The Tor (The Onion Router) browser is looking to enhance the security of its users by employing new features aimed at preventing deanonymization attacks against them.
While Tor has been long focused on improving its security features to ensure users benefit from the privacy levels they are looking for, many have been trying to crack these security measures in an attempt to locate users. The FBI, for example, has been abusing bugs in the underlying Firefox browser to compromise the anonymity of Tor users, but that might no longer be possible soon.
Now, researchers from the University of California, Irvine (UCI), say that an enhanced and practical load-time randomization technique can be used in Tor to defend against exploits. Called Selfrando, the solution should improve security over standard address space layout randomization (ASLR) techniques employed by Firefox and other mainstream browsers at the moment, the researchers explain in a paper.
“We collaborated closely with the Tor Project to ensure that selfrando is fully compatible with AddressSanitizer (ASan), a compiler feature to detect memory corruption. ASan is used in a hardened version of Tor Browser for test purposes. The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing,” the security researchers say.
According to them, Selfrando is meant to counter code reuse exploits, which involve an attacker trying to exploit a memory leak to reuse code libraries that already exist in the browser. The exploit allows an attacker to rearrange code in the application’s memory to have the malware up and running.
At the moment, browsers randomize the locations of code libraries as a security measure, but attackers who know where certain functions are located within the application’s memory space can abuse these functions to run malicious code. With the help of Selfrando, however, the random address space for internal code is created in such a way that attackers can’t exploit it as easily as before.
The researchers explain that their framework makes the program binary randomize itself at load time, and that they chose function permutation (ASLP) as the randomization granularity. Researchers also pre-compute function boundaries statically and store the necessary information in each binary, a method called Translation and Protection (TRaP) information.
Starting on May 13, the hardened nightly builds of the Tor browser benefit from Selfrando, researchers also say. They also explain that they worked closely with the Tor developers to ensure the new load-time randomization tool is easily integrated in the anonymity browser. Moreover, the researchers explain that the performance of the browser hasn’t been impacted: the feature resulted in a less than 1% overhead to running times.
Tor has long been the browser of choice for a broad range of individuals, including journalists, activists, researchers, and other people looking to maintain their anonymity online. In January, Tor raised over $200,000 in its first crowdfunding campaign, and invested the money in improved security features, such as those included in version 6.0, which was released at the end of May.
Related Reading: Mozilla Pushes for FBI Disclosure of Tor Browser Zero-day