In a bid to prevent spying by the FBI and others, Tor is collaborating with security researchers to improve its browser security, and specifically protect its millions of users from hacking attempts.
To further this goal, a new paper published by researchers from the University of California, Irvine, reveals that they are testing what they call Selfrando, which is essentially a technique to bar attempts to de-anonymize Tor.
A de-anonymization attack aims to disclose information, such as the identity or the location, of an anonymous user. While many de-anonymization attacks rely on weaknesses in the network protocol, they often require that adversaries control a large number of Tor nodes or only work in a lab environment.
According to the publication, Selfrando is an “enhanced and practical load-time randomization technique for the Tor Browser that defends against exploits, such as the one FBI allegedly used against Tor users.”
The Tor Browser allows the technically deficient a way to access the Tor Network. This is not very popular for several reasons, the paper states. “Many government organizations are actively trying to compromise Tor not only in regions with repressive regimes but also in the free world, as the recent FBI incidents clearly demonstrate.”
The Tor Browser shares a large part of its attack surface with the Firefox browser. Therefore, Firefox vulnerabilities (even patched ones) are highly valuable to attackers trying to monitor users of the Tor Browser, said the researchers in the paper.
The researchers allege that the FBI “continues to monitor the Tor Network,” and in early 2016, used a de-anonymization attack developed by Carnegie Mellon University.
An alternative and practical way to de-anonymize Tor users is to exploit security vulnerabilities in the software used to access the Tor network. The most common way to access Tor is via the Tor Browser, which includes a pre-configured Tor client. Since TB is based on Mozilla’s Firefox browser, they share a large part of their attack surfaces.
In 2013, the Federal Bureau of Investigation (FBI) exploited a known software vulnerability in Firefox to de-anonymize Tor users that had not updated to the most recent version of TB, the paper said. Due to the success of this operation, exploit broker (and, presumably, governments and criminals) are currently soliciting exploits for the TB.
“The Tor Project decided to include our solution in the hardened releases of the Tor Browser, which is currently undergoing field testing. Our solution significantly improves security over standard address space layout randomisation (ASLR) techniques currently used by Firefox and other mainstream browsers,” the paper highlighted.