The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – has launched an early alpha version of Sandboxed Tor Browser 0.0.2.
Yes, the Tor Project is working on a sandboxed version of the Tor Browser that would isolate the Tor Browser from other processes of the operating system and limit its ability to interact or query low-level APIs that can lead to the exposure of real IP addresses, MAC addresses, computer name, and more.
Sandboxing is a security mechanism for separating running programs. When an application is sandboxed, its process runs in a separate environment from the underlying operating system, so that errors or security issues in that application can not be leveraged to affect other parts of the OS.
Sandbox applications are enabled in their own sequestered area and memory, where they can be worked on without posing any threat to other applications or the operating system.
Major modern browsers, including Chrome, Firefox, and Edge, use sandboxed environments to separate themselves from the operating system.
However, the Tor Browser, which itself is based on the open-source Mozilla Firefox browser, did not use the sandboxing environment that left the browser somewhat insecure even after so many privacy protection features.
The FBI used Tor exploits to identify and catch visitors of PlayPen hiding their real identity using Tor. Such exploits targeting the Tor Browser can also be used to unmask the identity of journalists, political dissidents, and others.
Keeping this in mind, the Tor Project started working on a Sandboxed version of the Tor Browser in September this year.
The idea behind the move is that exploits and vulnerabilities targeting Tor Browser are trapped inside the sandbox environment and can not get out and affect the rest of the computer or unmask anyone.
Tor developers have released the first version of its new and improved Tor Browser, though the version is still very much an alpha; so one can expect bugs, some potentially major ones.
One of the developers working on the project describes the browser features as:
A Gtk+3 based UI for downloading/installing/updating Tor Browser, configuring tor, and launching the sandboxed browser. Think `tor-browser-launcher`, that happens to run Tor Browser in a bunch of containers.
Linux seccomp-bpf + namespace based containers for Tor Browser, that attempts to prevent/mitigate exploits and reduce the amount of personally identifiable information to a minimum, centered around bubblewrap (runtime dependency).
This version is yet only available for Linux. Official binaries should be available sometime next week. For now, confident users could compile it themselves from the source code, though I strongly suggest people to wait.