Critical: Read this if you use Tor Browser - Computers - International Cannagraphic Magazine Forums

spurr · 01-12-2011, 07:24 AM

Hello,

Over the past week it has become apparent there is a pretty big bug (anonymity concern) in TorBrowser, due to the non-toggle state most people use it under.

Follow the directions below, NOW, if you use TorBrowser:

Easiest fix:
Make sure to toggle TorButton off, then back on, at least once. This allows for TorButton to set some critical configs that otherwise are not set (i.e., disable geo-location feature in Firefox, etc).

Then type "about:config" (without quotes) in your Firefox URL bar, accept the warning, and type the following in the config bar to make sure it worked (for images of this process see my post here: link)

geo.enabled > should be set to "false"
network.dns.disablePrefetch > should be set to "true"
browser.cache.offline.enable > should be set to "false"

Better fix:
Download the current release of TorBrowser, i.e., 01-09-2011; Linux = v.1.1.2, Mac = v.1.0.9, Win = v.1.3.16. Those builds manually set config options (as a dirty work-around) so TorButton does not need to be toggled at least once.

Then type "about:config" in your Firefox URL bar, accept the warning, and type the following in the config bar to make sure it worked (for images of this process see my post here: link)

geo.enabled > should be set to "false"
network.dns.disablePrefetch > should be set to "true"
browser.cache.offline.enable > should be set to "false"

Refs:

Be safe, be anonymous!

spurr · 01-12-2011, 07:26 AM

@ all who use Tor:

Please make it a daily habit, or at least a few times a week, to check the Tor blog for important info that may be relevant to you (such as critical bug fix notices, etc.): https://blog.torproject.org/blog/

sackoweed · 01-12-2011, 07:38 AM

will check on this.. thanx peace n pufs..

sacKO

spurr · 01-12-2011, 07:47 AM

Glad to help

Stress_test · 01-12-2011, 08:21 AM

Quote:

New Details Support Tor Spying Theory

You’ll recall the story about the Swedish security researcher who stumbled upon unencrypted embassy e-mail traffic that was passing through five Tor exit nodes he set up. The researcher, Dan Egerstad, told me before the Swedish feds raided his apartment that he was certain that others were grabbing such traffic through Tor exit nodes in the same way that he was. Government and intelligence agencies were presumed to be some of the spies tapping into the Tor network.

Well the TeamFurry researchers decided to examine the configuration of a few Tor exit nodes to see what they might be up to and found some interesting results — exit nodes that were configured to accept only unencrypted IMAP, AIM, VNC, Yahoo IM and MSN Messenger traffic, among a few other things, and to reject all other traffic.

Another node set up in Germany was configured to accept only unencrypted telnet, POP3, and nntp traffic. Here’s a look at one of the configurations:

accept *:143 <- Accept unencrypted IMAP traffic to anywhere
accept *:5190 <- Accept unencrypted AIM traffic to anywhere
accept *:5050 <- Accept unencrypted Yahoo IM traffic to anywhere
accept *:5900 <- Accept unencrypted VNC traffic to anywhere
accept *:5901 <- Accept unencrypted VNC traffic to anywhere
accept *:1863 <- Accept unencrypted MSN Messenger traffic to anywhere

reject *:* <- reject all other traffic.

Of course there’s no telling who the exit node owners are (bored hackers, industrial spies or intelligence agencies) or what they’re doing for sure, but as TeamFurry notes, the configurations sure look suspicious.

They also found another exit node in Germany that appears to be doing man-in-the-middle attacks on HTTPS connections.

See also:

* Tor Researcher Who Exposed Embassy E-mail Passwords Gets Raided by Swedish FBI and CIA
* Rogue Nodes Turn Tor Anonymizer Into Eavesdropper’s Paradise
* Embassy E-mail Account Vulnerability Exposes Passport Data and Official Business Matters
* Tor Torches Online Tracking

spurr · 01-12-2011, 08:37 AM

@ stress test,

I am curious, why did you post that? I am curious because it has nothing to do with my thread. That is not to say what you posted in not important. What you posted is why Tor (and any proxy to the Internet), should be used with HTTPS whenever possible. No one should be using ICmag without HTTPS, with or without using Tor.

In a perfect world there would be no HTTP, it would all be HTTPS, and of course, SSL would be much more secure.

Nadicus_Maximus · 01-12-2011, 12:17 PM

Spurr, Thanks for a most tasty post. One can never be too safe. Viva la TOR

wantaknow · 01-16-2011, 04:24 AM

i am very glad he posted that info ,all info is needed to to make good decisions ,

Strainhunter · 01-16-2011, 07:08 PM

- edit -

Never mind I figured it out!

WaywardBob · 01-16-2011, 10:12 PM

this post is coming from someone who doesnt know much about browers and all that configuration stuff...

from the title, it sounded like Tor Browser is a program itself, but reading on thru ur post it sounds like Tor Browser is an addon for firefox? can someone please clarify this for me

01-12-2011, 07:24 AM	#1
spurr Banned Join Date: Aug 2010 Location: https://www.scirus.com/ & https://www.google.com/schhp?hl=en Posts: 2,431	Critical: Read this if you use Tor Browser Hello, Over the past week it has become apparent there is a pretty big bug (anonymity concern) in TorBrowser, due to the non-toggle state most people use it under. Follow the directions below, NOW, if you use TorBrowser: Easiest fix: Make sure to toggle TorButton off, then back on, at least once. This allows for TorButton to set some critical configs that otherwise are not set (i.e., disable geo-location feature in Firefox, etc). Then type "about:config" (without quotes) in your Firefox URL bar, accept the warning, and type the following in the config bar to make sure it worked (for images of this process see my post here: link) geo.enabled > should be set to "false" network.dns.disablePrefetch > should be set to "true" browser.cache.offline.enable > should be set to "false" Better fix: Download the current release of TorBrowser, i.e., 01-09-2011; Linux = v.1.1.2, Mac = v.1.0.9, Win = v.1.3.16. Those builds manually set config options (as a dirty work-around) so TorButton does not need to be toggled at least once. Then type "about:config" in your Firefox URL bar, accept the warning, and type the following in the config bar to make sure it worked (for images of this process see my post here: link) geo.enabled > should be set to "false" network.dns.disablePrefetch > should be set to "true" browser.cache.offline.enable > should be set to "false" Refs: https://blog.torproject.org/blog/new...dle-packages-1 https://trac.torproject.org/projects/tor/ticket/2338 https://gitweb.torproject.org/torbro...onfig/prefs.js Be safe, be anonymous!
	Quote 4 members found this post helpful.

01-12-2011, 07:38 AM	#3
sackoweed I took anger management already!!!! FUCK!!! Join Date: Oct 2006 Location: malmac the upper right corner of the globe Posts: 9,282	will check on this.. thanx peace n pufs.. sacKO __________________ Jack & Jill went up the hill both with a buck and a quarter. Jill came down with 650 bucks. Can't never did anything click the link! sackO goes toe 2 toe with!?
	Quote

01-16-2011, 04:24 AM	#8
wantaknow ruger 500 Join Date: Apr 2004 Location: usa Posts: 2,100	i am very glad he posted that info ,all info is needed to to make good decisions , __________________ Free leonard peltier now,
	Quote

01-16-2011, 07:08 PM	#9
Strainhunter Tropical Outcast Join Date: Oct 2009 Location: Tropical Island Posts: 2,937	- edit - Never mind I figured it out! __________________ . Something every grower "on the grid" should be aware of: Smart Meters - a few common misconceptions cleared up here. Last edited by StrainHunter; 01-16-2011 at 10:43 PM..
	Quote

01-16-2011, 10:12 PM	#10
WaywardBob paranormal peripherals Join Date: Jan 2007 Location: CA Posts: 314	this post is coming from someone who doesnt know much about browers and all that configuration stuff... from the title, it sounded like Tor Browser is a program itself, but reading on thru ur post it sounds like Tor Browser is an addon for firefox? can someone please clarify this for me __________________ WaywardBob, over and out. An ICE plant, 1000w, 180 days, and a 10 gallon pot -- Harvested
	Quote

01-12-2011, 07:26 AM	#2
spurr Banned Join Date: Aug 2010 Location: https://www.scirus.com/ & https://www.google.com/schhp?hl=en Posts: 2,431	@ all who use Tor: Please make it a daily habit, or at least a few times a week, to check the Tor blog for important info that may be relevant to you (such as critical bug fix notices, etc.): https://blog.torproject.org/blog/
	Quote

01-12-2011, 07:47 AM	#4
spurr Banned Join Date: Aug 2010 Location: https://www.scirus.com/ & https://www.google.com/schhp?hl=en Posts: 2,431	Glad to help
	Quote

01-12-2011, 08:37 AM	#6
spurr Banned Join Date: Aug 2010 Location: https://www.scirus.com/ & https://www.google.com/schhp?hl=en Posts: 2,431	@ stress test, I am curious, why did you post that? I am curious because it has nothing to do with my thread. That is not to say what you posted in not important. What you posted is why Tor (and any proxy to the Internet), should be used with HTTPS whenever possible. No one should be using ICmag without HTTPS, with or without using Tor. In a perfect world there would be no HTTP, it would all be HTTPS, and of course, SSL would be much more secure.
	Quote

01-12-2011, 12:17 PM	#7
Nadicus_Maximus Member Join Date: Jan 2011 Posts: 188	Spurr, Thanks for a most tasty post. One can never be too safe. Viva la TOR
	Quote