Summary

Total Articles Found: 3

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Tor browser fixes bug that allows JavaScript to run when disabled
  • Oblivious DNS-over-HTTPS
  • Apple Will Offer Onion Routing for iCloud/Safari Users

Apple Will Offer Onion Routing for iCloud/Safari Users

Published: 2021-06-22 11:54:09

Popularity: 9

Author: Bruce Schneier

Keywords:

  • Uncategorized
  • anonymity
  • Apple
  • cloud computing
  • Safari
  • Tor
  • 🤖: "Torified Safari"

    At this year’s Apple Worldwide Developer Conference, Apple announced something called “iCloud Private Relay.” That’s basically its private version of onion routing, which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if you’re an iCloud Plus subscriber and you have it enabled from within your iCloud settings. Once it’s enabled and you open Safari to browse, Private Relay splits up two pieces of information that — when delivered to websites together as normal — could quickly identify you. Those are your IP address (who and exactly where you are) and your DNS request (the address of the website you want, in numeric form)...

    ...more

    Oblivious DNS-over-HTTPS

    Published: 2020-12-08 21:02:08

    Popularity: 32

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • academic papers
  • anonymity
  • DNS
  • https
  • protocols
  • 🤖: "DNS fail"

    This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with. IETF memo. The paper: Abstract: The Domain Name System (DNS) is the foundation of a human-usable Internet, responding to client queries for host-names with corresponding IP addresses and records. Traditional DNS is also unencrypted, and leaks user information to network operators. Recent efforts to secure DNS using DNS over TLS (DoT) and DNS over HTTPS (DoH) havebeen gaining traction, ostensibly protecting traffic and hiding content from on-lookers. However, one of the criticisms ofDoT and DoH is brought to bear by the small number of large-scale deployments (e.g., Comcast, Google, Cloudflare): DNS resolvers can associate query contents with client identities in the form of IP addresses. Oblivious DNS over HTTPS (ODoH) safeguards against this problem. In this paper we ask what it would take to make ODoH practical? We describe ODoH, a practical DNS protocol aimed at resolving this issue by both protecting the client’s content and identity. We implement and deploy the protocol, and perform measurements to show that ODoH has comparable performance to protocols like DoH and DoT which are gaining widespread adoption,while improving client privacy, making ODoH a practical privacy enhancing replacement for the usage of DNS...

    ...more

    Tor browser fixes bug that allows JavaScript to run when disabled

    Published: 2020-03-17 12:16:27

    Popularity: 148

    Author: John E Dunn

    Keywords:

  • Privacy
  • Security threats
  • Vulnerability
  • Web Browsers
  • anonymity
  • browser privacy
  • Firefox
  • Java
  • JavaScript
  • NoScript
  • the onion router
  • Tor
  • tor browser
  • The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.

    ...more

    end