Fake Tor Update

Discussion in 'privacy problems' started by JDawg, Feb 13, 2016.

  1. JDawg

    JDawg Registered Member

    Joined:
    Aug 25, 2015
    Posts:
    17
    So i fired up my computer and turned on tor and a screen came up to click this link to dowload Tor 5.5.3 so i went to the tor website and there was no update. Am i being singled out here or is this common? ( No i did not click the link it had scripts turned on and no way to turn them off that's what really caught my eye. Mirimir what do u think.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    OK, so you started Tor browser, and saw a notice to get v5.5.3. And you say that "it had scripts turned on". How did you know that? Was this a browser pop-up?

    I suppose that it could be malware. But Tor browser v5.5.2 was just released on Friday: https://blog.torproject.org/blog/tor-browser-552-released It seems unlikely that malware faking a v5.5.3 update would be out so soon.

    Have you installed any add-ons in Tor browser?
     
  3. JDawg

    JDawg Registered Member

    Joined:
    Aug 25, 2015
    Posts:
    17
    I turned tor on and it was a dif page with a link to follow to update to 5.5.3 and i noticed the scripts were turned on so i tried shutting them off NOPE. So i turned tor off restarted it and it was back to 5.5.2
     
    Last edited: Feb 13, 2016
  4. JDawg

    JDawg Registered Member

    Joined:
    Aug 25, 2015
    Posts:
    17
    I have tor set to auto update and ity did not auto update i usually use whonix but if i am in a hurry i will use the tor browser. Mirimir could this be an attack towards me?
     
  5. JDawg

    JDawg Registered Member

    Joined:
    Aug 25, 2015
    Posts:
    17

    No add-ons and yes as soon as i turned on tor it popped up.
     
  6. JDawg

    JDawg Registered Member

    Joined:
    Aug 25, 2015
    Posts:
    17
    I knew there was just an update and then all this happened do u think my computer could be tampered with i have FDE Luks, Nobody has my passwords i have a security system with cameras and i installed my own cameras so it would be hard to get to my computer.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Ask about it on https://blog.torproject.org/blog/tor-browser-552-released

    Maybe some Tor admin misconfigured something, typing "5.5.3" instead of "5.5.2". And maybe you just happened to start Tor browser before they corrected the error.

    Are you sure that the window said "5.5.3" and not "5.5.2"?

    At this point, your options are (1) nuking Tor browser and doing a fresh install, or (2) doing a fresh OS install. The second option is almost certainly overkill.

    This sort of situation is why it's best to limit activity on the host OS to updating and managing VMs.
     
  8. Brosephine

    Brosephine Registered Member

    Joined:
    Dec 4, 2015
    Posts:
    143
    Location:
    lo·ca·tion (noun) "a particular place or position"
    Is there a difference between torproject.com and .org in terms of downloading tor?
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
  10. Brosephine

    Brosephine Registered Member

    Joined:
    Dec 4, 2015
    Posts:
    143
    Location:
    lo·ca·tion (noun) "a particular place or position"
    Yes earlier I went to ".com" and it was the exact same as ".org"
    Luckily I remembered it's .org and left. It kind of tripped me out!
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    It is the same site. It's just a redirect. In terminal:
    Code:
    user@host:~$ host torproject.com
    torproject.com has address 93.95.227.222
    torproject.com has address 154.35.132.70
    torproject.com has address 38.229.72.16
    torproject.com has address 82.195.75.101
    torproject.com has address 86.59.30.40
    torproject.com has IPv6 address 2001:858:2:2:aabb:0:563b:1e28
    torproject.com has IPv6 address 2001:41b8:202:deb:213:21ff:fe20:1426
    torproject.com has IPv6 address 2620:0:6b0:b:1a1a:0:26e5:4810
    torproject.com mail is handled by 10 eugeni.torproject.org.
    user@host:~$ host torproject.org
    torproject.org has address 93.95.227.222
    torproject.org has address 154.35.132.70
    torproject.org has address 38.229.72.16
    torproject.org has address 82.195.75.101
    torproject.org has address 86.59.30.40
    torproject.org has IPv6 address 2001:858:2:2:aabb:0:563b:1e28
    torproject.org has IPv6 address 2001:41b8:202:deb:213:21ff:fe20:1426
    torproject.org has IPv6 address 2620:0:6b0:b:1a1a:0:26e5:4810
    torproject.org mail is handled by 10 eugeni.torproject.org.
     
Loading...