Researchers make Tor Browser more resistant geheugenexploits




Features designed to protect the browser against exploits such as the FBI used at recent release rounds of the Tor Browser is a hardened test version of the software appeared to technology. The technology needs to better ensure the anonymity of users.

The nightly from the ‘cured’ Tor Browser published earlier this year, but researchers at the University of California, Irvine now do it in a paper explained how the security works named Selfrando. According to the researchers, it is a load-time randomization technique that protects against vulnerabilities related to memory corruption.

Selfrando is a safer alternative to the current address space layout randomization, or ASLR using browsers, including Firefox. The Tor browser is based on Mozilla browser, which exploits found for this software, also work with the Tor browser. The FBI exploited these vulnerabilities to expose users of the Tor browser. The US investigation department managed to include other users of a child pornography site figure , though it is not known how the FBI was taking exactly work.

Address space layout randomization arranges the positions of the memory addressing portions of code randomly. The researchers use Selfrando address space layout permutation or aslp that individual randomly distributes the location of the feature. This far-reaching randomization protects against the techniques that are used to circumvent ASLR.

The advantage of aslp at Selfrando is that developers hardly need to perform work for its implementation. Use of Selfrando would be comparable to the addition of a new existing compiler to build scripts, write the researchers. In addition, the technique would hardly provide overhead. The makers claim benchmarks in an overhead of 1 percent to observe. They have the code for Selfrando released on GitHub, and present the technology next month at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.

Tor Browser Selfrando


In: A Technology & Gadgets Asked By: [23616 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »