In many parts of the world, like North America, using Wikipedia is taken for granted; hell, there are even Twitter accounts to track government employees editing the internet’s free encyclopedia while on the clock. But in other places, like Turkey or Syria, using Wikipedia can be difficult, and even dangerous.
For example, Wikipedia is still blocked in Turkey after the government restricted access to the site during a crackdown on dissident elements after a failed coup. Syrian-Palestinian digital activist and Wikipedia editor Bassel Khartabil is believed to have been executed by the Syrian government.Read more
Mac and Linux versions of the Tor anonymity browser just received a temporary fix for a critical vulnerability that leaks users' IP addresses when they visit certain types of addresses. TorMoil, as the flaw has been dubbed by its discoverer, is triggered when users click on links that begin with file:// rather than the more common https:// and http:// address prefixes.
When the Tor browser for macOS and Linux is in the process of opening such an address, "the operating system may directly connect to the remote host, bypassing Tor Browser," according to a brief blog post published Tuesday by We Are Segment, the security firm that privately reported the bug to Tor developers.Read more
A lot of ads on the Internet promote easy ways to earn money. They tend to lead to fishy places — say, a post from an alleged mother of three who stays at home, earning several thousand dollars a day, and says you can do the same.
But there are other ways to earn some easy money, too, that may seem much more plausible. For example, some services offer to pay you for installing apps. The money amounts to pocket change, but the work is pretty effortless. This kind of scheme is especially popular among children — install 50 apps and get a $2.50 to buy some gear for your favorite character in an online game.Read more
Dark web users may not be as anonymous as they think. There are a high number of potentially privacy-busting connections between the dark web – hidden online networks that require special software to access – and the regular “surface” web.
“The dark web is maybe not as dark as it seems,” says Iskander Sanchez-Rola at the University of Deusto, who led the investigation into the Tor network, a dark web network that uses encryption to conceal users’ identity. The group found close links between the dark web and surface web. More than 20 per cent of the 1.5 million dark web pages they analysed imported resources.Read more
Turkey has blocked direct access to the Tor anonymous browsing network as part of a wider crackdown on the ways people circumvent internet censorship. The crackdown began last month when Turkish ISPs were told to cut off the virtual private networks people use to hide where they go.
Many people are changing the way they connect to Tor to avoid the block. Activists said the block moved Turkey's net censorship policies from "moderate" to "severe". Tor, also known as The Onion Router, aims to conceal where people go online by using encryption and randomly bouncing requests for webpages through a network of different computers.Read more
There's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser. According to security researchers who analyzed the code, it exploits a memory corruption vulnerability that allows malicious code to be executed on computers running Windows.
The malicious payload it deliversis almost identical to one that was used in 2013 to deanonymize people visiting a Tor-shielded child pornography site. The FBI ultimately acknowledged responsibility for the exploit, which was embedded in webpages served by a service known as Freedom Hosting.Read more
When the FBI hacked thousands of computers related to a child porn investigation in 2015, the agency took advantage of a “non-publicly-known vulnerability,” according to a judge in a related case.
The news highlights the ongoing trend of the FBI leveraging security issues in software and devices, especially as criminal suspects turn to anonymization technology such as Tor, or use consumer products that have encryption features baked into them. In this case, the vulnerability may not have been a so-called zero-day which would bring up contentious issues of the FBI’s responsibility to disclose it to affected parties.Read more
The trust of the Tor anonymity network is in many cases only as strong as the individual volunteers whose computers form its building blocks. Researchers said they found at least 110 such machines actively snooping on Dark Web sites that use Tor to mask their operators' identities.
All of the 110 malicious relays were designated as hidden services directories, which store information that end users need to reach the ".onion" addresses that rely on Tor for anonymity. Over a 72-day period that started on February 12, computer scientists at Northeastern University tracked the rogue machines using honeypot .onion addresses they dubbed "honions."Read more
A newly discovered malware capable of cyberespionage and remote takeover is targeting Mac computers, delivering its payload by opening up a backdoor connection to a command-and-control web server via the encrypted Tor network.
The malware arrives disguised as a drag-and-drop file conversion application called the EasyDoc Converter, which is found on many credible third-party sites, according to an analysis from Bitdefender, whose security researchers uncovered the malware. The program is neither verified nor digitally signed by Apple. In reality, the program's true purpose is far more malevolent.Read more
Analysts and researchers agree that 2016 is the year when ransomware went really big. Cyber-crooks didn’t need much time to see the potential value of cryptolockers, and they readily added ransomware to their arsenals.
To give you an idea of the profitability, Cisco researchers reported in 2015 that a single Angler exploit kit brings cyber-criminals profits of up to $60 million annually, or on average $5 million every month! Hackers recently started focusing more attention on enterprises and organizations in possession of valuable data: Lately, a number of US hospitals became victims of ransomware attacks.Read more