Category Archives: Tor Browser

A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple massive spam campaigns distributing the malware via the Necurs botnet.

It came out of nowhere with a huge bang, Cisco Talos researchers said Friday

In the last 24 hours, the firm has observed several large-scale email campaigns each using a PDF attachment with an embedded Microsoft Word document functioning as the initial downloader for the ransomware.

According to Proofpoint researchers Jaff was being distributed as part of a massive spam campaign involving tens of millions of messages. If recipients downloaded and enabled a Word macro associated with the PDF the ransomware was downloaded. Actors behind the malware then demanded a ransom of 1.79 bitcoins (currently $3,300).

Interestingly we identified several characteristics that we have previously observed being used during Dridex and Locky campaigns, wrote Cisco Talos researchers Nick Biasini, Edmund Brumaghin and Warren Mercer and Colin Grady, who co-authored a report posted Friday. Similar characteristics include how the ransomware is being distributed and the C2 communication patterns, researchers said.

However we are confident that this is not simply a new or retooled version of Locky ransomware. There is very little similarity between the two codebases, and while it is possible that the same actors who once used Necurs to spread Locky has switched to distributing Jaff, the malware itself is distinct enough in nature that it should be treated and referred to as a different ransomware family altogether, Ciscos researchers said.

Proofpoint, who published its research on the malware Thursday, said itssimilar to Bart ransomware it reported on in June 2016. Bart and Jaff have a payment screen similar to Locky, researchers note. Not similar is the fact Bart encrypts files without first connecting to a command-and-control server, Jaff needs to be downloaded to first.

Spam sent to recipients are typically from either Joan or John , according to Proofpoint. Subject lines vary and are brief such as Receipt to print. Message text is sometimes blank or can include short notes such as Please print 2 copies.

The infection process begins with a victim opening the single attached PDF file (nm.pdf) that comes with the messages.

In each case, the file attachment was a malicious PDF document with an embedded Microsoft Word document. When victims open the PDF, they are greeted with a message in the body of the PDF, which will then attempt to open the embedded Microsoft Word document, Cisco wrote. A JavaScript inside the PDF is used to open the embedded Microsoft Word document, however the target is prompted to approve the activity.

At this stage, researchers believe, that by requiring a user to approve the opening of the embedded Word document the attackers are attempting to circumvent sandbox environments used to detect malware.

If the Word document is launched a user is asked to Enable Editing. If approved the Word document executes a VBA macro that acts as the ransomware downloader, Brumaghin, Mercer and Grady said. The script calls on several download domains to retrieve the Jaff payload.

The binary blob downloaded is then XORd using a XOR key embedded within the maldoc, we observed multiple XOR keys throughout this campaign. This is found within the Module3 of the VBA Macro, with the XOR key being d4fsO4RqQabyQePeXTaoQfwRCXbIuS9Q, researchers at Cisco wrote.

Once the XOR process has been completed the actual ransomware file (PE32) is launched using the Windows Command Processor.

According to researchers, the malware cyclesthrough system folders and encrypts them, adding the file extension .jaff. Once infected, ransom instructions include telling the victim to install the full Tor Browser software package in order to access the ransom payment system. It is interesting to note that the instructions do not appear to instruct the user to make use of any sort of Tor proxy service such as Tor2Web, Ciscoresearchers said.

Both Proofpoint and Cisco Talos note that the payment portal victims are taken to look very similar to those used by Locky and Bart. How to buy Decryptor Bart? was changed to How to buy jaff decryptor?, according to Proofpoint.

Read the original here:
New Jaff Ransomware Part Of Active Necurs Spam Blitz - Threatpost

Tor, once known only by network nerds, has now become something of a hot topic. This is thanks largely to the anonymous network's reputation for hosting drug marketplaces like Silk Road, and other unsavoury sites.

But what exactly is Tor? What is it good for? Does it have any legitimate uses? And how can those not versed in the finer details of network technologies actually access it?

08/04/2017:The Tor browser discloses information that a determined attacker could potentially use to identify who uses the browser to surf the web, according to a computer forensic expert.

Dr Neal Krawetz revealed the issues in his blog last week, suggesting that instead of masking the identity of the user through layers of encryption, Tor browsers do give away details about the person surfing the dark web.

The first issue Krawetz encountered is to do with the window and screen size. Most browsers set the window size smaller than the screen size but Tor sets the two as the same. This means JavaScript can immediately detect the Tor browser, making the user vulnerable because they can be denied access to the site.

The second issue he found is that the Tor browser tries to size the Window at 1,000 x 1,000 pixels but if the screen is smaller then it chooses a width that is a multiple of 200 pixels and a height that is a multiple of 100 pixels.

However, on Mac OS, the browser sometimes miscalculates the initial Window size, an inconsistent problem that he puts down to the height of the dock. This means that a user can be profiled: if the Tor browser window size is a multiple of 200 across but not a multiple of 100 tall then it is a Tor Browser on Mac OS X.

The third and last issue is to do with the scrollbar size in the Tor browser. The browser does not normalise the viewport size, so if scrollbars are displayed then the viewport size can be subtracted from the windows size to find out the thickness of scrollbars. This can then be used to find out which operating system a user is on, as different OS's and desktops use different default thicknesses.

Krawetz pointed out the scrollbar thickness for a number of platforms, including: "The Tor browser on MacOS 10.11 uses a default thickness of 15 pixels. The Tor browser on Windows 7/8/10 uses scrollbars that are 17 pixels thick. The Tor browseron Linux uses scrollbars that are 10-16 pixels thick."

He then said that if you can detect the Tor browser - as possible in the first issue, and the scrollbars are 17 pixels thick, then you can work out that it's the Tor browser on Windows. He added: "If the scrollbars are 15 pixels thick, then it's either Linux or Mac OS X (check the window height to distinguish Mac from Linux; see issue #2). And any other thickness denotes Linux."

Krawetz stated how hard it is to report an error to the Tor Project. Even though the project asks on its website and Twitter for users to report security issues, when he has he has usually been met with silence. "Over the last few years, I've tried to report some of these profiling methods (and solutions) to the Tor Project, but each time has resulted in failure," he wrote."Often, my attempts to report a vulnerability or profiling risk has been met with silence."

03/04/2017:Tor browser will rely on more Rust code

The Tor browser will take greater advantage of the Rust programming language developed by Mozilla to keep user interactions more secure, it has been revealed.

Although Tor developers have been gunning for the news for a long time (since 2014, in fact), the Mozilla-powered code will play a bigger role in the secretive browser's future.

According to Bleeping Computer, Tor developers met last week to discuss the future of the private browser and decided to use more of the C++-based code in future, hoping to replace the majority of its legacy C and C++ base in the coming months or years.

"We didn't fight about Rust or Go or modern C++. Instead, we focused on identifying goals for migrating Tor to a memory-safe language, and how to get there," Tor developer Sebastian Hahn said.

"With that frame of reference, Rust emerged as a extremely strong candidate for the incremental improvement style that we considered necessary."

The reason why it decided to make such a big change was because a tiny mistake in the C programming language used in the current version of Tor could have a huge impact on users, Tor developer Isis Agora Lovecruft said on Twitter.

"A tipping point in our conversation around 'which safe language' is the Tor Browser team needs Rust because more & more Firefox is in Rust. Also the barrier to entry for contributing to large OSS projects written in C is insanely high."

13/12/2016:The first sandboxed version of the Tor Browser was released in alpha last weekend, bringing privacy fans one step closer to secure browsing.

Version 0.0.2 of the software was released by Tor developer Yawning Angel on Saturday, who is tackling the project largely single-handed. Official binaries are yet to be released, but early adopters can take it for a spit by compiling the code themselves from GitHub.

The project has been a labour of love for Yawning Angel. "We never have time to do this," he said back in October. "We have a funding proposal to do this but I decided to do it separately from the Tor Browser team. I've been trying to do this since last year."

The efforts have been given new urgency by a zero-day vulnerability in Firefox. Discovered last month, the error was being used to de-anonymise Tor users, as the browser is heavily based on Firefox code.

Sandboxed instances of Tor are different from the normal version in that they run in a self-contained silo. This means that if an attacker uses an exploit against the browser, the amount of data it can collect through it from the rest of the machine and operating system is limited.

However, Yawning Angel has stressed that the software is still a very early alpha, and cannot be trusted to be entirely secure. "There are several unresolved issues that affect security and fingerprinting," he wrote as part of the software's README.

01/12/2016:A zero day vulnerability found in both Firefox and Tor web browsers has been exploited in the wild, allowing attackers to target users for their IP and MAC addresses.

Internet security firm Malwarebytes first discovered the flaw, which was shown to be almost identical to the one used by the FBI to expose Tor browser users in 2013.

"The exploit took advantage of a bug in Firefox to allow the attacker to execute arbitrary code on the targeted system by having the victim load a web page containing malicious JavaScript and SVG code," said Daniel Veditz, security lead at Mozilla, in a blog post on Wednesday.

Hackers were able to exploit Tor and Firefox browsers to send user hostnames and IP and MAC addresses to a remote server identified as 5.39.27.226, which has now been taken down.

"The goal is to leak user data with as minimal of a footprint as possible. There's no malicious code downloaded to disk, only shell code is ran directly from memory," said Jerome Segura, lead malware intelligence analyst at Malwarebytes.

"Browsers and their plugins remain the best attack vector to deliver malware or leak data via drive-by attacks," added Segura.

Malwarebytes recommend users adjust the security settings of their Tor browser to 'High' within the privacy settings, which will thwart any similar attacks of this kind. Users running the Malwarebytes Anti-Exploit tool will already by protected from the vulnerability. Both Mozilla and Tor have released patches to address the security flaw.

The term Tor can be used to refer to both the anonymous Tor network and the Tor Browser software used to access it. Designed for privacy and anonymity, it is used by journalists, hackers, privacy campaigners and criminals alike, and with around 2.5 million daily users, its the internets biggest avenue of anonymous online activity,

The systems aim is to prevent a users web activity (such as traffic, communication and search history) from being externally traced, usually by government or law enforcement agencies. Its commonly used to access whats known as the Dark Web hidden servers which are often used to host black market transactions.

Tor was originally known as The Onion Router, so named because it uses onion routing encryption protocols. This essentially functions like pass-the-parcel; data packets sent through Tor are secured with multiple layers of encryption.

They are then sent in a randomised pattern through Tors network of volunteer relay nodes. At each point in the relay, a layer of encryption is peeled away, which reveals the next point in the chain. Once the last layer of encryption has been removed, the data is passed on to its intended destination.

The key factor here is that each relay in the chain can only see the network location of the node immediately before and after it the one it received the data from, and the one its sending it to.

This means that at no point along the chain are both the sender and recipients network details visible at the same time, and thus cant be linked.

Tor is simply a network system, and can be used to provide untraceable access to any internet service or website. Its often used as an innocent precaution by those who dont want their actions traced by increasing levels of online government surveillance.

However, Tor also has a sinister side: the Dark Web. For obvious reasons, the prospect of untraceable web activity has proved very attractive to certain elements of society, and Tor has now become synonymous with varying levels of criminal activity.

Almost all of this activity occurs on servers inaccessible via standard web connections, known as hidden services. These servers are configured to only accept traffic coming from the Tor network, ensuring anonymity for both the servers operator and its users. They are also inaccessible from standard browsers.

Hidden services are extremely popular for the trade and distribution of illegal or objectionable materials. According to a study by Dr. Gareth Owen, narcotics alone are the subject of around 15 per cent of hidden services on the Dark Web, with hacking, fraud and counterfeiting all being popular topics.

Infamous Dark Web marketplaces like Silk Road and Evolution have brought this topic to the fore, and law enforcement agencies are becoming increasingly more aware of these services. The Tor network has apparently remained secure so far, but the US government, in particular, is heavily invested in cracking Tors integrity.

While many use the Deep Web and the Dark Web synonymously, important to note the distinction between the two.

As defined by Michael K. Bergman in his 2000 paper on the subject, the Deep Web refers simply to content that is not indexed by search engines, and thus extremely difficult for the average user to find.

The Dark Web, by contrast, is designed to be hidden from the rest of the internet. It consists of darknets; sub-sections of the internet which can only be accessed through systems like Tor.

The Dark Web is largely comprised of illegal or antisocial activity, while the Deep Web is often made up of innocuous but irrelevant web pages, such as archived content, multimedia elements or non-linked pages.

If youre looking to use Tor, be it for exploring the Dark Web or just for a little extra privacy, the first thing youll need is the Tor Browser, downloaded through The Tor Projects website. Its designed to be the best way to use Tor and is specially-configured to encrypt and protect your web traffic.

Available for Linux, Mac and PC, just download the Tor Browser installation file from the Tor Projects website, install it like any other browser, and following a brief setup, youll be all set to use Tor.

Youll also need a little patience. The relay method that makes Tor secure also means that its not quite as fast as a regular broadband connection, so you might find yourself waiting longer than usual for pages to load.

If youre just looking for the security of knowing no-one will be able to trace your everyday internet activity, then youre now all set to use Tor. Simply browse as normal, and the Tor network will do all the work to ensure that youre kept safe from prying eyes.

If you want to dive into the murky territory of the Dark Web, however, youll need to do a little homework first. Its not quite as simple as users may be used to, and given its dangerous nature, its best to go in prepared.

Before you do anything else, wed advise anyone thinking of engaging in any Dark Web activity to ensure theyve got the most up-to-date security possible; you never know whos out there, after all. Also, be very, very careful not to accidentally break any laws, and make sure you know where youre browsing to.

Once youve got Tor set up, youll need to start looking for Dark Web sites. Unlike regular websites, Tors hidden services arent accessible through regular web searches and dont have conventional web URLs.

Instead, theyre accessed through .onion addresses, which are 16-character alphanumeric strings, randomly generated when the hidden service is created. The .onion address for The Tor Projects homepage, for example, is http://idnxcnkne4qt76tg.onion/

Unless you know its specific address, you wont be able to access the hidden service. Some are a closely-guarded secret, but many of the more common Dark Net sites (both criminal and legitimate) are catalogued by directories like The Hidden Wiki, available as both a regular website and a hidden service.

There are also basic search engines like Torch, which crawl and index Dark Web sites based on content. Theyre nowhere near as sophisticated as regular search engines, though and are at a disadvantage due to the Dark Webs clandestine nature.

Of course, there are ways to access Dark Web sites without using the Tor Browser itself. Tor2Web is a project that uses Tor-based proxies to let users access Tor hidden services without using the Tor Browser itself.

With a standard web browser, adding the suffixes .to, .city, .cab or .direct to the end of any .onion Tor link will send your connection through to a proxy server configured to use onion routing protocols. This server will then visit the address on your behalf, and relay the page contents back to your browser.

However, while this method is far easier than installing the Tor Browser, it is inherently traceable and provides no anonymity to the user. Using the dedicated browser remains the safest method of traversing the Dark Web for anyone with more than an academic interest in its contents.

The rest is here:
Three vulnerabilities allow spies to detect Tor browsers - Cloud Pro

Tor (The Onion Router) Browser hides your activity and location online by routing all your browsing through multiple anonymous servers, thereby concealing where you are and making it hard (but not impossible) to identify whos doing what online. That means its a good way to access sites that repressive authorities dont want people to see, for whistleblowers to report corruption and illegal activity without getting fired or worse, and to access the deep web.

The deep web is an internet within the internet, not indexed by search engines, and sites ending with the .onion suffix and can only be accessed via Tor. As youd expect, some of those sites are secret for perfectly good reasons - theyre sharing information that someone, somewhere doesnt want shared - but others are secret because theyre fantastically illegal. Browse at your peril and remember that Tor Browser makes it hard to find you, but doesnt offer 100% unbreakable anonymity. In fact, just using Tor may flag you as a person worth watching, and it's banned on many public networks.

There are plenty of legitimate uses though, and not just if youre a political activist. Tor can give you internet access when your internet provider's DNS servers are kaput, and it can keep your browsing free from the advertising trackers that infest so many sites.

Tor Browser looks like Firefox and works like Firefox because it is Firefox. Its not as fast, though: onion routing makes all of your traffic move around much more than in a regular browser, which slows things down considerably.

Its important to realise that Tor cant protect you from risky behaviours, so for example if you run plugins in the browser they may affect Tors ability to protect your privacy. Its crucial that you dont submit information to sites that dont display a blue or green button in the browser address bar to indicate a secure https connection, for example.

Read the original here:
Tor Browser - TechRadar

Dr. Neal Krawetz reported on his blog, The Hacker Factor, that he identified problems in the Tor browser that may be working against the anonymity networks stated goals. These issues cause the browser to disclose information that could potentially allow threat actors to profile Tor users.

Krawetz looked beyond the user string information provided by the browser in routine communications. While this string information is the same in all Tor browsers to enhance privacy, he looked at other parameters that the browser shared with a site, including screen size, window size and scrollbar thickness. These factors can vary depending on the OS, but its possible to ascertain user patterns by observing them.

For example, a normal browser setting has a window size that is less than the size of the screen; but Tor sets them equal to each other as part of its security stratagem. If a browser communicant notes that the two parameters have equal value, it are more likely to infer that it is dealing with a Tor setup. Krawetz also noted that the macOS Tor browser miscalculates the window size because of the dock menu on the screen.

Additionally, the scrollbar size value is unique for each version of Tor. Bleeping Computer reported that there is a default scrollbar thickness in macOS of 15 pixels, while scrollbars are 17 pixels thick in Windows 7, 8 and 10. Linux can vary between 10 and 16 pixels.

In 1883, Auguste Kerckhoffs formulated six principles for his military cryptography theory. One aspect states that a system must not rely upon secrecy, and it must be able to fall into the enemys hands without disadvantage.

The principle has been widened in use throughout the security field and remains as relevant as ever. In cybersecurity parlance, making some part of a system obscure will not, in turn, make it secure. If just finding something can defeat the system, you have already lost, and your system is not as secure as you believed.

Krawetz identified patterns that could tell an attacker that Tor is being used for communication. Kerckhoff would likely say, So what? Im using Tor and you still cant identify me.

While Krawetzs threat model can be productive, Tor was never truly designed to hide the fact that it was being used. Rather, it was developed to conceal individuals use patterns.

Even with these parameters invoked, each OS variant of the Tor browser should look like any other. Ultimately, the Tor browser will still function the way it is supposed to.

Read the rest here:
Tor Browser Profiles Itself - Security Intelligence (blog)

Even among somewhat sophisticated privacy professionals and lawyers, the Tor Browser is sometimes a bit of a mystery. What is Tor, is it even legal, and, if so, what are the pros and cons associated with Tor? At a fundamental level, Tor is actually quite simpleTor protects the privacy of its users by spreading communications across of a series of servers around the world to make it difficult to determine who or where the individual user is. Tor is a volunteer operation and it is available to anyone willing and able to download the free software from Tors Web site.

In some circles, using Tor has taken on a negative connotation because (not surprisingly) individuals engaged in nefarious activities online have turned to Tor as a way to mask their identities. But there is nothing per se illegal about using Tor, and it can be a legitimate way to avoid unwanted digital tracking from corporations and circumvent censorship in countries under the thumb of oppressive regimes. In fact, the U.S. State Department has contributed millions of dollars over the years to help with the development of Tor in the interest of encouraging free speech in other countries.

Of course, the U.S. government also has a strong desire to be able to pierce through the anonymity of Tor when it suits the governments objectives the NSA has been battling with Tor developers for years to gain the upper hand in cracking anonymity, and information originally revealed by Edward Snowden allegedly shows that an NSA surveillance program may track anyone who has ever used Tor.

So what happens when law enforcement officials with legitimate motives for example, pursuing child pornographers are stymied by this sort of technology? According to a report earlier this week in the ABA Journal, innocent people may be caught in the crossfire of a digital war, often with no idea what is going on. The ABA Journal article provides examples of police executing search warrants and attempting to make arrests based on IP address information that turned out to be inaccurate. In an effort to prevent these sorts of situations, Tor has created ExoneraTor, which can be used to see if an IP address on a certain day was used as an exit relay. According to Tor, if you see traffic from a Tor relay, this traffic usually originates from someone using Tor, rather than from the relay operator. But for this to be effective, law enforcement has to realize that lead is a dead end and as the ABA Journal article correctly observes, it is unreasonable to expect police officers nationwide to have this level of technical knowledge, particularly when some in the privacy community are still behind the curve.

Tor can lead to a spirited debate on many different fronts, but the one thing that seems beyond dispute is that Tor and other tools like it are not going anywhere. It is therefore critical that privacy lawyers and other privacy professionals develop a strong working understanding of Tor so that they can properly advise their clients.

This is the third in a series of blog articles relating to the topics to be discussed at the 30th Annual Media and the Law Seminar in Kansas City, Missouri on May 4-5, 2017. Blaine C. Kimrey and Bryan K. Clark are on the planning committee for the conference. In this article, we discuss the Tor Browser and its relationship to privacy laws. Tors impact on anonymous speech and the tension between First Amendment rights and online threats to reputation, privacy and public safety will be among the topics discussed at the 2017 seminar.

Read more:
Tor Presents Compelling Privacy Puzzle - The National Law Review

Tor Browser is perhaps the single most accessiblepiece of software you can use to keep your online activities private and anonymous, while at the same time enhancing your security.Its also incredibly easy to use, using as it does, a modified version of Mozillas Firefox browser.To put it simply, if you can use Google, you can use the Tor Browser.

Firstly, Tor itself is an acronym and an analogy.It stands for the The Onion Router, the idea being that like an onion, Tor has many layers of encryption and protection built into it, that make it easy for you to become anonymous online, and make it next to impossible to track you, and your activities.

In real terms, Tor has been designed to stop anyone, including government agencies, Internet Service Providers, and corporations from learning your location, and from consequentlytracking your browsing habits and selling that data on.

Proof of just how effective the Tor Browser, and the Tor network it runs on can be proved by the fact that lots of journalists, activists, law enforcement professionals, whistle-blowers and businessesalluse it.Normal people like you and me who want to keep their activities safe and private from websites and advertisers use it as well.

The protocol behind how Tor works was originally designed for the US Navy as a way of being able to use existing communications networks around the world securely. The US Navy still uses it today.

Tor Browser works by first of all encrypting the web traffic you send out into the Internet. It then routes all your web traffic through the Tor network, a series of relays or nodes run by thousands of volunteer computers around the world taking different routes each time. This makes it extremely hard for anyone to identify the source of the information and next to impossible to track the user. While thats a ridiculously simple analogy of how Tor works, it pretty much covers all the bases.

Very. You dont really need to know anything about encryption or how it all works. Tor is also based on the not-for-profit Mozilla Firefox browser, looks good, and crucially, is simple and easy to use.

Tor Browser is also 100% free, open source, and you can download the latest version completely free right here on Filehippo.com. Isnt that great?

See more here:
Tor Browser: Private And Anonymous Browsing Made Simple - FileHippo News

Im very privacy-minded. Ive written quite frequently about securing your browser and network on the Mac. I figure its about time to give the iPhone some loving, since there are a number of ways to make sure you have a good experience browsing while keeping things private. Lets look at some of the methods for doing that and Ill give you my not-so-humble opinion about which one is best.

If you want to lock up your Internet security and privacy, is a Tor browser really the answer? (Image Credit: HypnoArt

Before you do anything else, you should make sure your network is secure. This even applies to your cellular network, so you might wonder what you can do about it. One important step is to use a Virtual Private Network, or VPN.

There are plenty of commercial VPNs out there. You could go with TunnelBear, for one, or Astrill VPN. You might also choose to set up your own private VPN for your personal use.

If you dont already know about it, the Tor browser is built from the ground up to anonymize your browsing experience. Tor directs Internet traffic through a worldwidefree volunteer network consisting of more than seven thousand relays, for free. It will conceal a users location and usage from anyone conducting network surveillance or traffic analysis. There are plenty of iOS Tor clients out there, so lets cover a few of them.

The one thingyoull need to bear in mind about Tor browsers is that its pretty common for major internet sitesto blacklist them, forcing you to endure Captchas to no end. From most of my research, including a rare answer from Stack Exchange itself, this is because of the wide variety of nefarious individuals who use Tor to mask themselves as they carry out dastardly deeds on the internet. StackExchange referred to them as spammers, trolls and psychopaths.

The first one isnt a browser at all, but one that changes settings in your iPhone so that your internet traffic redirects through the Tor network. This is a decent option, but its notably slower than my own VPN. Id give this a three out of five; it does what its supposed to, but remarkably slower than most of us would like. To make matters worse, Mr. Whoer reports that the IP address I get through Black Mesh is infected with a Trojan. Black Mesh is available for $1.99 on the App Store.

Red Onion gets its name because Tor was originally an acronym for The Onion Router. It redirects your internet browsing through the Tor network, and automatically cleans up cookies when you exit the app. You can also protect your browser with a password or Touch ID, so you dont have to worry so much about your privacy being invaded through physical access to your device. Its not perfect, though. Red Onion defaults to use Bing as its search engine, and Google wont work through the browser at all, in my experience. Also, when you tap inside the address field, it doesnt highlight the text. This one, too, is blacklisted, according to Mr. Whoer. Red Onion is a 3.5 out of five, in my opinion. The app costs $1.99 on the App Store.

Ill just call this one the Purple Onion Browser, even though a number of Tor clients have a purple icon. This is another option, and is a bit more feature-rich than some other Tor browsers. It defaults to DuckDuckGo for its search engine, which is good, and allows you to quickly change your identify, if you need to. Secret Secure Web Browser seems a bit faster than other options, but still not as quick as connecting through my VPN and using Safari. Yet again, another Tor browser that shows being infected with some sort of Trojan, and thus blacklisted. Secret Secure Web Browser is, in my estimation, a four out of five. If you want to try it out, this app is free on the App Store.

Ive tried a number of other Tor browser clients, and the experience was always the same. Browsing was fine, but slow. For my own purposes, Im going to stick with my VPN connection and use DuckDuckGo for my search engine. That prevents both my internet service provider from tracking me, as well as my search engine. Thats private enough, dont you think?

Excerpt from:
A Tor Browser Might Not Be Your Best Solution for Internet Privacy - The Mac Observer

Introduction

If you want to keep your web browsing private, you can use the Incognito mode in Chrome, Private Browsing in Firefox, InPrivate mode in Microsoft Edge, and so on. While this will prevent other people who use your computer from seeing your browsing history, it doesn't prevent your ISP from monitoring the sites you are visiting. You might well want to for any number of reason browse the internet completely anonymously, and this is precisely what Tor Browser offers.

Standing for The Onion Router, Tor offers multiple levels of protection to ensure that your online activities, location and identity are kept entirely private.

Start by downloading and installing Tor Browser. Click Finish once the installation is complete, and Tor will launch for the first time. You'll be greeted by a settings dialog that is used to control how you connect to the Tor network.

In most cases you should be able to just click the Connect button, but if you connect to the internet through a proxy you will need to click the Configure button to enter your settings.

There will be a slight delay while Tor establishes a connection to the network via relays the program warns that the initial connection could take as long as several minutes but once this connection has been made, the Tor browser will launch ready for use.

Tor is based on the same code as Firefox, so if you have used Mozilla's web browser everything should seem fairly familiar. Even if you haven't used Firefox before, it should not take you long before you start to feel at home it's not so different to the likes of Edge, Chrome and Internet Explorer.

Before you get started, it's worth noting that using Tor Browser is a balancing act between privacy/security and web usability. By default, security is set to Low although this is still far more secure than any other web browser.

If you would like to increase this, click the green onion icon to the left of the address bar and select Privacy and Security Settings. Use the Security Level slider to choose your preferred level of protection, bearing in mind the warnings that appear about the features that may stop working on the sites you visit.

In order to get the most from Tor, you need to change a few of your browsing habits the first of these is the search engine you use.

Rather than opting for the likes of Google and Bing, the recommendation is that you instead turn to Disconnect.me. This is a site that prevents search engines from tracking you online, and you can use it in conjunction with Bing, Yahoo or DuckDuckGo.

While we're on the subject of changing habits, you also need to avoid installing browser extensions, as these can leak private information.

As you browse the internet, the Tor browser helps to keep you secure by avoiding directly connecting to web sites. Instead, your connection is bounced around between multiple nodes on the Tor network, with each jump featuring anonymizing.

This not only makes it all but impossible for a website to track who and where you are, it is also responsible for the slightly slow performance you will notice while browsing with Tor.

You can protect your privacy even further by clicking the green onion button and selecting the 'New Tor Circuit for this site' option which will force Tor to find a new route to the site.

The new circuit option only applies to the current active tab, and it may be that you want a more drastic privacy safety net. Click the green onion button and select 'New identity', bearing in mind that this will close and restart Tor in order to obtain a new IP address.

When you connect to a site using Tor, you may notice that a popup appears warning you that a particular site is trying to do something that could potentially be used to track you. Just how often these messages appear will depend not only on the sites you visit, but also the privacy settings you have in place.

An important part of staying safe and anonymous online is ensuring that you use the HTTPS rather than HTTP versions of websites. So you don't have to remember to do this for every site you visit, Tor Browser comes with the HTTPS Everywhere extension installed by default. This will try to redirect you to the secure version of any website if it is available, but you should keep an eye on the address bar as an extra safeguard.

If you are connected to a secure site, you will see a green padlock icon. If this isn't present, click the 'i' icon for more information.

The most secure way to connect to the internet through Tor, however, is to visit .onion sites. These are also known as hidden Tor services, and they are inaccessible to search engines; to find them, you have to visit them directly.

To help you to find such sites, there are a number of .onion directories out there. These sites can only be accessed using Tor, but you do need to take care it's quite common to come across sites with illegal contents, or promoting illegal activities.

Original post:
How to protect your privacy online with Tor Browser - TechRadar

Keeping your data to yourself on the internet is hard, and it's getting tougher every day. With the recent decision by Congress to let internet service providers continue to run wild with your browsing data without you knowing, a lot of people are pissed (and the ones who aren't probably should be). While it's true that a lot of us give up data in exchange for services (think Google, Facebook, and other applications), an ISP is different. Without an ISP you can't get online at all. Your wireless provider, cable company, or copper-wire telco generally set prices in a vacuum and are the first gatekeepers between you and your Steam account.

So if you're not too keen on companies scooping up your data, there are some things you can do to protect your privacy. There are also some common practices that don't do much at allit's important to know what works and what doesn't when it comes to protecting yourself online.

Know your priorities

Protecting your privacy and securing your identity can very easily take you down a rabbit hole of computer science paranoia. Instead of mulling over what algorithms are going to break in the next ten years, you'll benefit a lot more from concentrating on what your actual priorities are.

The first thing to do is know your adversary. Who, exactly, are you trying to protect your data from? If it's a person who might be trying to break into your email account, that takes one set of privacy and security measures. If you're looking to keep companies from selling your data, that's another set of priorities. If you're looking to evade a government's surveillance, you'll have to work a lot harder to keep yourself invisible online.

In this guide, I'm going to focus on keeping data out of the hands of companies who might want to resell it.

Private Browsing (Firefox) or Incognito Mode (Chrome) may make you feel safe, but they actually don't do much to stop companies from tracking you. These browser features basically open up fresh tabs or windows without access to your history, cookies, or cache. If you're usually logged into Google or Facebook, using Incognito Mode or Private Browsing will basically treat your browsing session as though you're not logged into anything, and will clear any accumulated cookies or cache when the windows is closed. Just like any other session, a service can track you the minute you log in.

This mode is really useful when using public computers (like at a library or school campus). But if you're trying to keep ISPs from snooping, it won't help at all. Additionally, if you use Google for a search, Google can still use some information about you (search terms, geolocation, time of day), though it generally won't be tied to your identity. That is, unless you use it at home.

A recent addition to Firefox's Private Browsing includes a tracking protection feature similar to Privacy Badger, an add-on from the Electronic Frontier Foundation that "stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web."

Most modern browsers now come with a 'Do Not Track' signal that they can send to websites with every request. While DNT is often hidden in the options of your browser, enabling it lets a web server know that you don't want cookies served up that can be used to track you. It's a good step forward, and is generally transparent to the user.

Here's how to enable it:

Your first real tool in the privacy battle is the trusty virtual private network (VPN). A VPN is an encrypted connection that allows you to connect to a network over the internet in a way that treats your connection as though you were a part of that local area network (LAN). A VPN is really useful for companies, as workers can access shared drives, printers, and other resources from home. It's also a great privacy tool.

Since a VPN provides an encrypted tunnel to a remote location, the traffic between your PC and the VPN cannot be read by an intermediary. However, any unencrypted internet traffic going in and out of the VPN could still be intercepted and deciphered. Additionally, all of your outgoing traffic will appear to come from the VPN server's IP address. This makes the VPN an ideal method for getting around censorship and hiding most of your internet traffic. This is also why I recommend using a VPN when connecting to any open Wi-Fi hotspot, since open Wi-Fi does not encrypt your internet traffic.

There are plenty of pitfalls when dealing with VPNs, though. The first and most important thing to know is that a VPN provider can see all of your traffic. Needless to say, while you can use your employer's VPN to hide your IP from your home, your employer can see everything you do while connected to it, so act accordingly.

When you're using a third party VPN provider, you're offloading trust from your ISP and placing it onto your VPN provider. VPN providers are no more regulated than any other web service you might use, so it behooves you to read up on a provider's privacy policy. (Yeah, the fine print stuff that you always skip and just click "agree".)

When choosing a VPN, look for VPNs that don't log traffic, and don't retain or sell any data. Generally, all VPNs will have to respond to requests from law enforcement. However, a VPN provider that doesn't keep logs won't have much to show when authorities come knocking. I personally use Private Internet Access, but do your own research and read over privacy policies before choosing a provider.

You may be able to use a VPN for gaming, but some providers only allow traffic on commonly used internet ports (like HTTPS or IMAP, for instance). When choosing a VPN, be sure to find out if they open up TCP and UDP ports that games may need to communicate. Also, keep in mind that using a VPN while gaming can introduce latency.

Finally, the IP addresses of VPN providers are widely known, so a web service will know if you're connecting via a VPN.

The Tor browser has widely been touted as a method to secure your browsing. Tor is short for The Onion Router, and basically hides your IP by relaying your web requests through a network of proxy servers called relays or nodes. When accessing a website outside of the Tor network (all Tor sites end in .onion), the only node that can see the outgoing traffic is called an exit node, which makes the request to the appropriate site (like google.com).

Tor is a great method for browsing anonymously, so long as you're not trying to do something that would send the FBI right to your door. Since Tor is open-source and anyone can operate a Tor node, you better believe the U.S. government (and presumably others) operate Tor exit nodes. On top of that, using Tor can raise eyebrows from governments, which can attract closer scrutiny of traffic. Of course, the more people that use Tor for not-so-shady browsing, the less scrutiny it will warrant.

As long as you're not trying to sell drugs or look up child pornography, using Tor is generally a good way to keep yourself anonymous. To use Tor, you'll need the Tor browser, which is basically a modified version of Firefox. The Tor browser comes standard with Tails, a Linux distribution built for anonymity and security.

Although I can't remember the last time I had one of my PCs become bogged down with porno popups, malware is another thing to keep on the lookout for. Instead of selling you live sex shows, today's malware aims to read your browsing data and resell it to third parties.

By keeping your anti-malware software up-to-date, you can reduce the chance of having your PC infected by this stuff. You should also keep your system updated with the latest Windows updates and browser software. Both Mozilla and Google are very proactive about keeping their browsers secure, and keeping them updated means that you have the latest patches to known exploits.

One of my favorite browser extensions is Privacy Badger, mentioned earlier. Privacy Badger is open source, which means there's no proprietary secret code you have to worry about. Second, Privacy Badger is holistic. It will look for code, cookies, and other things that look like they're trying to track you and block them out. A system of sliders allow you to set what's allowed and what's not.

While Privacy Badger is awesome, some websites are so full of advertising code and scripts that it can be hard to sort out the good from the okay from the bad. On numerous occasions, Wired's website has ceased to work when attempting to read a story while I had Privacy Badger turned on. Only by temporarily disabling it was I able to read the story.

While ISPs may be able to do whatever they want for now (thanks Congress), you can still exert some control over the other services you use. Take some time to think about all the services you've signed up for. Each one of them has their own privacy policy, and by using that service you're agreeing to it.

If you find yourself using a service that makes you uneasy when you look at its privacy policy, find ways to opt out. Find alternative services, where you can. Duck Duck Go, for instance, offers web search that doesn't collect personal data.

If you're lucky enough to live in a place with more than one ISP, look for alternative providers too. Here in the Bay Area, the ISP Sonic has a privacy policy that vows to never sell your personal information, and only retain connectivity logs for 14 days. (They even abide by the DNT signal from browsers.) A lot of the U.S. sadly isn't lucky enough to have several ISPs vying for their dollars, so options like this might not be available for you. We're sorry if Comcast has a monopoly in your area.

I have to admit, Chromium Home is my default browser on my Linux machines, and I default to Chrome on Windows. But as far as privacy is concerned, Firefox is the winner. Unlike Google's Chrome, Firefox is completely open source, which means the entirety of its code can be inspected. While Chrome is based on the open source Chromium, Chrome can and will phone home to Google with usage statistics and other information. Opera also claims to be a privacy-focused browser and includes a free VPN built in, though it's not open source like Firefox.

If Google Chrome's privacy policy gives you the willies, consider switching.

Wherever you can, you should prefer HTTPS (also known as SSL or TLS) when browsing online. TLS traffic is encrypted so that only the recipient and server can see the data that's being transmitted. It's the reason why your bank's website and Amazon orders are secure. Even where security isn't paramount, more websites are starting to use TLS/HTTPS in order to simply protect users' privacy. Google thinks it's a good idea too, and started ranking HTTPS websites higher back in 2014. The EFF offers an HTTPS Everywhere browser extension that tries to use HTTPS wherever possible.

HTTPS isn't perfect, however. An ISP (or VPN provider) can see the requested URL, so HTTPS by itself doesn't ensure total privacy.

At the end of the day, we all give up some privacy for the sake of convenience. The real trick is knowing how much you're willing to inconvenience yourself in order to retain some of that privacy. For some, going full-bore with a VPN, Tor, and being a social media hermit is the only way to go. Some people may not care at all.

Most of us will take the middle road and find a nice warm spot somewhere between the two extremes. Until we pass laws that say that user data should be private by default, read the fine print and take measures that are appropriate. Good luck out there.

See the original post:
How to protect your privacy and PC online - PC Gamer

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody from watching your Internet connection and learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

Changes in Tor Browser 6.5.2:

This release features important security updates to Firefox.

This should be the last minor release in the 6.5 series. This release updates Firefox to 45.9.0esr, Noscript to 5.0.2, and HTTPS-Everywhere to 5.2.14. Moreover, Tor Browser 6.5.2 includes a fix for the broken Twitter experience and worked around a Windows related crash bug.

Here is the full changelog since 6.5.1:

All Platforms

Windows

Download: Tor Browser 6.5.2 | 49.0 MB (Open Source) View: Tor Browser Website

Read more from the original source:
Tor Browser 6.5.2 - Neowin