The Onion Router, popularly known as the Tor Browser recent had an update from its developers. The new version 6.0 brought with it much needed security and various privacy improvements. There were also other fixes to the browser which were included in the browser.
The new browser which was released earlier this week is somehow based on the Firefox ESR 45, which means that users are now able to benefit from all the security enhancements that the developers put into the new release. On top of that, the new Tor 6.0 version also makes use of the HTTPS Everywhere 5.1.9 which makes operations on all platforms run very smooth, which should also include the OS X platform, thanks to the newly code signing which was introduced and can eliminate the OS X Gatekeeper interferences when you are using the Tor browser.
Another dramatic change that the developers added is the disable support for the SHA 1 certificates that they are also putting into place. The technology has already been proven weak from years back and has been removed from other standard browsers such as Chrome, Mozilla Firefox, and the Internet Explorer/Edge browser. Facebook and CloudFlare together with some other companies still want the technology to be working on the older version of the browsers, however.
Tor 6.0 employs the Open SSL 1.0.1t, which is just one of the latest versions which are being used as the toolkit for the Transport Layer Security, together with the Secure Sockets Layer protocols. The OpenSSL was released back in early April and is said to be addressing most of the various security issues in browsers. One of the most important facets that the technology tackles is the high severity vulnerability which was started back in 2013. The flaw allowed a man in the middle attackers to stop the traffic and then decrypt it, and the flaw has not been removed or repaired on most of the visited websites available in the world.
The HTML5 support is also said to part of the new and updated Tor browser. This is in line with the industry’ move towards a Flash-free industry. This helps with browser security and privacy of the users. The update also addresses a DLL hijacking vulnerability and also contributes to reinstate the update.XML, a hash check that was disabled in the Firefox 43. The update changelog shows that the update is also going to take care of the DNS lookup in lock file code.
The Tor browser 6.0 is seen by many as the browsers move towards even greater and better privacy and security. These changes will undoubtedly impact the Onion services of the browser and not the browser itself.