Security3.02.2017

Trick Tor Browser users into decloaking with Windows DRM-protected files

By Staff Writer

HackerHouse has published an investigation into using Windows DRM-protected files to unmask Tor Browser users.

The attack works against people running Tor Browser on Windows and requires them to ignore Tor’s warning that third-party files can expose their IP address.

“This is not an attack against Tor or the Tor Browser directly, but a useful way that could be leveraged to identify people attempting to access illegal media content (such as Daesh propaganda),” said HackerHouse.

The attack tricks a user into opening a digitally-signed Windows media file. Windows will automatically open an IE window and access a URL set by the signer to check the file’s licence.

Provided the file is properly signed, no warning other than the standard Tor Browser warning will be displayed – and the file’s creator will be able to get the IP address of the Tor user.

Now read: Tor Network: what it is and how it works

Don't miss the latest news

Show comments

Forum discussion

Trick Tor Browser users into decloaking with Windows DRM-protected files

Now read: Tor Network: what it is and how it works

Latest news

Communications Minister meets with U.S. Ambassador to South Africa, L. Brent Bozell III

Bad news for people who live in Johannesburg

District known as the cradle of democracy whose government has the worst cybersecurity in South Africa

Free AI website builder vs paid site builder – The winner is clear for South African SMEs

Top tech jobs for graduates in South Africa

Makate’s Please Call Me settlement with Vodacom was actually R1 billion, says former backer

Shop Smarter, Stream More: Amazon Prime Has Arrived in South Africa

South Africa’s most powerful computer which was in the top 24% fastest worldwide when it launched

Top Chinese inverter brand in South Africa hit by network outage

More news

Please Call Me’s Nkosana Makate to be sued for defamation

“White gold” rush in South Africa

R21.55 million stolen from South African company over the phone

Why AV has become an IT conversation

Cheapest way to stream FIFA World Cup matches in South Africa

South Africans must stop using Facebook and Instagram passwords for bank accounts

How GoTyme for Business Is Built Around How SMEs Actually Operate

What’s Next — WesBank CEO Robert Gwerengwe unpacks how vehicle finance is evolving in South Africa

South African banking giant launches important feature for its mobile network operator

Trending news

Small “pet project” started in 2006 which will drive MTN’s financial growth over the next 5 years

Eskom signed big gas deal with US energy giant for power plant it must still build

DA wants Steenhuisen moved from Agriculture to Trade and Industry — Report

The Changan Hunter Range: Comfortably, More Capable and Ready To Charge Ahead

Biggest change to traffic fines in South Africa in 49 years

DStv Stream for R0

Exclusive Vodacom World deals to celebrate Youth Month and Father’s Day

One tech product’s price is increasing faster than RAM in South Africa

Gauteng plans AI cameras in school classrooms to keep violent kids in check

Industry News

Apex Interactive strengthens partnership with Turtle Beach to accelerate South African market growth

Avoid high licensing fees by building your own software

Fact checking the AIs: Is Afrihost really South Africa’s best ISP?

The strategy that helped a top South African ISP dominate the market

Poll