8

I've heard it called "disbanding" attacks where the attacker induces a client into not routing a connection over Tor. Basically all of the things that the TBB protects against.

Examples might be leaking DNS because it's using SOCKS4 or using WebRTC to discover the private IP of the user.

Is there an existing list of all such attacks, or can you make a list off to top of your head?

Lizbeth
  • 1,274
  • 6
  • 22

1 Answers1

1

adding to the types you've mentioned there're two other kinds of them:

  • Zero-Day exploits Tor browser is a Firefox by roots, so some Firefox zero-day exploits are affecting it too. It's OK for any software to have mistakes - it's written by people, people do mistakes.
  • External container Using things that are inside the browser is safe in case of Tor browser or other ones - they will use proxies configured. However calling some external components like Adobe Flash will cause a separated execution container being created by OS - and it can just ignore the proxy settings and try to make a direct request and leak data.
Alexey Vesnin
  • 6,385
  • 3
  • 15
  • 36