Introduction to Tor Browser

Tor Browser
Tor Browser running on the Ubuntu startup screen - about:tor
Developer: Tor Project, Inc.
Source code base: gitweb.torproject.org/tor.git
Engine: Gecko
Operating system: Windows XP or later Unix-like (including OS X)
Language: 32 languages
Website: www.torproject.org/download/

Tor Browser, formerly known as Tor Browser Bundle (TBB), is the flagship product of the Tor project. Modified by the Mozilla Firefox ESR browser, with many security and privacy tweaks made by the Tor Project developers, comes preloaded with TorButton, TorLauncher, NoScript and HTTPS Everywhere extensions and Tor agents. It is open source, free software, green software, and runs on a variety of operating systems, including Windows, Mac OS X, Linux, Unix, and Android.

Tor Browser starts the Tor process in the background and connects to the network through it. Once the program is disconnected, the Tor browser automatically deletes privacy-sensitive data, such as cookies and browsing history.

The Tor browser itself provides SOCKS proxy services, and some applications already use the Tor network. When combined with the proxy server software Privoxy, all HTTP/HTTPS connected applications, and all applications that can set up HTTP/HTTPS proxies, can access the Internet via the Tor network.

Stuart Dredge suggested in the Guardian in November 2013, after a series of global surveillance revelations, that people use the Tor browser to avoid being tapped and to protect their privacy.

Firefox/Tor Browser Attack

In 2011, Dutch authorities discovered the IP address of the administrator of the Tor Onion service "Pedoboard" while investigating child pornography circulating online, and forwarded this information to the US Federal Bureau of Investigation for follow-up. By doing so, the FBI targeted its owner as Aaron McGrath. After a year of surveillance, the FBI launched an operation called "Operation Torpedo" to arrest McGrath and install malware on three Onion service websites managed by McGrath to obtain information about users who visited them. It takes advantage of a fixed vulnerability in the Firefox/Tor browser, so it targets users who do not install updates and have Flash installed. The vulnerability, which allows the FBI to ping users' IP addresses directly back to their own servers, has exposed the IP addresses of at least 25 U.S. users and many foreign users. McGrath was sentenced to 20 years in prison in early 2014, followed by 18 other users, including a former acting cybersecurity director at the U.S. Department of Health and Human Services.

In August 2013, someone [who?] It has been found that many older versions of Firefox bundled with the Tor Browser Bundle are affected by a JavaScript attack. The attacker can then extract the user's IP and MAC addresses, as well as the Windows computer name. The news linked this to the arrest of Eric Eoin Marques, the head of Freedom Hosting, which provides anonymous web hosting for Tor, in connection with a temporary extradition order issued by a US court on July 29 [source request]. He was charged with distribution, conspiracy to distribute, propaganda, and aiding and abetting the promotion of child pornography. The arrest warrant calls Max "the biggest promoter of child pornography on the planet". The FBI admitted to the JavaScript attack in court documents filed in Dublin on September 12, 2013; a training presentation leaked by Edward Snowden revealed more details about the breach and revealed its codename, EgotisticalGiraffe. And Mozilla has patched the vulnerability in Firefox 17, which was released in November 2012.