Ars Technica: Critical Tor flaw leaks users’ real IP address—update now

Ars Technica: Critical Tor flaw leaks users’ real IP address—update now. “Mac and Linux versions of the Tor anonymity browser just received a temporary fix for a critical vulnerability that leaks users’ IP addresses when they visit certain types of addresses. TorMoil, as the flaw has been dubbed by its discoverer, is triggered when users click on links that begin with file:// rather than the more common https:// and http:// address prefixes. When the Tor browser for macOS and Linux is in the process of opening such an address, ‘the operating system may directly connect to the remote host, bypassing Tor Browser,’ according to a brief blog post published Tuesday by We Are Segment, the security firm that privately reported the bug to Tor developers.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s