Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Tor Implements Improved Anonymity Protection

The Tor (The Onion Router) browser is looking to enhance the security of its users by employing new features aimed at preventing deanonymization attacks against them.

The Tor (The Onion Router) browser is looking to enhance the security of its users by employing new features aimed at preventing deanonymization attacks against them.

While Tor has been long focused on improving its security features to ensure users benefit from the privacy levels they are looking for, many have been trying to crack these security measures in an attempt to locate users. The FBI, for example, has been abusing bugs in the underlying Firefox browser to compromise the anonymity of Tor users, but that might no longer be possible soon.

Now, researchers from the University of California, Irvine (UCI), say that an enhanced and practical load-time randomization technique can be used in Tor to defend against exploits. Called Selfrando, the solution should improve security over standard address space layout randomization (ASLR) techniques employed by Firefox and other mainstream browsers at the moment, the researchers explain in a paper.

“We collaborated closely with the Tor Project to ensure that selfrando is fully compatible with AddressSanitizer (ASan), a compiler feature to detect memory corruption. ASan is used in a hardened version of Tor Browser for test purposes. The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing,” the security researchers say.

According to them, Selfrando is meant to counter code reuse exploits, which involve an attacker trying to exploit a memory leak to reuse code libraries that already exist in the browser. The exploit allows an attacker to rearrange code in the application’s memory to have the malware up and running.

At the moment, browsers randomize the locations of code libraries as a security measure, but attackers who know where certain functions are located within the application’s memory space can abuse these functions to run malicious code. With the help of Selfrando, however, the random address space for internal code is created in such a way that attackers can’t exploit it as easily as before.

The researchers explain that their framework makes the program binary randomize itself at load time, and that they chose function permutation (ASLP) as the randomization granularity. Researchers also pre-compute function boundaries statically and store the necessary information in each binary, a method called Translation and Protection (TRaP) information.

Starting on May 13, the hardened nightly builds of the Tor browser benefit from Selfrando, researchers also say. They also explain that they worked closely with the Tor developers to ensure the new load-time randomization tool is easily integrated in the anonymity browser. Moreover, the researchers explain that the performance of the browser hasn’t been impacted: the feature resulted in a less than 1% overhead to running times.

Tor has long been the browser of choice for a broad range of individuals, including journalists, activists, researchers, and other people looking to maintain their anonymity online. In January, Tor raised over $200,000 in its first crowdfunding campaign, and invested the money in improved security features, such as those included in version 6.0, which was released at the end of May.

Related Reading: Mozilla Pushes for FBI Disclosure of Tor Browser Zero-day

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...