Slashdot Mirror
New 'Hardened' Tor Browser Protects Users From FBI Hacking (vice.com)
An anonymous reader quotes an article from Motherboard: According to a new paper, security researchers are now working closely with the Tor Project to create a "hardened" version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement...
"Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers," the researchers write in their paper, whose findings will be presented in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.
The researchers say Tor is currently field-testing their solution for an upcoming "hardened" release, making it harder for agencies like the FBI to crack the browser's security, according to Motherboard. "[W]hile that defensive advantage may not last for too long, it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit."
"Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers," the researchers write in their paper, whose findings will be presented in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.
The researchers say Tor is currently field-testing their solution for an upcoming "hardened" release, making it harder for agencies like the FBI to crack the browser's security, according to Motherboard. "[W]hile that defensive advantage may not last for too long, it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit."
So, to recap, the government-paid researchers are fighting the efforts of government-paid hackers to make the tool, that the government paid to create as a secure one, less so.
Whichever side wins, we, the taxpayers lose...
You have multiple countries with teams of very smart people working to crack everything crackable that protects privacy--because what allows private communication necessarily allows evasion of monitoring.
Of course, there are a lot of kinds of monitoring. Most obvious categories include:
1. Good purposes (attacking and/or defending against terrorists/child pornographers/organized crime/repressive regimes; tracking and blocking malware and other electronic attacks; etc...).
2. Middle-ground purposes (arguably ends-justify-the-means-behavior like violating some civil liberties while hunting white-collar criminals, child support nonpayment grey market income, doing propaganda against people in group #1).
3. Bad purposes (hunting political opposition, tracking and classifying people based on their political opinions or other things that should be prevented by freedom of speech, finding dirt for blackmail, gathering evidence of and prosecuting someone for common civil ordinance violations and petty crimes in a way which chills and stifles free speech and gives the monitoring agency unfettered power, etc...)
Real lawyers write in C++
Which law? There are a bout 150 different versions and the FBI will hack anybody (which is criminal in almost all countries for them to do). So, you are right, if the FBI stopped breaking the law, this problem would go away.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
The new version will protect against hacking, not from FBI hacking. The research with the hack the FBI used was published, so other people could use the same method. So basically this update protects people from a known vulnerability. This kind of reporting does more harm than inform, as it gives the impression that the main purpose of TOR is to commit crimes.