Security News
In an alert this week, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned enterprises about the use of Tor in cyberattacks. Maintained by non-profit organization Tor Project, the Tor software and the underlying infrastructure are meant to provide users with anonymity and the means to bypass censorship by encrypting requests and routing them via multiple nodes.
Firefox 77 and Tor Browser 9.5 were released this week with patches for a variety of vulnerabilities, including several rated high severity. Mozilla's browser arrived with a total of 8 security fixes, including 5 that address high severity issues.
The Tor Project this week rolled out an update to its browser that attempts to make the anonymity-protecting onion routing scheme more approachable. The Tor Project itself emerged from federally funded research led by the US Office of Naval Research and DARPA. Tor is an acronym for the original name of the project, The Onion Router, an encrypted networking protocol designed to support anonymous communication - although paradoxically a popular website for Tor users is Facebook.
Looking for a way to gain a bit more security and privacy for your SSH connections? Jack Wallen shows you how with the help of Tor. I'm going to walk you through the process of making SSH connections over Tor.
The Tor Project is laying off a third of its staff due to the current COVID-19 outbreak, the non-profit organization has announced. The developer of the popular privacy-focused Tor Browser said the crisis hit it hard, forcing it to make some difficult decisions.
This week in The Reg's security roundup of the notable bits beyond what we've already covered, the Tor Project has cut back to its core team, Zoom has called in the big security guns, US tech firms are taking on its Congress - and more. First off, it has been a bad weekend for 13 staffers at the nonprofit Tor Project after they were let go as the team was reduced to core operations only.
Mozilla just pushed out an update for its Firefox browser to patch a security hole that was already being exploited in the wild. Given that the bug needed patching in both the latest and the ESR versions, we can assume either that the vulnerability has been in the Firefox codebase at least since version 68 first appeared, which was back in July 2019, or that it was introduced as a side effect of a security fix that came out after version 68.0 showed up.0, so the ESR is popular with IT departments who want to avoid frequent feature updates that might require changes in company workflow, but don't want to lag behind on security patches.
The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they've disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them.
Uni brains pitch smart math for speeding up establishment of circuits in anonymizing onion network Academics in Germany say they've found a way to make Tor and similar onion networks more...
A mirror copy of the BBC’s international news website is now available to users on the so-called dark web.