From the article: This demonstrates how important it is to have control over the outbound traffic on your PC, not just whether an application can or can't have internet access, but how and where it can connect to. Configuring a browser to use the Tor socks proxy doesn't guarantee that it has to do so. That's why they're called exploits, because they cause applications to do things they're not supposed to. Always assume that your applications can be exploited into performing unwanted behavior. Assume that your browser can be made to leak, especially ones used with Tor. For leaks created by undesired connections, there's no better tool than an outbound firewall.
Additionally, advanced users have stressed all along that you should garner ISOLATION via VM's NAT'd to a secured host(preferably linux). If the host is tunneled and locked to vpn tun0 there is NO way out except through that route. In other words the surfing activity in the isolated VM cannot see any conventional IP data/connection. In essence TOR has no idea or way to determine your ISP or what your IP is.
I think having a VPNed router would do this as well. Whatever is connected to that router has to go through the tunnel.
Again, browser or plugin exploits are the main attacks against, well, the browser using Tor. I don't get how a Adobe Flash exploit actually worked- the TBB or other bundles have always advised against plugins for that reason, and have been for years. (Plugins in ANY browser are the weakest security link) I get why they offer TBB for Windows/Mac, cause most people aren't savvy yet need the Tor network for various things- but at the same time, it's incredibly dangerous. People should take a course in the same level of discipline as they would a fire arm, cause if you shoot yourself in the foot it hurts in a big way. And even if used perfectly, you'll never beat that arms race of browser exploits. This is true for everyday vanilla web browsing. The reality of "Were any innocent users ensnared" is another issue. Nothing stops people from spamming known malicious .onion sites on a chan board or the like, for the very purpose of either adding noise or setting others up. And no one knows what's going to load when you click a link.
There's several methods described here, but they all accomplish one thing. They restrict the browser from connecting out via any other means than the one that's specified. It isn't just Flash that's used to coerce a browser to bypass or ignore its proxy settings. These exploits/vulnerabilities don't just affect Tor users. Any service, proxy, VPNs installed on the same PC, etc that utilizes localhost connections can be affected. I have seen several instances where the browser ignored the proxy settings and tried to resolve DNS directly. My firewall rules blocked and logged those attempts. I've altered those rules recently so that the firewall will also alert me when it happens. This way I can hopefully find the code that's triggering the bypass attempts and write a Proxomitron filter for it. For me, the multiple virtual systems and VPNs isn't really an option. Nothing that I do requires maintaining separate identities or profiles, and I doubt that my old hardware would be capable of powering such an arrangement. For me, the situation is almost completely reversed. Since my IP is also a Tor exit, the majority of traffic leaving here looks like the Tor browser. My traffic will stand out if I don't fake the user agent and other details.
I'm not sure how it works either but I am suspicious of Adobe because acrobat installs its updater as a Windows service which means it can use svchost to bypass other firewall rules. I have long been suspicious of MS and their svchost for this reason.
I haven't used Acrobat in ages, but their flash player also installs that service. The flash player will work properly without that service but will need to be updated manually. I question and distrust the need to make the updater a service. There's no need for an updater to run 24/7. I don't see why it would need the level of privilege that comes with running as a service. If someone found a way to exploit that updater, how bad could it get? Fortunately I don't have to worry about their updater. The flash player itself works fine on the rare occasions that I allow it, but the updater service won't run on my system.
Not only that, it rarely EVER alerts or updates with what's the current version in a timely fashion. Be lucky if it's ever within a month's released, current version.
An update service that doesn't reliably update its applications or tell the user that updates are available. It begs the question, what does it really do?
Well I have always had a problem with svchost, in my opinion it is a big hole in Windows architecture. If a malware developer wanted a way to ensure his malware could always phone home he couldn't ask for something better than svchost. As long as he can get his malware to install as a service he can mingle in with all the other svchost connections to the internet that most people allow because they want Windows Update etc to work. I feel quite sure MS do this stuff on purpose.
Sucks up them resources! But yeah, I agree. Windows/Mac has a less than perfect method of updating third party programs. Even if the Adobe Updater isn't backdoored, I'd say a lot of software in general is held together by bits of string, or less than perfect- so it's not far fetched that anything and everything running can be exploited (it's why these forums exist). I'm subscribe to the https://en.wikipedia.org/wiki/KISS_principle method with computers. Take away as many things as you can live without.
I don't know which firewalls give fine grained control over loopback traffic and internet access for services on Vista and newer systems. On XP and earlier systems, Kerio 2.1.5 works quite well provided that the user has a basic understanding of internet protocol.
This is just the latest of Thomas White's problems with Tor exit nodes that he runs. So it's probably more about unwanted attention on him than about the possible seizure of Tor directory authorities.
I'm starting to think that the current leaks are deliberate and full of misinformation. I doubt that they're as incompetent as those "leaks" would lead us to believe.
I believe there's plenty of spin going on an and the core of it is intentional and controlled. It's done that way for a purpose. Reactions to the latest tech are monitored by the PTB so they can gauge when to implement the next invasion of our privacy.