A FLAW in the Tor browser last week exposed the IP addresses of Mac and Linux users.
Every time a user clicked onto links starting with file://, as opposed to https:// and http://, the vulnerability would kick into action. It's been named TorMoil by its finder.
In a blog post published by We Are Segment, the security firm explains that when macOS and Linux users open these addresses, the OS connects directly to the remote host.
"Recently, our CEO, Filippo Cavallarin, discovered a critical security vulnerability in Tor Browser affecting Mac and Linux users that can lead to the leakage of users real IP address," the company wrote.
"Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser."
Members of the Tor Project released a temporary fix on Friday and said Windows users haven't been affected by the problem.
"Tor Browser 7.0.9 is a security bugfix release for macOS and Linux users only. Users on Windows are not affected and stay on Tor Browser 7.0.8," the Project said.
"Tor Browser 7.0.9 is now available for our macOS and Linux users from the Tor Browser Project page and also from our distribution directory.
"This release features an important security update to Tor Browser for macOS and Linux users. Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address (note: as of Nov. 4, 2017, this link is non-public while Mozilla works on a fix for Firefox).
"Once an affected user navigates to a specially crafted URL the operating system may directly connect to the remote host, bypassing Tor Browser. Tails users and users of our sandboxed-tor-browser are unaffected, though."
Tor developers teamed up with Mozilla to come up with a fix the next day, and the patch for all affected versions is set to go live on Monday. µ
Watching you, watching me
Everything stops for T