After ten months of development, a significant release of the specialized browser Tor Browser 10.5 is presented, which continues the development of functionality based on the ESR branch of Firefox 78. The browser is focused on providing anonymity, security and privacy, all traffic is redirected only through the Tor network. It is impossible to contact directly through the regular network connection of the current system, which does not allow tracking the real IP of the user (in the case of a browser hack, attackers can access the system network settings, so products such as Whonix should be used to completely block possible leaks). Tor Browser builds are prepared for Linux, Windows and macOS.
For additional security, Tor Browser includes the HTTPS Everywhere add-on, which allows you to use traffic encryption on all sites where possible. To mitigate the threat of JavaScript attacks and plugin blocking by default, the NoScript add-on is included. To combat blocking and traffic inspection, fteproxy and obfs4proxy are used.
To organize an encrypted communication channel in environments that block any traffic other than HTTP, alternative transports are proposed, which, for example, allow you to bypass attempts to block Tor in China. The WebGL, WebGL2, WebAudio, Social, SpeechSynthesis, Touch, AudioContext, HTMLMediaElement, Mediastream, Canvas, SharedWorker, WebAudio, Permissions, MediaDevices.enumerateDevices, and screen APIs are disabled or restricted to protect against tracking user movement and highlighting visitor-specific features. orientation, as well as the means of sending telemetry, Pocket, Reader View, HTTP Alternative-Services, MozTCPSocket, "link rel=preconnect", modified libmdns.
In the new version:
- The built-in bridging gateways used to connect in places where Tor is blocked has been updated with a new "Snowflake" gateway that uses a network of proxy servers run by volunteers. In terms of functionality, snowflake resembles a flash proxy, but differs in solving problems with NAT. Interaction with a proxy is carried out using the WebRTC P2P protocol, which supports bypassing address translators.
There are currently about 8000 active proxies running daily on different networks around the world. Maintaining a large network of proxy servers is facilitated by the fact that running your own proxy does not require the execution of a server application, but it is enough to install a special browser add-on on the user's system. During the initial connection, the "domain fronting" technique is used, which allows accessing over HTTPS with a fictitious host specified in SNI and the actual transmission of the name of the requested host in the Host HTTP header within the TLS session (for example, content delivery networks can be used to bypass blocking).
- Added a notice to stop supporting old onion services based on the second version of the protocol, which was deprecated a year ago. Complete removal of the code associated with the second version of the protocol is expected in the fall. The second version of the protocol was developed about 16 years ago and, due to the use of outdated algorithms, cannot be considered safe in modern conditions. Two and a half years ago, in release 0.3.2.9, users were offered the third version of the protocol for onion services, notable for the transition to 56-character addresses, more reliable protection against data leaks through directory servers, an extensible modular structure and the use of SHA3, ed25519 and curve25519 algorithms instead of SHA1, DH and RSA-1024.
- The interface for the first connection to the Tor network has been improved, which has been moved from the panel to the main screen and implemented in the form of a new βabout:torconnectβ service page. The browser now automatically detects work from censored networks and offers bridged gateways to bypass blocking.
- On the Linux platform, build capabilities are provided with Wayland support.
- Updated NoScript 11.2.9, Tor Launcher 0.2.30, libevent 2.1.12.
- Ended support for CentOS 6.
Source: opennet.ru