Researchers make Tor browser more resistant to memory exploits
In recent rounds of Tor browser releases, a hardened test version of the software has emerged that includes technology designed to protect the browser from exploits like the FBI’s. The technology should better guarantee the anonymity of users.
The nightly of the “hardened” Tor browser appeared earlier this year, but researchers at the University of California, Irvine are now explaining how the security technology called Selfrando works in a paper. According to the researchers, it is a load-time randomization technique that protects against vulnerabilities related to memory corruption.
Selfrando is a more secure alternative to the current address space layout randomization or aslr that browsers use, including Firefox. The Tor browser is based on Mozilla’s browser, so exploits found for this software also work with the Tor browser. The FBI exploits these vulnerabilities to expose Tor browser users. The American investigative service was able to trace, among other things, users of a child pornography site, although it is not known exactly how the FBI worked.
Address space layout randomization randomizes the memory address positions of parts of code. For Selfrando, however, the researchers use address space layout permutation, or aslp, which randomizes the location of each feature individually. This far-reaching randomization protects against the techniques used to circumvent aslr.
The advantage of aslp at Selfrando is that developers hardly have to do any work for its implementation. Using Selfrando would be like adding a new compiler to existing build scripts, the researchers write. In addition, the technology would hardly cause overhead. The makers claim to observe an overhead of 1 percent in benchmarks. They released the code for Selfrando on GitHub and will present the technique next month at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany.