The Tor browser’s primary function is to provide users with high level of protection and anonymity when they browse the internet. Lately, law enforcement authorities were carrying out attacks on individuals instead of the network itself by hacking their computers or the end points. This lead to the authorities learning the users’ IP addresses.
Now, Tor Project’s and Mozilla’s team is working on improvements, which they say would make the job of attackers more difficult. Unmasker malware will have a hard time if the Tor browser’s connection to the network is tweaked successfully.
“We’re at the stage right now where we have created the basic tools and we’re working on putting them together to realize the security benefits,” Richard Barnes, Firefox Security Lead, wrote in an email.
According to Barnes, the Tor Browser is basically made up of two parts: a modified version of Firefox, and the Tor proxy, which routes the browser’s traffic into the Tor network. The Firefox part has internet access mostly since it needs to communicate with the proxy.
“That means if an attacker can compromise the Firefox half of Tor Browser, it can de-anonymize the user by connecting to something other than the Tor proxy,” Barnes explained.
The FBI exploited just this vulnerability of Tor when they performedOperation Pacifier. In February 2015, the Bureau deployed a Network Investigative Technique (NIT), which is a piece of malware used by the agency, on users who allegedly visited the PlayPen child porn site. The malware firstly used a Tor Browser exploit, and then forced the computer to contact a government server outside of the Tor network, revealing the suspect’s IP address to the FBI.
According to the developers of Tor and Mozilla, this problem will soon be solved with the support of “Unix domain sockets” and other fixes. A Unix domain socket is a way for two programs on the same computer to communicate with each other without using an underlying network protocol. With this new improvement, the Firefox part of the Tor Browser will no longer require internet access to work.
“That means that you could run it in a sandbox with no network access (only a Unix domain socket to the proxy), and it would still work fine. And then, even if the Firefox half of Tor Browser were compromised, it wouldn’t be able to make a network connection to de-anonymize the user,” Barnes said.
Barnes said the whole project started when Tor started adding Unix domain socket capabilities to the browser and the proxy. Soon after that, Mozilla did their own work too; they added a general capability to Firefox, which allowed the browser to talk to proxies over Unix domain sockets. Now, the Tor Project is working on implementing this to the Tor Browser, and Mozilla is helping them to fix the upcoming bugs.
However, Tor’s job is not as easy as it sounds. For this project to work, the operating system needs a non-network way to talk to the proxy, which is Unix domain sockets in the current case, and a suitable sandbox that can stop the Firefox part of the browser from getting access to the network.
Currently, the Firefox’s support will only work on platforms that have those sockets, like macOS and Linux. According to Barnes, support will be included in Firefox 51, which will be released in January.
“Work is ongoing to extend this capability to Windows […] and sandboxing work should proceed once the integration is done,” Barnes added.