Security News > 2021 > February > Brave privacy bug exposes Tor onion URLs to your DNS provider

Brave privacy bug exposes Tor onion URLs to your DNS provider
2021-02-19 16:37

Brave Browser is fixing a privacy issue that leaks the Tor onion URL addresses you visit to your locally configured DNS server, exposing the dark web websites you visit.

To access Tor onion URLs, Brave added a 'Private Window with Tor' mode that acts as a proxy to the Tor network.

When you attempt to connect to an onion URL, your request is proxied through volunteer-run Tor nodes who make the request for you and send back the returned HTML. Due to this proxy implementation, Brave's Tor mode does not directly provide the same level of privacy as using the Tor Browser.

A bug in Brave's 'Private window with Tor' mode is causing the onion URL for any Tor address you visit to also be sent as a standard DNS query to your machine's configured DNS server.

As you can see in the video below, when visiting the DuckDuckGo and NY Times' onion URLs in Brave's Tor browser mode, the browser also performed DNS queries to our locally configured DNS server, Google's public servers at IP address 8.8.8.8.

To prevent Tor URLs from being sent to configured DNS servers, Brave has disabled the CNAME adblocking feature when in the Tor browsing mode.


News URL

https://www.bleepingcomputer.com/news/security/brave-privacy-bug-exposes-tor-onion-urls-to-your-dns-provider/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
TOR 1 2 46 3 4 55
Brave 4 2 19 0 0 21