Researchers exposes two zero-day gaps in the Tor network and browser

Internet service providers may block all connections to the Tor network. The researcher accuses the Tor Project of not remedying the weaknesses it reported. He also announces the disclosure of additional bugs.

Security researcher Neal Krawetz has discovered two security vulnerabilities that affect the Tor network and also the Tor browser. He has now made the technical details public because the Tor Project has not solved the security problems he has reported repeatedly in recent years.

Gate: The Onion Router (Image: Gate)Krawetz also announced that it would reveal further vulnerabilities in Tor. Underneath there should be a bug that allows the real IP address of a Tor server to be determined. The Tor Project did not want to comment on the researcher’s allegations when asked by ZDNet.com.

According to Krawetz, who himself operates several Tor nodes, the first bug enables Internet service providers to block connections to the Tor network. All you have to do is look for “specific packet signatures” that are apparently typical of Tor traffic.

The second zero-day gap also allows Tor traffic to be recognized. However, this affects the so-called indirect connections that users use if ISPs try to restrict direct access to the Tor network.

The indirect traffic runs via so-called Tor bridges, which serve as a proxy and forward the user’s connections to the Tor network. Apparently, special TCP packets are generated, which can be recognized with little effort.

According to Krawetz, both vulnerabilities together allow Tor to be blocked entirely in its own network using a real-time stateful packet inspection system. “You can prevent all of our users from connecting to the Tor network, whether they’re connecting directly or using a bridge.”

The researcher based the publication of the details of both vulnerabilities on the basis of previous negative experiences with the Tor Project. In 2017, he reported two bugs that have not been resolved to date. A bug he also discovered that affected the Tor Bridge server had been unpatched for eight years. “I give up reporting bugs to the Tor Project. Tor has serious problems to address, they know about many of them and refuse to do anything, ” tweeted Krawetz in early June.

Collaboration platform Slack: work efficiently – no matter where

Before COVID-19, remote work was almost unthinkable for many companies. Today they realized that it can work very well if the general conditions are right. Find out in this webinar how you can optimally react to changing working conditions with the Slack collaboration solution.

Leave a Reply

Your email address will not be published. Required fields are marked *