PSA: Serious Security Vulnerability in Tor Browser

UPDATE: Tails version 5.1 has been released. Upgrade now.

Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. From the Tails website:

We recommend that you stop using Tails until the release of 5.1 (May 31) if you use Tor Browser for sensitive information (passwords, private messages, personal information, etc.).

A security vulnerability was discovered in the JavaScript engine of Firefox and Tor Browser. See the Mozilla Foundation Security Advisory 2022-19n

This vulnerability allows a malicious website to bypass some of the security built in Tor Browser and access information from other websites.

For example, after you visit a malicious website, an attacker controlling this website might access the password or other sensitive information that you send to other websites afterwards during the same Tails session.

This vulnerability doesn’t break the anonymity and encryption of Tor connections.

Link: Security Bulletin issued by Tails

Photo by Rubaitul Azad

Post author:Cognitive Metropolis
Post published:May 26, 2022
Post category:Security
Post comments:0 Comments

Tags: browser, cybersecurity, dataprivacy, hacker, hacking, internet, Operations Security, opsec, surveillance, TAILs OS, tor

You must log in to post a comment.

Share this:

You Might Also Like

7 steps to enhance IoT security

What Is a Side Channel Attack?

John Oliver interviews (Ex-NSA Head) General Keith Alexander