Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Alpha Version of Sandboxed Tor Browser Available for Linux

The Tor developer known as Yawning Angel announced over the weekend the availability of the Sandboxed Tor Browser, a version designed to offer an additional layer of security to users who value their privacy.

The Tor developer known as Yawning Angel announced over the weekend the availability of the Sandboxed Tor Browser, a version designed to offer an additional layer of security to users who value their privacy.

The Sandboxed Tor Browser, whose prototype was first announced in September, is currently in what Yawning Angel calls the “non-developer alpha version.” The source code has been made available and official binaries are expected to be released sometime this week.

Sandboxed Tor Browser 0.0.2 is likely to have bugs and there is some broken functionality. The application only works on Linux systems as it leverages bubblewrap, a sandboxing utility for Linux.

“There are several unresolved issues that affect security and fingerprinting. Do not assume that this is perfect, merely ‘an improvement over nothing’,” the developer noted. “If you require strong security, consider combining the sandbox with something like Qubes, Subgraph or Tails.”

Yawning Angel said he decided to create a sandboxed version of the Tor Browser for two main reasons: for the challenge, and because of the threat posed by “attackers,” including U.S. authorities, which have increasingly tried to unmask Tor users.

Sandboxing the Tor Browser should offer increased security for users as the sandbox traps exploits and prevents them from accessing files, real IPs and MAC addresses from the host.

Yawning Angel, who is a long-time Tor developer, is at his third attempt to create a sandboxed version of the browser – the first two attempts failed, but he is confident that this time it will work.

“We have a funding proposal to do this but I decided to do it separately from the Tor Browser team,” the developer explained a couple of months ago. “I’ve been trying to do this since last year.”

Advertisement. Scroll to continue reading.

While Yawning Angel’s variant will only work on Linux due to the fact that it’s based on the Linux utility bubblewrap and sandboxing is OS specific, the Tor Browser team is looking at the possibility of creating an OS X version as well. A Windows version is also being considered in the long term.

Related: DNS Data Can Help Attackers Deanonymize Tor Users

Related: Tor Implements Improved Anonymity Protection

Related: Tor Rival Riffle Promises Anonymity Improvements

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.