Bank App Does Not Play Well with Tor Browser
December 22, 2016
Bank apps are a convenient way to access and keep track of your accounts. They are mainly used on mobile devices and are advertised for the user on the go. One UK bank app, however, refuses to play nice with devices that have the Tor browser, reports the Register in the article, “Tor Torpedoed! Tesco Bank App Won’t Run With Privacy Tool Installed.”
Tesco is a popular bank present in supermarkets, but if you want to protect your online privacy by using the Tor browser on your mobile device the Tesco app will not work on said device. Marcus Davage, the mainframe database administrator, alerted Tesco patrons that in order to use the Tesco app, they needed to delete the Tor browser. Why is this happening?
The issue appears to be related to security. Tesco’s help site notes that the Android app checks for malware and other possible security risks (such as the phone being rooted) upon launching and, in this case, the Tor software triggers an alert. The Tor Project makes two apps for Android, the aforementioned Orbot and the Orfox browser, both of which allow users to encrypt their data traffic using the Tor network. According to the Play Store, Orbot has been downloaded more than five million times by Android users.
App developers need to take into account that the Tor browser is not malware. Many users are concerned with their online privacy and protecting their personal information, so Tor needs to be recognized as a safe application.
Whitney Grace, December 22, 2016
Nobody Really Knows What Goes on over Dark Web
December 16, 2016
While the mainstream media believes that the Dark Web is full of dark actors, research by digital security firms says that most content is legal. It only says one thing; the Dark Web is still a mystery.
The SC Magazine in an article titled Technology Helping Malicious Business on the Dark Web Grow says:
The Dark Web has long had an ominous appeal to Netizens with more illicit leanings and interests. But given a broadening reach and new technologies to access this part of the web and obfuscate dealings here, the base of dark web buyers and sellers is likely growing.
On the other hand, the article also says:
But despite its obvious and well-earned reputation for its more sinister side, at least one researcher says that as the dark web expands, the majority of what’s there is actually legal. In its recent study, intelligence firm Terbium Labs found that nearly 55 percent of all the content on the dark web is legal in nature, meaning that it may be legal pornography, or controversial discussions, but it’s not explicitly illegal by U.S. law.
The truth might be entirely different. The Open Web is equally utilized by criminals for carrying out their illegal activities. The Dark Web, accessible only through Tor Browser allows anyone to surf the web anonymously. We may never fully know if the Dark Web is the mainstay of criminals or of individuals who want to do their work under the cloak of anonymity. Till then, it’s just a guessing game.
Vishal Ingole, December 16, 2016
Tor Phone to Take on Google
December 13, 2016
Tor users have nil or very limited options to surf Underground Web anonymously as Android-powered phones still manage to scrape user data. The Tor Project intends to beat Google at its own game with Tor-enabled smartphone.
An article that appeared on arsTechnica and titled Tor Phone Is Antidote to Google “Hostility” Over Android, Says Developer, says:
The prototype is meant to show a possible direction for Tor on mobile. We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users.
The phone is powered by custom-made CopperHead OS and can be run only on Google Nexus or Pixel hardware phones. Of course due to high technicalities involved, it is recommended only for Linux geeks.
For voice calls, according to the article:
To protect user privacy, the prototype runs OrWall, the Android firewall that routes traffic over Tor, and blocks all other traffic. Users can punch a hole through the firewall for voice traffic, for instance, to enable Signal.
Google’s Android is an Open Source platform that OEMs can customize. This creates multiple security threats enabling hackers and snoopers to create backdoors. CopperHead OS, on the other hand, plugs these security holes with verified boot and also stops Google Play Store from overriding native apps. Seems the days of mobile Tor are finally here.
Vishal Ingole, December 13, 2016
Bug-Free, Efficient Tor Network Inching Towards Completion
November 30, 2016
The development team behind the Tor Project recently announced the release of Tor 0.2.9.5 that is almost bug-free, stable and secure.
Softpedia in a release titled New Tor “The Onion Router” Anonymity Network Stable Branch Getting Closer says:
Tor 0.2.9.5 Alpha comes three weeks after the release of the 0.2.9.4 Alpha build to add a large number of improvements and bug fixes that have been reported by users since then or discovered by the Tor Project’s hard working development team. Also, this release gets us closer to the new major update of The Onion Router anonymity network.
Numerous bugs and loopholes were being reported in Tor Network that facilitated backdoor entry to snooping parties on Tor users. With this release, it seems those security loopholes have been plugged.
The development team is also encouraging users to test the network further to make it completely bug-free:
If you want to help the Tor Project devs polish the final release of the Tor 0.2.9 series, you can download Tor 0.2.9.5 Alpha right now from our website and install it on your GNU/Linux distribution, or just fetch it from the repositories of the respective OS. Please try to keep in mind, though, that this is a pre-release version, not to be used in production environments.
Though it will always be a cat and mouse game between privacy advocates and those who want to know what goes on behind the veiled network, it would be interesting to see who will stay ahead of the race.
Vishal Ingole, November 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tor Comes to the Rescue of Turkish Online Activists
November 29, 2016
Authorities in Turkey have effectively banned the use of social media platforms like Facebook, Twitter, and YouTube. Tor, however, has to come to the rescue of users, particularly online activists who want to get the word out about the social unrest in the country.
Motherboard in a report tiled Turks Are Flocking to Tor After Government Orders Block of Anti-Censorship Tools says:
Turkish Internet users are flocking to Tor, the anonymizing and censorship circumvention tool, after Turkey’s government blocked Twitter, Facebook, and YouTube. Usage of Tor inside of Turkey went up from around 18,000 users to 25,000 users on Friday, when the government started blocking the popular social media networks, according to Tor’s official metrics.
Apart from direct connection to the Tor Network through TOR browser, the network also allows users to use bridge relays that circumvent any access restrictions by ISPs. Though it’s not yet clear if ISPs in Turkey have also banned Tor access; however, the bridge relay connections have seen a spike in number since the ban was implemented.
It is speculated that the Government may have notified ISPs to ban Tor access, but failed to tell them to do so effectively, which becomes apparent here (a Tweet by a user):
I believe the government just sent the order and didn’t give any guide about how to do it,” Sabanc? told Motherboard in an online chat via Twitter. “And now ISPs trying to figure it out.
This is not the first time Tor has come to the rescue of online activists. One thing though is sure, more and more people concerned about their privacy or do not want to be repressed turning towards anonymous networks like Tor.
Vishal Ingole, November 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Surprise, Most Dark Web Content Is Legal
November 21, 2016
If you have been under the impression that Dark Web is that big chunk of the Internet where all activities and content is illegal, you are wrong.
In a news report published by Neowin, and titled Terbium Labs: Most of the Dark Web Content, Visible Through Tor, Is Legal reveals:
Contrary to popular belief that the majority of the dark web, accessible through Tor is mostly legal… or offline! With extremism making up just a minuscule 0.2% of the content looked at.
According to this Quora thead, Dark Web was developed by US Military and Intelligence to communicate with their assets securely. The research started in 1995 and in 1997, mathematicians at Naval Research Laboratory developed The Onion Router Project or Tor. People outside Military Intelligence started using Tor to communicate with others for various reasons securely. Of course, people with ulterior motives spotted this opportunity and began utilizing Tor. This included arms and drug dealers, human traffickers, pedophiles. Mainstream media thus propagated the perception that Dark Web is an illegal place where criminal actors lurk, and all content is illegal.
Terbium Labs study indicates that 47.7% of content is legal and rest is borderline legal in the form of hacking services. Very little content is technically illegal like child pornography, arms dealing, drug dealing, and human trafficking related.
The Dark Web, however, is not a fairyland where illegal activities do not occur. As the news report points out:
While this report does prove that seedy websites exist on the dark web, they are in fact a minority, contradictory to what many popular news reports would have consumers believe.
Multiple research agencies have indicated that most content is legal on Dark Web with figures to back that up. But they still have not revealed, what this major chunk of legal content is made of? Any views?
Vishal Ingole, November 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Project Tor Releases the Browser Manual
November 14, 2016
Tor Browser, the gateway to Dark Web has got its user manual that tells users a step-by-step procedure to download, install use and uninstall the browser in the most efficient manner.
On the official Tor blog titled Announcing the Tor Browser User Manual it says:
The community team is excited to announce the new Tor Browser User Manual! The manual is currently only available in English. We will be adding more languages in the near future, as well as adding the manual to Transifex.
Web users are increasingly adopting secure browsers like Tor that shields them from online tracking. With this manual, users who are not well-versed with Dark Web and want to access it or want to surf the web anonymously will get detailed instructions on doing so.
Some of the critical areas (apart from basic instructions like download and install) covered in the manual include – circumventing the network restrictions, managing identities, securely connecting to Tor, managing plugins, and troubleshooting most common problems.
The manual was created after taking feedback from various mailing lists and IRC forums, as the blog points out:
During the creation of this manual, community feedback was requested over various mailing lists / IRC channels. We understand that many people who read this blog are not part of these lists / channels, so we would like to request that if you find errors in the manual or have feedback about how it could be improved, please open a ticket on our bug tracker and set the component to “community”.
The manual will soon be released in other major languages that will benefit non-English speaking users. The aim is to foster growth and adoption of Tor, however, will only privacy-conscious users will be using the browser?
Vishal Ingole, November 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Malware with Community on the Dark Web
October 14, 2016
While Mac malware is perhaps less common than attacks designed for PC, it is not entirely absent. The Register covers this in a recent article, EasyDoc malware adds Tor backdoor to Macs for botnet control. The malware is disguised as a software application called EasyDoc Converter which is supposed to be a file converter but does not actually perform that function. Instead, it allows hackers to control the hacked mac via Tor. The details of the software are explained as follows,
The malware, dubbed Backdoor.MAC.Eleanor, sets up a hidden Tor service and PHP-capable web server on the infected computer, generating a .onion domain that the attacker can use to connect to the Mac and control it. Once installed, the malware grants full access to the file system and can run scripts given to it by its masters. Eleanor’s controllers also uses the open-source tool wacaw to take control of the infected computer’s camera. That would allow them to not only spy on the victim but also take photographs of them, opening up the possibility of blackmail.
A Computer World article on EasyDoc expands on an additional aspect of this enabled by the Dark Web. Namely, there is a Pastebin agent which takes the infected system’s .onion URL, encrypts it with an RSA public key and posts it on Pastebin where attackers can find it and use it. This certainly seems to point to the strengthening of hacking culture and community, as counterintuitive of a form of community, it may be to those on the outside.
Megan Feil, October 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Busted Black Marketplace Pops Back Up
October 5, 2016
In June, a vendor of access to hacked servers, xDedic, was taken down. Now, reports intelligence firm Digital Shadows, it has resurrected itself as a Tor domain. Why am I suddenly reminded of the mythical hydra? We learn of the resurgence from SecurityWeek’s article, “Hacked Server Marketplace Returns as a Tor Domain.” The article tells us:
After Kaspersky Lab researchers revealed in mid-June that they counted over 70,000 hacked servers made available for purchase on xDedic, some for as low as just $6, the marketplace operators closed the virtual shop on June 16. However, with roughly 30,000 users a month, the storefront was too popular to disappear for good, and intelligence firm Digital Shadows saw it re-emerge only a week later, but as a Tor domain now.
In an incident report shared with SecurityWeek, Digital Shadows reveals that a user named xDedic posted on 24 Jun 2016 a link to the new site on the criminal forum exploit[.]in. The user, who ‘had an established reputation on the forum and has been previously identified as associated with the site,’ posted the link on a Russian language forum thread titled ‘xDedic ???????’ (xDedic burned).
We’re told that, though the new site looks just like the old site, the user accounts did not tag along. The now-shuttered site was attracting about 30,000 users monthly, so it should not take long to re-build their client list. Researchers are not able to assess the sites traffic, since it is now a Tor domain, but both Digital Shadows and Kaspersky Lab, another security firm, are “monitoring the situation.” We can rest assured they will inform law enforcement when they have more information.
Cynthia Murrell, October 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Enterprise Technology Perspective on Preventing Security Breaches
September 16, 2016
When it comes to the Dark Web, the enterprise perspective wants solutions to prevent security breaches. Fort Scale released an article, Dark Web — Tor Use is 50% Criminal Activity — How to Detect It, speaking to this audience. This write-up explains the anonymizer Tor as The Onion Router, a name explained by the multiple layers used to hide an IP address and therefore the user’s identity. How does the security software works to detect Tor users? We learned,
There are a couple of ways security software can determine if a user is connecting via the Tor network. The first way is through their IP address. The list of Tor relays is public, so you can check whether the user is coming from a known Tor relay. It’s actually a little bit trickier than that, but a quality security package should be able to alert you if user behaviors include connecting via a Tor network. The second way is by looking at various application-level characteristics. For example, a good security system can distinguish the differences between a standard browser and a Tor Browser because among other things,Tor software won’t respond to certain history requests or JavaScript queries.
Many cybersecurity software companies that exist offer solutions that monitor the Dark Web for sensitive data, which is more of a recovery strategy. However, this article highlights the importance of cybersecurity solutions which monitor enterprise systems usage to identify users connecting through Tor. While this appears a sound strategy to understand the frequency of Tor-based users, it will be important to know whether these data-producing software solutions facilitate action such as removing Tor users from the network.
Megan Feil, September 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
-
- Subscribe to Beyond Search
Feature archive
News archive
-
