Tor and Mozilla Working on To Make Malware Attacks More Difficult

Updated on:

Law enforcement agencies and malicious hackers may have a harder time getting access to the IP addresses of Tor users.

Thanks to upcoming security upgrades that Tor Project and the creators of Mozilla Firefox have been discreetly working on.

Since Tor’s security is never-ending as it stands, hacking an individual user’s computer has proved to be the only vulnerability on which the authorities have banked on time and again to de-anonymize Tor users.  We ask user to enhance TOR anonymity by combing it with a VPN.  Here is the guide

By hacking these endpoints, investigators are able to acquire the IP addresses of the users and thus, their locations.

The new twists and upgrades serve to make the process of unmasking these users a lot harder, if not impossible.

Firefox Security Lead, Richard Barnes explained in an email to Motherboard that currently, they had already created all the basic tools needed for the security upgrades and were in the process of gaining those tools in order to turn realize the concept.

Your TOR usage is being watched

Where the Vulnerability Lies

To break it down, Barnes explained that the Tor Browser has two major constituents: the Tor proxy that is necessary to route the browser’s traffic through the Tor network itself and the modified part of Firefox that makes accessing the network possible.

The Firefox part of the Tor Browser is where the vulnerability lies, according to Barnes, as it is dependent on network access in order to communicate with the Tor proxy.

When compromised, the Firefox part of the Tor Browser can be used to connect to another entity—say a government server—which then puts the user’s anonymity at risk as it reveals information such as the user’s IP address.

FBI Has Successfully Breached Tor Using That Weakness

firefox tor
Tor Project and Mozilla Firefox developers are working together on a security upgrade to deter law enforcement to access the identity of Tor users.

The FBI has manipulated this vulnerability before in February 2015 when they used a NIT (Network Investigative Technique) to reveal the IP address of a visitor of a child pornographic site.

The malware is suspected to have exploited one of Tor Browser’s weaknesses that people suspect the FBI have under wraps to access the computer before forcing it into contacting a government server outside of the encrypted network.

This way, the law enforcement agency was able to get information that led to the arrest of the suspect.

The upcoming upgrade looks to remove the need for network access in order for the two halves of the Tor Browser to communicate.

With the support of Unix domain sockets’, the two integrated programs should be able to communicate with each other without necessitating an underlying network protocol.

As such, the Firefox side of the Tor browser will no longer be easy to compromise.

Sandboxing Will Cut Off Network Access to the Firefox Half

Barnes added that the new security upgrade will allow Tor users to run it in a sandbox without requiring any network access other than a Unix domain socket to the proxy.

Furthermore, in the event the Firefox half of the Tor browser was compromised, law enforcement agencies would have no network connection with which to relay the user’s information to their servers.

Barnes gave a brief overview of how the Tor Project and the Mozilla Firefox team came to collaborate on this new project.

While Tor Project gave the Tor proxy and the Tor browser Unix socket capabilities, Mozilla made the Firefox browser generally capable of talking to proxies over Unix domain sockets.

Afterward, Tor proceeded to add this capability to their browser as Mozilla chipped in every once in a while to fix any bugs that came up.

Release Set For Early Next Year

As it stands, Barnes revealed that the upgrade will only work on MacOS and Linux platforms since they already have the necessary sockets, although they are working on extending the capability to the Windows platform.

However, there are some stipulations to be followed in order to get the plan to work.

Other than the availability of the sockets in question on all the platforms, users will also require a compatible sandbox in order to inhibit the Firefox half of the Tor browser from gaining network access in case it is compromised.

The support will be available in Firefox 51, which is set for release in January 2017.

Write for us


The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.


  1. Anonymous

    Hopefully they are not going to introduce back doors.

    • Anonymous

      They are open source so, if someone is checking their code and know what they are looking for then it will be difficult to hide a backdoor.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.