Skip to main content

Security Tool Strengthens Tor And ‘Foils’ FBI Attacks


A group of computer security researchers have developed a tool they say could make it significantly more difficult to hack the privacy-oriented Tor Browser – and which could also be used to protect other types of programs.
The tool, called Selfrando, is specifically aimed at protecting the customised browser provided as an easy way to access the Tor network, which anonymises traffic passing between a computer and an Internet server,



FBI infiltration

fbi2

In a paper presenting the project they pointed out that the Tor Browser is targeted not only by governments seeking to crack down on activists, but also by law enforcement agencies such as the US FBI.

“Exploiting software vulnerabilities in general, and browser vulnerabilities in particular, constitutes a clear and present threat to the Tor software,” they wrote.

The network and browser are widely used by journalists and civil rights activists, the researchers pointed out.

Attacking the browser is a relatively easy way of bypassing the Tor network’s anonymisation techniques, they said. In 2013 the FBI used malware placed on a number of Tor servers to exploit a bug in the Firefox browser upon which the Tor Browser is based and install a program that collected the details of users’ systems, they said.

“The attacker then knew the public IP address, MAC address and host name of every user that visited the booby- trapped page,” the researchers wrote.
Next-generation security

It’s next to impossible to ensure that there are no security flaws in a complex program such as Firefox, and as a result most operating systems now use a technique called address space layout randomisation (ASLR) to make it more difficult for malware to execute malicious programs, even if it successfully attacks a system through vulnerable software, the researchers said. The FBI’s attack demonstrated ASLR’s limits, however, they pointed out.

Selfrando is designed to use a technique similar to ASLR but much more complex, making it that much more difficult for attacks such as those reportedly used by the FBI to succeed, the researchers said.
“Our solution significantly improves security over standard ASLR techniques currently used by Firefox and other mainstream browsers,” they wrote, adding that it is compatible with other security techniques, including one called AddressSanitiser used by the Tor project.

Randomisation

Tor_logo1
ASLR works by causing programs and their various components to load into different locations in memory each time they run, but is limited by the fact that there are relatively few different possible memory locations, making it possible for an attacker to guess the location of the component needed.


Selfrando is more fine-grained, randomising the order of all the individual machine code functions in the protected program every time it loads and thus making it much harder for attackers to predict where the code fragments will be, the researchers said.

ASLR is like changing the order of the books on a shelf once a month or so, but Selfrando is “more like reordering the individual chapters in every book, every time you open it to read it”, said Sophos security expert Paul Ducklin in an advisory.
“Of course, if you shuffle around the pages in a book, there’s a lot of additional housekeeping you need to do as well, such as updating the table of contents and the index, as well as adding a note at the end of each chapter to say where to go next, and so forth,” he wrote.
Low overhead

The researchers said they have successfully used Selfrando with the Tor Browser as well as a range of other programs including the GNU Bash command shell, Google’s Chromium browser and the popular Nginx web server.
The tool has a low overhead while running, causes little delay when programs open and doesn’t require changes in order to protect the Tor Browser, they said.

“Selfrando can be combined with integrity techniques such as execute-only memory to further secure the Tor Browser and virtually any other C/C++ application,” they wrote.

Mauro Conti of the Università degli Studi di Padova, Tommaso Frassetto, Christopher Liebchen and Ahmad-Reza Sadeghi of the Technische Universität Darmstadt, Stephen Crane, Andrei Homescu and Per Larsen of Immunant and Georg Koppen and Mike Perry of the Tor Project contributed to the research, which is to be presented at the Privacy Enhancing Technologies Symposium in Darmstadt next month.

Comments

Post a Comment

Popular posts from this blog

Prisoner escapes in Benin city

An inmate on Wednesday morning escaped from the court where he was taken to for his trial. The unidentified inmate, escaped from the watchful eyes of prison officials who took him and other inmates to court. The prisoner, an awaiting trial inmate in Oko medium prison, Benin, escaped at the premises of the state high court, Benin. A prison official who spoke with The reporter under the condition of anonymity, said prison warders have been sent to go after the escaped prisoner. Meanwhile, the spokesman of the Edo command of the Nigerian Prison Services (NPS), Mr Aminu Suleiman declined speaking to journalists on it. The spokesman, who could neither deny nor confirm the report, said he was not in a position to speak on the issue. Suleiman said that the state commander of the NPS, Mr Effiom Etowa, was out of the state on official assignment.
Post a Comment
Read more

US Demands Immediate End To South Sudan Fighting

The United States demanded an immediate end to renewed fighting in the capital of South Sudan on Sunday, ordering all non-essential personnel out of the troubled country. "The United States strongly condemns the latest outbreak of fighting in Juba today between forces aligned with President Salva Kiir Mayardit and those aligned with First Vice President Riek Machar Teny, including reports we have that civilian sites may have been attacked," State Department spokesman John Kirby said in a statement.
Post a Comment
Read more

Buhari Considers Hadiza Bala Usman As Head Of NPA

Nigerian Ports Authority (NPA) and the Minister of Transportation, Mr. Chibuike Amaechi, has submitted Ms. Hadiza Bala Usman’s name to President Muhammadu Buhari to take over as the new managing director of NPA, says Reporter.Should Buhari approve the recommendation, Ms. Bala Usman, 40, will become the first female chief executive of a top tier federal government agency and of the NPA. She shall take over from Alhaji Habib Abdullahi, who was reinstated by Buhari in August 2015 as the managing director of NPA, after he had been shown the exit by former President Goodluck Jonathan in April 2015.
Post a Comment
Read more