TOR advises abandoning Windows

TOR has warned its users to stay away from Windows after it was revealed that US spooks were spreading malware on the anonymising network using a Firefox zero-day vulnerability

The zero-day vulnerability allowed the FBI and other spooks to to use JavaScript code to collect crucial identifying information on computers visiting some websites using The Onion Router (TOR) network.

According to a security advisory posted by the TOR Project, the work around is switching away from Windows.

This is because the malicious Javascript that exploited the zero-day vulnerability was written to target Windows computers running Firefox 17 ESR (Extended Support Release), a version of the browser customised to view websites using TOR.

Those using Linux and OS X were unaffected. While there is nothing to stop the spooks writing a version of the code which targets Linux and OS X, it is less likely to happen.

The fake Javascript was likely planted on websites where the attacker was interested to see who visited. The script collected the hostname and MAC address of a person’s computer and sent it to a remote computer.

The exploit is targeted specifically to unmask Tor Browser Bundle users without actually installing any backdoors on their host.

The TOR Project also advised users to turn off Javascript by clicking the blue “S” by the green onion within the TOR browser.

“Disabling JavaScript will reduce your vulnerability to other attacks like this one, but disabling JavaScript will make some websites not work like you expect,” TOR wrote. “A future version of Tor Browser Bundle will have an easier interface for letting you configure your JavaScript settings.”

Mozilla has patched the hole in later versions of Firefox, but some people may still be using the older versions of the TOR Browser Bundle.