It’s all gravy for the onion router as Tor Browser beefs up security

Tor has beefed up security,  but does this make it a safe environment for those looking to be anonymous online?

Tor Browser 7.5 has been released this week complete with a bunch of security fixes that have already been rolled out to the Firefox Extended Support Release (ESR) 52.6 client it is built upon. Firefox ESR is similar to other versions of the Mozilla browser client, but doesn’t update as frequently apart from the regular security updates.

Earlier this month the latest version of Tor itself, 0.3.2.9, was also released and also included a bunch of security updates, including: better crypto, improved directory protocol (less information leakage to directory servers and smaller attack surface for targeted attacks) and better onion address spoofing protection. Security fixes include a denial of service bug using malformed directory objects to “cause a Tor instance to pause while OpenSSL would try to read a passphrase from the terminal” and another where an attacker could “crash a directory authority using a malformed router descriptor.”

Click here to read complete article

4 thoughts on “It’s all gravy for the onion router as Tor Browser beefs up security

  • February 16, 2018 at 9:17 AM
    Permalink

    Anyone with any sense would understand that the feds have pwned Tor for years.

    Reply
  • February 16, 2018 at 12:34 PM
    Permalink

    Well, it’s common knowledge that Tor exit nodes are a weak point and the FBI (amongst others) have been exploiting that for a number of years. That doesn’t mean that Tor cannot be used relatively securely, relatively easily. It rather depends on what you want to do while using it and what your privacy demands are. As well as factoring in the fact that security, privacy and anonymity are all rather different beasts of course.

    Reply
  • February 18, 2018 at 9:27 AM
    Permalink

    What do security privacy and anonymity have in common? They are all an illusion.

    Reply
    • February 19, 2018 at 8:22 AM
      Permalink

      Gary, you are close to being right. Guaranteed 100% no chance of failure security, privacy or anonymity is an illusion.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *