Toban bilood oo horumar ah ka dib siideynta muhiimka ah ee browser u go'an , kaas oo horumarinta shaqeynta ku salaysan laanta ESR ay sii socoto . Barrawsarku waxa uu diiradda saarayaa bixinta qarsoodiga, amniga iyo sirta, dhammaan taraafikada waxaa lagu jiheeyaa kaliya shabakadda Tor. Suurtagal maaha in si toos ah loo galo isku xirka shabakada caadiga ah ee nidaamka hadda jira, kaas oo aan u oggolaanayn la socodka IP-ga dhabta ah ee isticmaalaha (haddii browserka la jabsado, weerarradu waxay heli karaan xuduudaha nidaamka nidaamka, si aad si buuxda u xannibto daadinta suurtogalka ah waa inaad isticmaashaa. alaabta sida ). Tor Browser ayaa dhisaya loogu talagalay Linux, Windows, macOS iyo Android.
Waxaa ku jira wax lagu daro ilaalinta dheeraadka ah , taasoo kuu ogolaanaysa inaad isticmaasho sir taraafikada dhammaan goobaha halka ay suurtagal tahay. Kordhinta ayaa lagu soo daray si loo yareeyo khatarta weerarrada JavaScript iyo xannibaadda plugins-ka si caadi ah . Si loola dagaallamo xannibaadda iyo kormeerka taraafikada, waxay isticmaalaan ΠΈ .
Si loo abaabulo kanaal isgaarsiineed oo qarsoodi ah oo ka jira deegaan xannibaya taraafikada kale ee aan HTTP ahayn, gaadiid kale ayaa la soo jeediyay, kuwaas oo, tusaale ahaan, kuu oggolaanaya inaad ka gudubto isku dayga lagu joojinayo Tor ee Shiinaha. Si looga ilaaliyo la socodka dhaqdhaqaaqa isticmaalaha iyo sifooyinka gaarka ah ee booqdaha, WebGL, WebGL2, WebAudio, Bulsho, SpeechSynthesis, Touch, AudioContext, HTMLMediaElement, Mediastream, Canvas, SharedWorker, Ogolaansho, Qalabka Media.enumerate, iyo screen.orientation APIs waa naafo ama xaddidan yihiin iyo sidoo kale qalab dirida telemetry ee naafada ah, Jeebka, Aragtida Akhristaha, HTTP Alternative- Services, MozTCPSocket, "link rel=preconnect", libmdns modified.
Siideynta cusub:
- Guddigii dib baa loo habeeyey iyo gelitaanka tusaha heerka ilaalinta, kaas oo ku yaal liiska Torbutton ee guddida ugu weyn. Badhanka Torbutton waxa loo raray dhinaca midig ee guddida. Sida caadiga ah, HTTPS Meel kasta iyo tilmaameyaal lagu daro NoScript ayaa laga saaray guddiga (waxaa lagu soo celin karaa interface settings panel).
Tusiyaha HTTPS Meel kasta waa laga saaray maadaama aysan bixin macluumaad faa'iido leh oo u wareejinta HTTPS had iyo jeer si toos ah ayaa loo dabaqaa. Tilmaamaha NoScript waa la saaray sababtoo ah browserku wuxuu ogol yahay in la beddelo heerarka amniga aasaasiga ah, iyo badhanka NoScript wuxuu inta badan ku marin habaabiyaa digniinaha ka soo baxa habaynta lagu ansixiyay Tor Browser. Badhanka NoScript wuxuu sidoo kale bixiyaa marin u helidda dejinta ballaaran, iyada oo aan si faahfaahsan loo fahmin, taas oo beddeleysa dejinta ay horseedi karto dhibaatooyin sir ah iyo iswaafaq la'aan heerka amniga ee lagu dejiyay Tor Browser. Xakamaynta JavaScript ee goobo gaar ah waxaa lagu samayn karaa iyada oo loo marayo qaybta oggolaanshaha dheeraadka ah ee ciwaanka macnaha guud (badhanka "i");
- Habka waa la hagaajiyay oo Tor Browser wuxuu la jaan qaadayaa naqshada cusub ee Firefox, oo loo diyaariyey qayb ka mid ah mashruuca "" Naqshadaynta bogga bilowga "about:tor" waa la bedelay oo la mideeyay dhammaan goobaha;
- Calaamadaha cusub ee Tor Browser ayaa la soo bandhigay.
- Noocyada la cusboonaysiiyay ee qaybaha browserka:
Firefox 60.7.0esr, Torbutton 2.1.8, HTTPS Meelkasta 2019.5.6.1, iyo OpenSSL 1.0.2r, Tor Launcher 0.2.18.3; - Golayaasha waxaa lagu sameeyay calanka "", oo loo isticmaalo dhismooyinka rasmiga ah ee Mozilla.
- Siideynta ugu horreysa ee xasilloon ee nooca mobilada ee Tor Browser ee aaladda Android ayaa la diyaariyey, kaas oo lagu dhisay saldhigga koodhka Firefox 60.7.0 ee Android oo u oggolaanaya shaqada kaliya ee shabakadda Tor, xannibaysa isku day kasta oo lagu dhisayo shabakad toos ah. isku xirka. HTTPS meel walba iyo badhanka Tor ayaa lagu daray. Marka la eego shaqada, daabacaadda Android ayaa wali ka dambeysa nooca desktop-ka, laakiin waxay bixisaa ku dhawaad ββisla heer ilaalin iyo sir.
Nooca Mobiilka Google Play, laakiin sidoo kale oo ah qaab xirmo APK ah oo ka socda shabakada mashruuca. Daabacaadda buug-yaraha F-droid ayaa la filayaa mustaqbalka dhow. Taageerayaashu waxay ku shaqeeyaan aaladaha leh Android 4.1 ama nooca cusub ee madal. Horumariyeyaasha Tor waxay xuseen inaysan ku talo jirin inay abuuraan nooc ka mid ah Tor Browser ee iOS sababtoo ah xannibaado ay soo saartay Apple waxayna ku talinayaan browserka horeba loogu heli karo iOS. , oo uu sameeyay mashruuca .
Farqiga ugu muhiimsan ee u dhexeeya Tor Browser ee Android iyo Firefox ee Android:
- Koodhka xannibaadda si loola socdo dhaqdhaqaaqa Goob kastaa way ka go'doonsan tahay codsiyada isdhaafsiga ah, iyo dhammaan Kukiyada si toos ah ayaa loo tirtiraa ka dib marka uu fadhigu dhammaado;
- Ka ilaalinta faragelinta taraafikada iyo la socodka dhaqdhaqaaqa isticmaalaha. Dhammaan dhexgalka dunida ka baxsan waxay ku dhacdaa oo keliya shabakadda Tor, oo haddii taraafikada u dhexeeya adeegsadaha iyo bixiyaha la joojiyo, weeraryahanku wuxuu arki karaa oo kaliya in isticmaaluhu isticmaalayo Tor, laakiin ma go'aamin karo goobaha isticmaaluhu furayo. Ka-hortagga faragelinta ayaa si gaar ah u khuseysa xaaladaha halka qaar ka mid ah hawl-wadeennada mobilada ee gudaha aysan u arkin inay ceeb tahay inay dhex galaan isticmaaleha HTTP taraafikada aan qarsoodi ahayn oo ay soo bandhigaan aaladahooda () ama boorarka xayaysiinta ΠΈ );
- Ka ilaalinta aqoonsiga sifooyinka gaarka ah ee booqdaha iyo dabagalka isticmaalayaasha isticmaalaya hababka aqoonsiga ("faraha browserka"). Dhammaan isticmaalayaasha Tor Browser waxay isku mid uga egyihiin dibadda oo lama kala sooci karo marka la isticmaalayo hababka aqoonsiga dadban ee horumarsan.
Tusaale ahaan, marka lagu daro kaydinta aqoonsiga iyada oo loo sii marayo Kukiyada iyo kaydinta xogta maxalliga ah API, liis isticmaal-gaar ah oo la rakibay , aagga waqtiga, liiska noocyada MIME ee la taageeray, xulashooyinka shaashadda, liiska xarfaha la heli karo, marka la isticmaalayo canvas iyo WebGL, cabbirada madaxyada ΠΈ , habka loola shaqeeyo ΠΈ ; - Codsiga sirta heerar badan. Marka lagu daro ilaalinta HTTPS, taraafikada isticmaalaha marka uu sii marayo Tor waxa kale oo la sir ah ugu yaraan saddex jeer (nidaam qarsoodi ah oo lakabyo badan ayaa la isticmaalaa, kaas oo baakado lagu duudduubay lakabyo taxane ah iyadoo la adeegsanayo sireeynta furaha dadweynaha, taas oo mid kasta oo Tor node ah at Marxaladda habaynteedu waxay muujinaysaa lakabka soo socda waxayna garanaysaa kaliya marxaladda soo socota ee gudbinta, oo kaliya qanjidhada ugu dambeeya ayaa go'aamin karta ciwaanka loo socdo);
- Awoodda helitaanka agabka uu xannibay bixiyaha ama goobaha la faafreebiyay. By Mashruuca Roskomsvoboda, 97% goobaha hadda la xannibay ee Ruushka ayaa si sharci darro ah loo xannibay (waxay ku yaalliin isla subnets-yada la xannibay). Tusaale ahaan, 358 kun ciwaannada IP-ga ee Badweynta Dijital ah, 25 kun oo cinwaannada Amazon WS iyo 59 kun oo cinwaannada CloudFlare ayaa weli xanniban. Hoosta xannibaadda sharci darrada ah, oo ay ku jiraan Mashaariic badan oo il furan oo ay ku jiraan bugs.php.net, bugs.python.org, 7-zip.org, powerdns.com iyo midori-browser.org.
Source: opennet.ru