SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Brave Privacy Bug Exposes Tor Onion URLs to Your DNS Provider
Date    Saturday February 20 2021, @04:37AM
Author    martyb
Topic   
from the dept.
https://soylentnews.org/article.pl?sid=21/02/20/040205

upstart writes in with an IRC submission for Runaway1956:

Brave privacy bug exposes Tor onion URLs to your DNS provider:

Websites located on Tor use onion URL addresses that users can only access through the Tor network. For example, DuckDuckGo's Tor address is https://3g2upl4pq6kufc4m.onion/ and the New York Time's address is https://www.nytimes3xbfgragh.onion/.

To access Tor onion URLs, Brave added a 'Private Window with Tor' mode that acts as a proxy to the Tor network. When you attempt to connect to an onion URL, your request is proxied through volunteer-run Tor nodes who make the request for you and send back the returned HTML.

[...] However, a bug in Brave's 'Private window with Tor' mode is causing the onion URL for any Tor address you visit to also be sent as a standard DNS query to your machine's configured DNS server.

This bug was first reported in a Reddit post and later confirmed by James Kettle, the Director of Research at PortSwigger.

This issue is caused by Brave's CNAME decloaking ad-blocking feature that blocks third-party tracking scripts that use CNAME DNS records to impersonate a first-party script.

To prevent Tor URLs from being sent to configured DNS servers, Brave has disabled the CNAME adblocking feature when in the Tor browsing mode.

[*] tweet.

See the bug report on GitHub.

pretty big bug!

Original Submission

Links
  1. "upstart" - https://soylentnews.org/~upstart/
  2. "Brave privacy bug exposes Tor onion URLs to your DNS provider" - https://www.bleepingcomputer.com/news/security/brave-privacy-bug-exposes-tor-onion-urls-to-your-dns-provider/
  3. "Private Window with Tor" - https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity-
  4. "Reddit post" - https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/
  5. "James Kettle" - https://twitter.com/albinowax
  6. "use CNAME DNS records to impersonate a first-party script" - https://www.bleepingcomputer.com/news/security/ublock-origin-now-blocks-sneaky-first-party-trackers-in-firefox/
  7. "tweet" - https://twitter.com/bcrypt/status/1362786340983635969?ref_src=twsrc%5Etfw
  8. "bug report" - https://github.com/brave/brave-core/pull/7769
  9. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=47559
© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Brave Privacy Bug Exposes Tor Onion URLs to Your DNS Provider on 2024-04-19 07:52:29