servers certificates and redirect user traffic to servers they control.

Those that have additional privacy concerns can also connect to servers in the US via Secure Core, which routes your Internet traffic through a hardened server before sending it on to one of our VPN servers in the US. By routing your traffic through two VPN servers, you make it harder for authorities to match your online activity to your IP address.

There are practical steps you can take to prevent your data from being swept up in the US (or any other) governments unwarranted surveillance, but first, you must understand who the government can collect what data from. Under section 215, law enforcement authorities can go to your Internet service provider (ISP) and compel them to share your browsing history.

What your ISP can see depends on what precautions you take. If you visit an HTTP website (one that does not use transport layer security), your ISP will be able to see pretty much everything you do on that site. However, now that most Internet traffic is HTTPS-encrypted, your ISPs view of your browsing is limited. If you visit a site that uses HTTPS, your ISP will only be able to see the DNS name and the IP address of the site you are on.

Example: You are reading this blog post at Because our website is HTTPS-encrypted, your ISP only sees that you are visiting

However, if you do not protect your DNS requests (e.g., by using DNS over HTTPS), your ISP will be able to figure which pages you visit.

To protect your browsing history, use a trustworthy VPN service like ProtonVPN. When you connect to ProtonVPN, the only thing your ISP sees is that you are connected to one of our VPN servers. They cannot see what websites you visit while you are connected. We also encrypt your DNS requests so that no one can use them to figure out which sites you visited.

Authorities can also try to access personal data from services that track your online activity. These companies closely follow your browsing history by adding various trackers and beacons to the websites you visit. They use this information to show you targeted ads. While Google is the most prominent actor, it is not the only one. There are also many shady marketing companies that maintain massive databases and sell your data to third parties. Two good defenses against advertising cookies and trackers are the Privacy Badger (developed by the Electronic Frontier Foundation) and uBlock Origin tracker-blocking browser extensions. Together, these will block the majority of advertisers trying to track your browsing. (You can also turn on your browsers Do Not Track option.) You should also use your browsers Incognito Mode/Private Window feature. Your browser will forget the websites you visited and delete the cookies you accumulated once you close it if you use one of these private sessions.

To prevent authorities from accessing your search history, you should use a search engine that does not collect personal information, like

Another way you can protect your privacy online is to connect to the Tor network using the Tor browser.

To recap, if you want to protect your data, you should:

Renewing the Freedom Act without putting in place due process protections is a violation of the fundamental right to privacy. It enables the US government to spy on its citizens with little due process or oversight.

We understand the need for and support responsible law enforcement. Citizens everywhere deserve to live in safety and security on and offline, which requires diligent law enforcement. But writing laws that violate basic human rights is not a solution. On the contrary, such laws tend to erode the rule of law and typically foster bad practices, such as corruption.

This continues a troubling trend of Western democratic countries passing laws that flagrantly violate their citizens privacy. The UKs Investigatory Powers Act, Australias Assistance and Access Bill, and the EUs proposal for gathering electronic evidence are all backward steps that undermine the right to privacy, which is fundamental to maintaining any democracy.

Because the Senate added an amendment to the law, it must go back to the House of Representatives for approval. If you are a US citizen, you should call or write to your state representative to tell them that you support the Leahy/Lee amendment to H.R.6172 The USA FREEDOM Reauthorization Act of 2020. While it is too late to prevent the reauthorization of the Freedom Act, we can still shed light into the FISA court process and let outside legal experts offer their assessments and advice.

In a way, the Patriot Act is responsible for the creation of Proton. After hearing the Snowden revelations, our founders were inspired to create a private email service that protects everyones communications. Now that the Patriot Act is being renewed, we are here to help our users protect their freedom and privacy.

Follow us on social media to stay up to date on the latest ProtonVPN releases:

Twitter | Facebook | Reddit | Instagram

To get a free ProtonMail encrypted email account, visit:

The post The Patriot Act and your privacy appeared first on ProtonVPN Blog.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from ProtonVPN Blog authored by Richie Koch. Read the original post at:

View post:
The Patriot Act and your privacy - Security Boulevard

Posted in Tor Browser | Comments Off on The Patriot Act and your privacy – Security Boulevard

Firefox zero day in the wild: patch now (Tor Browser too!) – Naked Security

Posted: April 11, 2020 at 7:47 pm

Mozilla just pushed out an update for its Firefox browser to patch a security hole that was already being exploited in the wild.

If youre on the regular version of Firefox, youre looking to upgrade from 74.0 to 74.0.1 and if youre using the Extended Support Release (ESR), you should upgrade from ESR 68.6.0 to ESR 68.6.1.

The Tor Browser followed suit shortly afterwards [updated 2020-04-06T22:30Z], so if youre a Tor user, you want to make sure you upgrade from 9.0.7 to 9.0.8. (See below for screenshots.)

Given that the bug needed patching in both the latest and the ESR versions, we can assume either that the vulnerability has been in the Firefox codebase at least since version 68 first appeared, which was back in July 2019, or that it was introduced as a side effect of a security fix that came out after version 68.0 showed up.

(If you have ESR version X.Y.0, you essentially remain on the feature set of Firefox X.0, but with all the security fixes that have come out up to and including Firefox (X+Y).0, so the ESR is popular with IT departments who want to avoid frequent feature updates that might require changes in company workflow, but dont want to lag behind on security patches.)

What we cant tell you yet are any details about exactly how long ago the bug was found by the attackers, how they are exploiting it, what theyre doing with it, or whos been attacked so far.

Right now, Mozilla is saying no more than this:

The bug details in Mozillas bug database arent open for public viewing yet [2020-04-04T14:30Z], presumably because the Mozilla coders who fixed the flaw have, of necessity, described and discussed it in sufficient detail to make additional exploits very much easier to create.

A use-after-free is a class of bug caused by incautious use of memory blocks by a program.

Usually, a program returns blocks of memory to the operating system after it has finished with them, allowing the memory to be used again for something else.

Returning memory when you are done with it stops your program from hogging more and more RAM the longer it runs until the whole system bogs down.

The function call by which memory is returned to be used again is called free(), and once youve freed the memory, you rather obviously shouldnt access it again.

Most importantly, if you read and trust data that now belongs to another part of the program for example, memory that just got re-allocated as a place to store untrusted content that was downloaded from a web page or generated by JavaScript fetched from outside then you may inadvertently put your code at the mercy of data that was carefully crafted by a crook and served up to trick you on purpose.

Not all use-after-free bugs are exploitable, and not all exploits are made equal for example, an attacker might only be able to change the content of an icon or a message you are about to display, which could be used to deceive users (for example by giving positive feedback when something actually failed), but not to implant malware directly.

But in some cases, use-after-free bugs can allow an attacker to change the flow of control inside your program, including diverting the CPU to run untrusted code that the attacker just poked into memory from outside, thereby sidestepping any of the browsers usual security checks or are you sure dialogs.

Thats the most serious sort of exploit, known in the jargon as RCE, short for remote code execution, which means just what it says that a crook can run code on your computer remotely, without warning, even if theyre on the other side of the world.

Were assuming, because these bugs are dubbed critical, that they involve RCE.

What one team of crooks has already found, others might find in turn, especially now they have at least a vague idea of where to start looking.

So, as always, patch early, patch often!

Most Firefox users should get the update automatically, but you might as well check to make sure its there because the act of checking will itself trigger an update if you havent got it yet.

Click the three-bar icon (hamburger menu) icon at the top right, then choose Help > About Firefox.

See the original post:
Firefox zero day in the wild: patch now (Tor Browser too!) - Naked Security

Posted in Tor Browser | Comments Off on Firefox zero day in the wild: patch now (Tor Browser too!) – Naked Security

IntSights: The dark web is a wretched hive of coronavirus scams and pandemic cybercrime – VentureBeat

Posted: at 7:47 pm

Dark web players have seized on the chaos caused by the coronavirus pandemic to cultivate a vast range of scams that target everyone from vulnerable consumers to unprepared medical facilities.

According to a new report from global threat intelligence firm IntSights, a mixture of cybercriminals and state-sponsored actors are exploiting the confusion and fear around the COVID-19 pandemic to launch schemes that include registering domain names to run phishing campaigns, new types of malware and ransomware, intercepting traffic from the growing amount of videoconferencing, and hawking phony coronavirus products.

Charity Wright, a cyber threat analyst at IntSights, specializes in Chinese disinformation campaigns and the dark web. While shes seen plenty of nefarious activity over the years from the dark web, she was still stunned by the amount of coronavirus-related activity the company detected.

What weve seen is an exponential increase, she said. Its overwhelming. Its much more than I expected.

As the number of coronavirus cases have surged, governments and private companies have been worried about growing amounts of disinformation and various types of fraud. Last week, an EU official criticized companies such as Google, Facebook, and Amazon for continuing to make money from advertising for various misleading claims and products.

IntSights, based in New York City, has developed a threat detection platform that uses artificial intelligence and machine learning to scour the deep and dark webs for specific keywords that can be used to alert potential targets. The deep web can be accessed from a typical web browser by someone who knows where to look, while the dark web requires someone to be using the Tor Browser.

The IntSights report scanned both the deep and dark webs, though primarily the latter. Looking through hacker forums and black markets, the companys platform analyzed the coronavirus-related schemes being discussed and launched.

One of the biggest strategies being shared on the dark web is how to use domain names to create phishing campaigns. There has been an explosion in domain name registrations related to the coronavirus that are then used to harvest peoples emails, passwords, and personal information.

According to IntSights analysis, in 2019 only 190 domains containing some version of corona and covid were registered. By January, that number had jumped to 1,400, then 5,000 in February, then 38,000 in March.

In another case, IntSight researchers uncovered a malware tool created by a Russian underground vendor that masquerades as the Johns Hopkins coronavirus map. People can embed a version of the map on a website where it will pull in the actual data from the Johns Hopkins map, but meanwhile it secretly installs malware on a users computer to steal their information.

Dark web actors are also sharing tips on how to sell products that claim to be virus tests or vaccines. One such offering claims to sell blood and saliva from a coronavirus survivor to boost peoples immune systems. In various forums, templates and images are being shared to make it easier for others to create their own customized version of these scams.

The scammers are also targeting mobile platforms. The company detected a surge in fake mobile apps that are primarily made for Android-based phones. These apps have been found to include ransomware, trojans, and spyware.

Finally, the growth in remote work has become a rich source of information for criminals. As people have turned to collaboration and video conferencing platforms, IntSights reports a big uptick in conversations on dark web forums about tips for exploiting the various vulnerabilities.

This graph shows an increase in conversations, for instance, around how to attack Zoom:

For now, Wright and IntSights are cautioning individuals and companies to take commonsense precautions. Companies should reevaluate their threat landscape to include threats to remote working, increase monitoring of collaboration tools and endpoint security, enforce rules on use of VPNs and passwords, and take aggressive steps to educate employees.

That said, Wright predicts that the volume and variety of coronavirus-related cyber scams is only going to increase in the coming weeks.

Its not slowing down much right now, Wright said. Unfortunately, thats because threat actors have been very successful in using them.

Read more here:
IntSights: The dark web is a wretched hive of coronavirus scams and pandemic cybercrime - VentureBeat

Posted in Tor Browser | Comments Off on IntSights: The dark web is a wretched hive of coronavirus scams and pandemic cybercrime – VentureBeat

What Is the Tor Browser & How To Use It In 2020 – Blokt

Posted: at 7:47 pm

If you want to protect your privacy online, you need to know about and start using Tor. In this article, we will talk about what Tor is, along with who uses it and why.

From there, well get into exactly how Tor works, how it provides anonymity, and the limitations of the service.

Well finish up by walking through downloading, installing, and starting to use Tor on your own computer.

Tor began its life in the 1990s when researchers at the US Naval Research Laboratory developed onion routing. Onion routing makes it possible to pass messages through a network anonymously. It uses multiple layers of encryption that get peeled off one by one (like peeling an onion) as the message passes through multiple nodes in the network.

In 2004, the Navy released the second generation of Tor. In 2006, researchers involved in Tor incorporated the Tor Project and took responsibility for maintaining Tor.

Tor stands for the onion router. It is a network of thousands of computers around the world that implements onion routing. Originally designed to protect US Intelligence Agency communications online, it now serves millions of users, military, government, and civilian, in every country on Earth.

How does Tor protect your privacy?

We were going to try to explain how Tor protects your privacy, but why not let the Tor team do it themselves?

People from around the world who want to / need to protect their privacy by using the Internet anonymously use Tor. Here are some of the types of users were talking about:

To get an idea of how many people use Tor, as well as all sorts of other statistics, visit Tor Metrics.

As far as we can determine, it is legal to use Tor anywhere in the world. That might be surprising but look at all the different types of users. Governments and law enforcement agencies around the world rely on Tor, as do all sorts of civilian groups.

Whether Tor is safe or not depends on what you mean by safe.

Is the Tor Browser safe to use (free of spyware and so on)? Yes, if you download it from the official Tor Project page.

Is the Tor network safe to use? Yes, if you use Tor to browse regular websites.

Is every place you can visit with Tor safe and legal? Hell no! Tor gives you access to sites on the Internet that you cant reach with Google Chrome or other regular web browsers. But so what? You can use a regular web browser to go to places on the public Internet that arent safe or legal either.

As with most other things in life, whether Tor is safe or not depends on you using it safely.

Using Tor Might Attract Unwanted Attention

While you may use Tor safely and legally, the fact that you are using it may attract unwanted attention. Law enforcement and spy agencies around the world are likely interested in anyone using Tor or any technology that makes it harder for them to spy on you.

As Edward Snowden showed us years ago, the US government and numerous others seem intent on spying on 100% of everything that everyone on Earth does online anyway. But it is possible that some human or AI (Artificial Intelligence) analyst might pay more attention to the info they gather on you if you use Tor. Youll need to decide if doing things anonymously is worth the possibility of increased attention by these groups.

It is theoretically possible to hack Tor. The network was hacked in 2014, apparently by the FBI. There are also more recent stories of the computers of Tor users being hacked to get information for criminal investigations.

In addition, a sufficiently powerful entity (a global adversary) could theoretically monitor all of the entry and exit points of the Tor network. Using statistical analysis, they could likely de-anonymize users of the network.

So yes, Tor can be hacked. But again, so what? Nothing in this world is 100% foolproof. If you want to protect your privacy online, using Tor can help. If you want to do something that will set the NSA, KGB, NCCU, or other powerful security agencies on your tail, there may be nowhere you can hide.

Understanding the basics of how Tor works isnt hard. Understanding it in depth is a lot tougher. Well go through the basics first. If all you want to know is the basics, great. You can skip ahead once you are done with this section.

If you already feel a bit overwhelmed by Tor, but you still want some basic privacy, then we recommend a good VPN service. Nordvpn or Expressvpn are the top two privacy-focused VPN services according to our best vpn services guide.

Well also cover the details in more depth for anyone who is interested.

How Tor Works: The Basics

When you visit a website normally (without using Tor), your computer makes a direct connection to the computer where the website is located. The problem with this is that when you do it this way, the website can see all sorts of information about you. It can see your computers IP address, the operating system you are using, the web browser you are using, and more. That information can be used for tracking what you do online and possibly identifying you.

When you use Tor to visit a website, things get more complicated. The connection between your computer and the website passes through three random computers in the Tor network. Each of those computers only knows which computer gave it data and which it gives data to. No computer in the network knows the entire path. Meanwhile, the only thing the website can see is that it is connected to the final Tor computer in the path.

As a result, there is no way to identify you based on the connection between your computer and the website. This makes your connection anonymous.

How Tor Works: The Details

When you visit a website without using Tor, your computer establishes a direct connection with the computer hosting the website. Data packets pass back and forth between the two, enabling you to view and interact with the website.

Each data packet consists of the data itself (the payload) and a header with additional information, including data about your web browser, and the IP address of the source and the destination. At a minimum, a website (or anyone spying on your connection with the website) can use the IP address to figure out approximately where you are located.

Beyond that, a web browser will automatically share all sorts of information with any website it connects to. This includes things like who your Internet Service Provider is, what Operating System your computer uses, your video display mode, even the power level of your laptop battery. The figure above shows just some of the data my computer gave up when I connected it to What every Browser knows about you, a site designed to show you what your computer is telling the world without your knowledge.

Tor prevents this from happening.

When you connect to the Internet using the Tor Browser, the browser connects to a random entry point (Guard Relay) on the Tor network. The browser negotiates an encrypted connection with the Guard Relay. Data sent along this connection is encrypted using these keys so only your browser and the Guard Relay can decrypt them.

Your browser then negotiates another connection, this one from the Guard Relay to another computer in the Tor network called a Middle Relay. For this connection, it creates another set of keys that are used by the Guard Relay and Middle Relay.

Finally, your browser negotiates a third connection. This is between the Middle Relay and an Exit Relay. Again, it negotiates a set of keys that will be used to encrypt and decrypt data passing along the connection between the Middle Relay and the Exit relay.

Data passing from your browser to the Internet gets encrypted three times.

Your browser passes the triply-encoded data to the Guard Relay. The Guard Relay strips off the outermost layer of encryption. Two layers of encryption still protect the data itself. All the Guard Relay knows is where the data came from, and what Middle Relay to send it to.

The Guard Relay passes the now doubly-encoded data to the Middle Relay. The Middle Relay strips off the next layer of encryption. A layer of encryption still protects the data itself. All the Middle Relay knows is that the data came from the Guard Relay, and what Exit Relay to send it to.

The Middle Relay passes the singly-encoded data to the Exit Relay. The Exit Relay strips off the final layer of encryption. The data itself is now unprotected. The Exit Relay can see the original data, but it doesnt know that this data originated at your browser. All it knows is that the data came from the Middle Relay, and what website to send it to.

The website receives the data from the Exit Relay. As far as the website can tell, the data originated at the relay. It has no way to tell that the data originated at your browser.

Because no node in the path knows the entire path between your computer and the website, the transport of data between the two is anonymous.

Onion Services are online services that you can reach through Tor but are not accessible using a normal web browser or the standard Domain Name System (DNS).

Note: These services used to be known as Tor Hidden Services.

When you use the Internet normally, you can only see the web pages that are indexed by search engines. This is called the Surface Web. But there is another part of the Internet that you cant see. This is called the Deep Web.

The Deep Web is the part of the Internet that is not indexed by search engines. It includes things like corporate databases, government resources, medical records, and so on. Anything that is on the Internet but that doesnt show up in search engines. Researchers estimate that more than 90% of all the information on the Internet is within the Deep Web.

If you know the address and have the right permissions, you can interact with most Deep Web sites using the same stuff you use on the Surface Web.

Onion Services occupy a part of the Deep Web known as the Dark Web. You need special browsers and/or protocols to interact with Dark Web sites. The Tor Browser handles all this so you can interact with Onion Services.

All Onion Services have a 16 character name derived from the services public key and end with .onion. For example, if you entered this http://rougmnvswfsmd4dq.onion/ into a standard web browser, it would give you an error something like this:

Enter the same thing into the Tor Browser, and it would take you to the Tor Metrics Onion Service, which happens to look like this:

With names like these and no way to find them through regular search engines, it is clear that you arent going to just stumble across Onion Services. That makes sense since Onion Services are designed to protect the anonymity of both the person providing the service and the person using it.

But how do you find them?

One way is to use special indexes. Indexes are lists of Onion Services. They are not search engines that are machine-generated and maintained. Each Index is compiled and maintained by hand. Here is an example of an index:

Indexes only include a tiny fraction of the Onion Services that exist. So how else do you find Onion Services?

Some of the popular search engines in the Surface Web have Onion Services as well. Heres one privacy-friendly search engine with its own Onion Service, DuckDuckGo:

This looks promising, but when you do a search, the results arent Onion Services. They are just results from the Surface Web.

There are some Onion Service search engines out there. But the ones we looked at while preparing this article didnt seem to give good results and offered lots of ads for the kinds of stuff that give the Dark Web a bad name. We wouldnt recommend using them.

Besides hand-made indexes and sketchy search engines, your options are limited. Word of mouth is one way. Following links from one Onion Service to the next is another. In other words, it isnt easy to find Onion Services that arent listed in an index.

Sometimes Onion Services Show Up in Search Engines

Despite what we just told you, Onion Services do sometimes show up in searches on regular search engines. This is because there are yet other services that make a connection between the Surface Web and Onion Services.

But think about it. Using a service like this means that you are letting one of these services sit in between your computer and Tor to handle the connection for you. There goes your anonymity.

We dont recommend using these services.

Surprisingly, the US Government pays for a lot of it. According to CNBC Internationals What is the Dark Web? video, the State Department and the Department of Defense provide 60% of the funding for the Tor Project. They support Tor so that dissidents worldwide have a secure place to organize and report on abuses. Various US government agencies use Tor as well.

Beyond the US government, several other organizations contribute. But the greatest number of contributions (if not total dollars) comes from individuals. Individuals contribute both with cash and by running Tor relays.

If you are ready to give Tor a try, nows the time. Follow the steps below, and you will be up and running on Tor is short order.

Decide Which Operating System to Use

Tor provides anonymity when using on the Internet. But if your Operating System is insecure, you are still vulnerable. If being a Tor user really does invite increased government attention, you may be more vulnerable than before.

You can run Tor on Microsoft Windows. But most people interested in privacy are moving away from Windows. Why?

Because Windows has such a large market share, it is the prime target for hackers. Because Windows has a history of being vulnerable to viruses, hackers, and all sorts of security problems. And because, at least with Windows 10, Microsoft grants itself permission to gather all sorts of information from your computer and record it in itsown database.

A better choice would be to use a version of Linux. Most security professionals see Linux as more secure than Windows or even MacOS.

The choice is, of course up to you. But whichever Operating System you choose, make sure you install the latest security updates and use a quality antivirus/antimalware program.

Were going to use Linux Mint for this example.

Download and Install the Tor Browser for Your Operating System

Go to the Tor Browser download page and click the Download button for the version for your Operating System.

Once the download is complete, click the sig link below the button to verify the Digital Signature of the package (follow the red arrow in the image below). This ensures that the Tor file has not been corrupted or hacked. If you dont know how to do this, the Verifying Signatures page has instructions.

Once you confirm the Digital Signature, install the Tor browser normally.

Before you go any further, we strongly recommend you read the warnings and suggestions in the Want Tor to really work? section of the download page. If you follow the given advice there, it will make using Tor even more secure.

Start Browsing Privately with Tor!

If you followed the preceding steps, all you need to do is launch the Tor Browser. Expect to wait a few moments as the browser establishes a connection to the Tor network. After that, you should see something like this:

Before you do anything else, heed this warning: Some people claim that you should never resize the Tor Browser window from the default that it launches in. They say that doing so will make your browser stand out a bit from those of other users who have not changed the size of the window.

We dont know whether this is something to worry about or not but wanted to throw it out there before you start playing with your shiny new Tor Browser.

Hey! What about some indexes to get us started?

Here is an Onion Service index to get you started.

We cant vouch for these guys beyond saying that they seem to be legitimate and as of 5 March 2019, they were still online.

We dont want to weasel on you, but that depends. It depends on what you do online, where you live, and how much you care about protecting your privacy. To help you figure this out, weve put together a table of Pros and Cons of using Tor from the privacy perspective:

Privacy Pros and Cons of Tor

The rest is up to you. But remember, this isnt an all or nothing affair. If you want, you can use your regular browser for regular stuff, and use Tor for things like banking and investigating that sensitive medical condition you dont want anyone to know about.

Good luck, and stay safe!

P.S For even more privacy, read our Tor vs VPN guide.

Or if your interested in an alternative to Tor, check out our article on What is I2P.

Blokt is a leading independent cryptocurrency news outlet that maintains the highest possible professional and ethical journalistic standards.

Continue reading here:
What Is the Tor Browser & How To Use It In 2020 - Blokt

Posted in Tor Browser | Comments Off on What Is the Tor Browser & How To Use It In 2020 – Blokt

Tape the webcam, enable firewall: 11 rules to ensure cyber security when you work from home – Economic Times

Posted: at 7:47 pm

By Kushal Das

Just as the lockdown started, IT departments across the country had a litany of things to worry about. From making sure that employees have laptops ready to be able to seamlessly begin working from home, to preparing infrastructure teams and working with network-provider companies, as the demand for bandwidth went up.

Another pertinent issue that creates a new set of challenges with remote working is security. As most companies were not prepared for this move to WFH, the employees were never given any proper training or guidance about the basic security measures to take to protect the company assets, client information, and their own digital security.

As a result, criminals have found this as an easy surface to attack. Targeted phishing campaigns, malware, and ransomware attacks are increasing.

Here's a look at some basic pointers to keep in mind while working from home.

1. Beware of phishing Always double check the e-mail sender's address and do not click on any link provided on the emails (or download files) from unknown people. Even if you know the name of the person, verify if it is the correct e-mail address. If you have to open pdfs/docs/Excel sheets from unknown senders, it is much better to upload them to a cloud service like Google Drive, and open via Web tools.

This will help in case there is a malware in those attachments. If there is any known Web address in the e-mail, instead of clicking them, type them in the browser and open the site. Remember, criminals can easily fool you by faking URLs.

If you receive any e-mail asking to share authentication information (passwords, tokens, infrastructure details, or customer details), report to your IT team immediately. Do the same for any last-minute change request (say, of bank accounts). Please contact the person over phone or thorough encrypted chats and verify the request before taking any action.

2. Secure video callsFor video chatting, it is always better to use Web clients inside of your browser. If you have to download and install any software, make sure that you are downloading from a legitimate website. Criminals often spoof websites and stack them with malware, which may spy into your work or may be ransomware.

It is also important to note that many of the well-known video-chatting services are also not end-to-end encrypted, which opens them up to the possibility of snooping. If a business does not have a budget for paid services, using services that are secure is important.

Also remember not to share meeting, or screenshots from your video calls on the social media. You may accidentally be leaking information (meeting ID or other confidential information). Remember to close all software that arent required during the meeting.

3. Do not share any password or authentication details The average Web-based chat is unlikely to be end-to-end encrypted, and if passwords or other authentication details are shared over it, there is a chance that attackers can access that information. Try to identify one verified encrypted chatting medium and share these information over that one medium only. It can be Signal, Wire, Keybase, or any other system based on your organisations need and capacity.

4. Do not install any unverified softwareDo not download and install pirated software or anything else from random sites off the Internet. Many of them are malware ridden. Remember, since you are working from home, it my be difficult to get help in case of a cyber attack.

5. Lock the computer when you are getting upEven if you are inside the house, make sure to lock the computer screen when you get up. This is because someone in the house, maybe children, may click on the system and that could mean trouble.

6. Update your system dailyAs and when companies find bugs in their software and OS, they are also fixing them by releasing regular updates. Make sure that every day, you find time to update your system. Just having the latest version will save you from many threats.

7. Remember to enable a firewall All operating systems come with default firewall systems and you should not disable them. They are essential to defending against many known attacks.

9. Tape up your webcam and mute the mic by default If you are not in a meeting, make sure that your webcam is either taped or blocked via double folded paper. The microphone should always be on mute. There will be times when private topics may be discussed, and having the microphone on mute will help prevent any leaks or unnecessary sharing of embarrassing information.

10. Remember to check your childrens network access If your children are using a device, make sure you keep an eye on the content they are watching. Ask them not to click on any unknown image or link.

11. Secure browsing If you want an extra layer of security and privacy, it is a good idea to install the Tor browser. It comes with many security features, which makes Web-based attacks difficult to execute on your computer.

- The author is public interest technologist at Freedom of the Press Foundation; a CPython core developer; and director, Python Software Foundation.

4 Apr, 2020

4 Apr, 2020

4 Apr, 2020

4 Apr, 2020

4 Apr, 2020

Follow this link:
Tape the webcam, enable firewall: 11 rules to ensure cyber security when you work from home - Economic Times

Posted in Tor Browser | Comments Off on Tape the webcam, enable firewall: 11 rules to ensure cyber security when you work from home – Economic Times

Tails 4.5 Is Out: Run The Live Operating System With Secure Boot – Fossbytes

Posted: at 7:47 pm

Do you care about your anonymity and you use a Linux distro as your daily driver? Well then, you must be aware of the security-focused Debian Linux-based Tails operating system. If not, check out the latest version of Tails 4.5 which you can run directly from your USB stick without installation.

The new version 4.5 comes with several security bug fixes and vulnerabilities. Most importantly, the upstream Debian security flaws such as BlueZ and GnuTLS which allow attackers to access the target host system.

Other security updates include support for secure boot. You can now run Tails on your computer with secure boot enabled. This means your Original Equipment Manufacturer (OEM) firmware only allows the booting of authorized software.

Lastly, software packages such as the Tor browser and Firefox have been updated to their newer versions. Read the official release notes here for complete details.

The latest version fixes numerous security vulnerabilities. Hence, you must upgrade your system to v4.5. Though automatic upgrades are available from Tails 4.2 or later to 4.5, you can follow the manual upgradeas well.

For fresh installation on a new USB stick, you can follow the instructions for your respective operating system Windows, macOS and Linux.

Following the tradition of new releases every month, Tails 4.6 is scheduled to be released on May 5. For more details, you can check out the next release roadmap here.

Read this article:
Tails 4.5 Is Out: Run The Live Operating System With Secure Boot - Fossbytes

Posted in Tor Browser | Comments Off on Tails 4.5 Is Out: Run The Live Operating System With Secure Boot – Fossbytes

This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware – Hackaday

Posted: at 7:47 pm

You were promised Zoom news last week, but due to a late night of writing, that story was delayed to this week. So whats the deal with Zoom? Google, SpaceX, and even the government of Taiwan and the US Senate have banned Zoom. You may remember our coverage of Zoom from nearly a year ago, when Apple forcibly removed the Zoom service from countless machines. The realities of COVID-19 have brought about an explosion of popularity for Zoom, but also a renewed critical eye on the platforms security.

Zoombombing, joining a Zoom meeting uninvited, made national headlines as a result of a few high profile incidents. The US DOJ even released a statement about it. Those incidents seem to have been a result of Zoom default settings: no meeting passwords, no waiting room, and meeting IDs that persist indefinitely. A troll could simply search google for Zoom links, and try connecting to them until finding an active meeting. Ars ran a great article on how to avoid getting zoombombed (thanks to Sheldon for pointing this out last week).

There is another wrinkle to the Zoom story. Zoom is technically an American company, but its Chinese roots put it in a precarious situation. Recently its been reported that encryption keying is routed through infrastructure in China, even though the calling parties are elsewhere. In some cases, call data itself goes through Chinese infrastructure, though that was labeled as a temporary bug. Zoom was also advertising its meetings as having end-to-end encryption. That claim was investigated, and discovered to be false. All meetings get decrypted at Zoom servers, and could theoretically be viewed by Zoom staff.

Why does it matter? Is this just anti-Chinese rhetoric? Well, no. When a service like Zoom is hosted on a server in a given country, that service is subject to that countrys laws. China has a rather dismal history of abusing communications infrastructure to spy on and persecute its own citizens. (I am aware that the US has a dismal history there as well. Im not excited about my conversations being in the clear on a US server, either.) While thats not necessarily a huge problem for a school doing distance learning, government leaders should probably avoid holding cabinet meetings over the service.

Its a Hollywood trope at this point. Our hero has to infiltrate the super secret organization, and to get in, he has to defeat a fingerprint scanner. No problem, the hero has lifted a fingerprint earlier in the movie, and with a bit of ingenuity, fools the fingerprint scanner. Thats just the movies, and real fingerprint readers are more secure, right? Well, the Talos group at Cisco put the myth to the test. They used a 25 micron UV 3d printer to make a series of molds, and then tried different materials to cast the fake prints. A fabric glue seemed to work the best, as it was able to fool capacitive sensors as well as visual.

A mold could be calculated and printed in an hour in 25-micron resolution. There is some additional time for the cast itself to set, and they conclude that the attack isnt something that can be performed quickly.

Phones seemed to fare the worst, with a success rate somewhere around 80%. Of particular interest is the devices that were difficult to compromise. Interestingly, Windows Hello, a part of Windows 10, was entirely resilient to their attacks. The Talos researchers suggest that the key here is the comparison algorithm used to compare the scanned fingerprints. Another winner was the pair of USB keys that use a fingerprint scanner to unlock the stored data. Those keys also shrugged off this attack. The Talos researchers made sure to point out that this doesnt mean that these devices are secure against this type of attack. Their work was intentionally low-budget, and its likely a more determined, well-funded attacker could overcome the rest of the devices.

But even if you just want to play around with this at home, with a little effort you can fool face and iris recognition yourself. And all this aside, you shouldnt have to use biometric information in place of passwords anyway.

Running Firefox or the Tor browser anywhere? Go update now, make sure you on 74.0.1 or better (or 68.6.1 if youre using Firefox ESR). There are a pair of use-after-free bugs that are being actively exploited. There arent many more details available at the moment, possibly because of related bugs that still need to be fixed. According to the researcher that found the bugs: There is still lots of work to do and more details to be published (including other browsers). Stay tuned.

On the Google side of the fence, the big news is that the new same-site cookies policy is being rolled back. The Chrome blog has a link to a great explainer of the potential problem with 3rd party cookies, and how the samesite policy changes can help.

A novel paper came across my digital desk this week (PDF) that introduces a new way to ask an old question: What secrets is this closed-source app hiding? Weve talked about backdoors, hard-coded passwords, and hidden administrator menus in the past. Most of the time, these are unintentional; bits of debugging code that were forgotten about and never removed. In the linked paper, a technique was developed to examine the input validation code of an app, looking for hidden hardcoded options.

For example, a 3rd party screen lock will take user input, and then make a system call to compare that input against the system password. If there is a string compare that happens before the expected system call, then there might be a secret backdoor password hard-coded into the app. In another example, a translation app had a secret menu, unlocked by entering a hardcoded key, where debugging tasks could be done, like disabling ads.

After scanning 150k Android apps, about 12k were discovered to have hardcoded backdoors, passwords, or debugging menus. In other words, just over 8% of the most popular Android apps have some suspicious behavior built-in.

Via Heise Online

Ahhh, theres not many things that satisfy quite like unboxing new hardware for the first time. You finally pulled the trigger on a new laptop, and now its ready to boot up for the first time. Many of us have a similar policy in these situations: Boot the laptop, uninstall the OEM bloatware. If that isnt your habit, then maybe[Bill Demirkapi]s research on HP bloatware will convince you.

Theres quite a bit here, but the most interesting attack chain, an RCE, takes advantage of some seemingly unrelated issues. The first is an open redirect on HPs site. This seem innocuous enough.” would automatically redirect you to Google. The second issue is an HP service that registers a custom URL protocol. That protocol downloads and runs or opens the downloaded file. Before starting the download, there is check run that this download is coming from an HP domain. The open redirect comes in handy here, as the redirect is followed after that domain check is performed. An official looking link can then trigger HPs update downloader, which then will automatically open a downloaded zip file. Yes, it requires two interactions to compromise, but is a clever chain nonetheless.

Yet another installment of our Coronavirus scamming story. This week well look at emails claiming to be from the US Small Business Administration (SBA).

I received this email Tuesday the 7th, and took a moment to realize it was a fake. The first giveaway is that the attachment is a .img, rather than a PDF or other image file. That disk image contains a SBA_Disaster_Application_Confirmation_Documents_COV_Relief_doc.exe executable. There are a few other tip-offs that this probably isnt a legitimate communication, like the spelling of centres and endeavour, using the British spellings. The last, and perhaps most obvious flaw, is that the date has already passed.

Hold on to your hats, because were about to speculate. You see, this email came in only a few hours after I filled out some online paperwork for an Economic Injury Disaster Loan, on the official SBA website. I very nearly fell for this, because the timing was so spot-on. It appears that the SBA is leaking information about grant applicants, and someone is using that leak to run a phishing campaign.

More here:
This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware - Hackaday

Posted in Tor Browser | Comments Off on This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware – Hackaday

Apple blocks third-party cookies in Safari – ZDNet

Posted: March 26, 2020 at 6:30 am

Image: Nobbby

Starting today, with the release of Safari 13.1 and through updates to the Intelligent Tracking Prevention (ITP) privacy feature, Apple now blocks all third-party cookies in Safari by default.

The company's move means that online advertisers and analytics firms cannot use browser cookie files anymore to track users as they visit different sites across the internet.

But Apple says the move isn't actually a big deal, since they were already blocking most third-party cookies used for tracking anyway.

"It might seem like a bigger change than it is," said John Wilander, an Apple software engineer. "But we've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari."

Apple's Safari has now become the second browser -- after the Tor Browser -- to block all third-party cookies by default for all its users.

However, while Apple was quicker to block third-party cookies in Safari, Google is actually the one who pushed browser makers towards making this move in the first place, in a May 2019 blog post.

At the time, Google announced plans to block third-party cookies by default in Chrome and in the Chromium open-source project, on which multiple other browsers are built.

Google released Chrome v80 at the start of February with support for third-party cookie blocking (under the name of SameSite cookies), but the feature won't fully roll out to all Chrome's users until 2022.

Microsoft's Edge, which runs a version of Google's Chromium open-source browser has also begun gradually blocking third-party cookies as well, but the feature is not enabled by default for all its users either.

Apple's decision today doesn't mean that Safari now blocks all user tracking, but only tracking methods that rely on planting a cookie file in Safari and (re-)checking that cookie time and time again to identify the user as he moves from site to site.

Other user tracking solutions, such as user/browser fingerprinting, will most likely continue to work.

Nonetheless, this is a major step in the right direction. With Google, Safari, Microsoft, and all the other Chromium-based browsers on board, now, the vast majority of current web browsers block third-party cookies or are on their way towards full blocks.

"This update takes several important steps to fight cross-site tracking and make it more safe to browse the web," Wilander explained in a Twitter thread today.

"First of all, it paves the way. We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap.

"Second, full third-party cookie blocking removes statefulness in cookie blocking.

"Third, full third-party cookie blocking fully disables login fingerprinting, a problem on the web described already 12 years ago. Without protection, trackers can figure out which websites you're logged in to and use it as a fingerprint," Wilander added.

"Fourth, full third-party cookie blocking solves cross-site request forgeries. This is one of the web's original security vulnerabilities and discussed in communities like OWASP for well over a decade. Those vulnerabilities are now gone in Safari."

More on the move and what it means to developers and website owners is available in the WebKit team's blog post.

Go here to see the original:
Apple blocks third-party cookies in Safari - ZDNet

Posted in Tor Browser | Comments Off on Apple blocks third-party cookies in Safari – ZDNet

Page 11234..1020..»