Researchers are working on a hardened version of the Tor Browser that defends against exploits, such as the one the FBI allegedly used against browsers.
The Tor Browser gives non-technical users an easy way to access the Tor Network. However, many government organizations are actively trying to compromise Tor.
The Tor Browser shares a large part of its attack surface with the Firefox browser. Firefox vulnerabilities, including patched ones, are therefore valuable to Tor attackers.
Researchers have now presented “selfrando” in an academic paper – an enhanced load-time randomization technique for the Tor Browser that defends against exploits.
“Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers,” the paper states.
Selfrando is also compatible with AddressSanitizer (ASan), which is used in a hardened version of Tor for test purposes.