Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Industry Watch » The Technological

Tor Browser Se7en

Look elsewhere.


Get It

Try It

THE DARKNET (Rixstep) — This is a story about Safari. But much more. For it's also about Apple shenanigans going back to OS X 10.6. But most of all it's about another software project that's gone off the rails.

Tor.

Wrecked Disks

Perhaps you need to have been victimised by one of Apple's glorious lithium ion batteries to appreciate. Preferably one in one of Jony's latter models that can't easily be replaced. The old design, lest anyone forget, admitted of a stylish chamber on the underside, the battery needed only be lifted out and replaced. Insanely great™.

But that was too easy for Jony. He wanted thinner and thinner and thinner. And then a bit thinner.

So now the batteries can't easily be replaced. But they sure can swell! And as a result, the trackpad gets bad. Solution? A fine collection of esoteric screwdrivers. Open the box up, let things breathe a little.

The problem here is that you can suddenly hear your HDD loudly and clearly. Normally this doesn't have to be much of an issue. Unless you launch Safari.

Wrecker of Disks

Safari has quite the reputation for being a memory hog, but nothing compares to its insane use of the hard drive. Again, this is not noticeable on the newer SDD systems. But on older HDDs?

Fire up Activity Monitor and watch. Red peaks all over the place, and this with a browser that's idle. Compare this with any other browser - FF/Tor, Chrome, et al. No red peaks, no sign of activity at all. Switch back to Safari? Same shit.

Clearly Safari's got to go, as pretty as it is, as well as it renders.

As if there weren't sufficient reasons already. The JavaScript engine is hopelessly bugged, for one.

Closest at hand is Tor. The onion router built atop Firefox. Firefox is OK, but it's not integrated well enough into the Apple desktop. But Tor is secure, and not too shabby of late. Meaning it's no longer excruciatingly slow.

But things have happened in the Tor community. First they had their 'Kill Jake Appelbaum' campaign, and now this. For several things happened to the project which were not good.

Whoever owns the Mac FE doesn't understand how Macs work. The initial panel screen locks the entire interface as Tor boots up. And the danged thing copies out over 30 MB of files from its own bundle each time. Files that don't need to be moved. And both these flaws have continued through several updates.

But today's surprise was the best so far.

Tor Browser Se7en

This is hard to explain, for so much has happened in such a short time, and nothing for the good. But just turning on Tor should be enough for starters.

Unbeknownst to you, and without your permission or knowledge, Tor carries out a 50 MB download in the background.

You might see a small hint in the toolbar area after a while. Tor informs you that it will begin an update as soon as you exit.

You weren't told of this, and you have no way to opt out either. Exit Tor and it starts.

Right there the Tor owners get a medal.

This update process, which takes considerable code on disk, seems to do very little. One thing it doesn't do is check compatibility.

The system being updated here is one of the old ones. The hardware is several years old, and the system is kept back for the sake of the developer tools. (Apple's developer tools have turned to utter crap of late.)

So an older system is needed, to provide clients with better executables, and to support other clients whose machine parks don't use the latest OS version.

And Safari only goes only so far in the upgrade circus, the final stop being a version with hopelessly bugged JavaScript.

So that's 'full circle'.

And once you exit Tor, the slaughter begins, for next you know, your Tor dock icon gets the white 'do not enter' overlay. Check your Info.plist and you see that the minimum OS version is 10.9. Browse the Tor website for earlier versions and you find none. (They're available, but not through Tor.)

Reinstall

Find an older compatible version and download, but be careful: remember that Tor used to ask you if you wanted to upgrade. Tor doesn't do that anymore. And it doesn't wait for your approval to start downloading. This is a strict violation of user ethics.

So certain things have to be attended to first. Don't even try running the new copy from your temp drive under /Volumes, as it'll communicate with Mordor, and it's in Mordor all the logic lies. Secure your bricked Tor bundle first.

We used a number of tools, several of which are not available from Apple. We started by setting the Tor '.' directory to 0400. (Is this even possible with Finder? Finder's not a file manager anyway. This is what Finder is, compared to a real file manager.)



First, we exited all Tors. Then we copied the new Tor into place.

Next we set Tor's parent directory to 0400 as well, then we set the user flags, then we slapped on an ACE to prevent tampering.

Deny group everyone: append, change owner, delete, delete child, write, write attributes, write extended attributes, write security

Finally, we used a CLIX script to reset the launch services, and fired up Tracker so we could track what the orcs got up to.

Then we started Tor again.

Our copy of Tor couldn't be tampered with, but the danged Tor server tried downloading again anyway. So exit Tor and dig into the Tor bundle and remove all the updater logic. Then launch Tor again.

Success.

Note that the panel says 'you can not perform further updates on this system'. This isn't really true, unless the Tor eejits caught their mistake. The reason they can't apply the update and again brick the system is that we'd completely locked them out.

But note that the panel also has a link at 'Learn more'. This proved to be highly interesting.

A Leopard's Cold Spots

The above link leads here.

https://blog.torproject.org/blog/tor-browser-70-released

You can read about the rationale behind the version jump, and you can access their 'distribution page', which unfortunately has no links for earlier versions.

But you can also get to this page.

https://bugzilla.mozilla.org/show_bug.cgi?id=394984

And there you can read the following.

'When you drag an application into the /Applications/ folder in Finder, it now automatically chowns it to root instead of to the user who put it there. This effectively disables Software Update on any new install on 10.6.'

Which is too bad for Tor users, but that's not the point. The point is what Finder is doing.

Think about it a minute. To 'chown', one must be root to start with mostly. To 'chown' to root, one must definitely be root. So Finder is running at least one thread as root?

Was authentication (user permission) necessary? Not pertinent at this time, for starting with OS X 10.6 'Snow Leopard' (what names they had) Apple found a way around it all. See the 'Coldspots' links at the bottom for further clues.

What happened in the 'Mac community'? Not much. There were some bewildered voices, but after a short time, people just shrugged their shoulders and said 'I love my Mac'.

But the issue is - remains - very serious. For it means that the system is running at least one privileged thread that can override anything, whatever it wants, without your knowledge or permission. This too is a strict violation of user ethics - the same kind, in fact.

There's a tacit agreement between you the user and Apple the vendor. Your security must always be their #1 concern. Should Apple violate that agreement, break your trust, you have every reason to cancel your relationship.

Of course any vendor - Apple, FreeBSD, Linux, OpenBSD - can at any time pull a 'fast one' like that. But if they do, if they're found out, you have every reason to stop using their product. They have no justification for expecting your trust any longer.

Of course, as pointed out over Se7en years ago when this issue first appeared, the issue isn't necessarily that Apple would deliberately betray your trust - it's that nefarious code from other parties might exploit a hole created by Apple.

This has been seen on many other platforms. The Sony rootkit comes immediately to mind. Sony wanted to copy-protect CDs, and so installed a bona-fide rootkit on systems that used those CDs. And it didn't take the blackhats more than a few days to find the hole and exploit it.

The Story of Renepo

An operating system vendor's first concern must always be to provide the most functional and secure product possible. Unfortunately, Apple haven't always done so.

This site enjoyed a long and very educational relationship with 'DimBulb', the creator of the infamous 'Opener' hole that plagued OS X and Apple for years. 'DimBulb', a network administrator in the bay area, was incensed at how Apple ignored legitimate pleas about what's since been described as the biggest security hole ever in personal computing, what she said was 'not so much a hole as a crater'.

And indeed it was. And it seemed to be intentionally left open for a particular educational software title. Did Apple finally heed DimBulb's admonitions, or did that software title finally reach 'end of line'? The thought that millions of OS X users be left open to attack for the sake of a single third-party product is staggering, to say the least. But we'll probably never know.

And yet similar things happen to the platform today. Things that cannot be other than unsettling.

And what do Tor users do? Tor was once a high-brow US Navy project, designed to help the good old CIA penetrate foreign networks without leaving trails. But today? Although Jake Appelbaum was reportedly not involved in day-to-day development, and is currently completing a PhD programme at THE, structural changes to the project's management began at the same time. And so far they've not been for the good.

'Note: this article repeatedly refers to 'DimBulb' as a 'he' when in fact it should be 'she', a fastidious network administrator from the bay area. 'DimBulb' used several successive identities throughout the history of Renepo. Her sole objective for all those years was to get Apple to fix their shit. She finally succeeded.'
 - The Story of Renepo

See Also
Coldspots: runner
Industry Watch: Opener 3.9
Coldspots: Fingers in the Pie
Coldspots: AdminAuthorization
Industry Watch: The Story of Renepo
Coldspots: .SoftwareUpdateAtLogout
Coldspots: What's Wrong with This Picture?
Red Hat Diaries: Number One at Almost Everything
Coldspots: Snow Leopard Ignores Unix File Permissions

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.