Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook

leaks traffic browser addresses dns onion brave

BjydaBrave browser leaks onion addresses in DNS traffic
The Tor mode included with the Brave web browser allows users to access .onion dark web domains inside Brave private browsing windows without having to install Tor as a separate software package.

Added in June 2018, Brave's Tor mode has allowed throughout the years access to increased privacy to Brave users when navigating the web, allowing them to access the .onion versions of legitimate websites like Facebook, Wikipedia, and major news portals.

But in research posted online this week, an anonymous security researcher claimed they found that Brave's Tor mode was sending queries for .onion domains to public internet DNS resolvers rather than Tor nodes.

While the researcher's findings were initially disputed, several prominent security researchers have, in the meantime, reproduced his findings, including James Kettle, Director of Research at PortSwigger Web Security, and Will Dormann, a vulnerability analyst for the CERT/CC team.

Furthermore, the issue was also reproduced and confirmed by a third source, who also tipped off ZDNet earlier today.

The risks from this DNS leak are major, as any leaks will create footprints in DNS server logs for the Tor traffic of Brave browser users.

While this may not be an issue in some western countries with healthy democracies, using Brave to browse Tor sites from inside oppressive regimes might be an issue for some of the browser's other users.

Brave Software, the company behind the Brave browser, has not returned a request for comment sent before this article's publication earlier today.

Over the past three years, the company has worked to build one of the most privacy-focused web browser products on the market today, second only to the Tor Browser itself.

Based on its history and dedication to user privacy, the issue discovered this week appears to be a bug, one the company will most likely hurry to address in the coming future.

Update: Minutes after this article went live, the Brave team announced a formal fix on Twitter. The patch was actually already live in The Brave Nightly version following a report more than two weeks ago, but after the public report this week, it will be pushed to the stable version for the next Brave browser update. The source of the bug was identified as Brave's internal ad blocker component, which was using DNS queries to discover sites attempting to bypass its ad-blocking capabilities, but had forgotten to exclude .onion domains from these checks.


Possibly Related Threads…
Thread Author Replies Views Last Post
  Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests mrtrout 0 151 02-04-2021 , 10:57 PM
Last Post: mrtrout
  Bonobos clothing store suffers a data breach, hacker leaks 70GB database tarekma7 0 136 01-23-2021 , 07:53 AM
Last Post: tarekma7
  Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts mrtrout 0 315 10-21-2020 , 06:24 AM
Last Post: mrtrout
  China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI mrtrout 0 410 08-10-2020 , 12:49 AM
Last Post: mrtrout
  Dutch Hackers Found a Simple Way to Mess With Traffic Lights mrtrout 0 324 08-08-2020 , 03:11 AM
Last Post: mrtrout

Forum Jump:

Users browsing this thread: 1 Guest(s)