The Tor Project team has known about the bug for a long time, but it was not possible to get rid of it due to “lack of human resources”, as well as due to the lack of a simple way to solve this problem.
However, now the developers will have to deal with it closely, since the administration of the Dread forum – a resource called the “Darknet Reddit” – conducted a successful campaign aimed at raising funds for the Tor Project, thanks to which the vulnerability in the project’s bug tracker received a priority status.
As a result of the planned fix, Onion site operators will receive a DDoS protection function. Activation of this function will allow you to maintain the availability of the attacked resource at the cost of reducing the speed of establishing new connections.
A few words about Tor
Tor is a system of proxy servers that support “onion routing” – the technology of anonymous exchange of information through a computer network. Tor gives the user the ability to keep incognito on the Internet and protects his traffic from analysis.
This opportunity has made Tor a popular tool in the hands of lawbreakers engaged in the sale of drugs and weapons, the distribution of pornography and other illegal activities. In 2014, the FBI paid $1 million to researchers from Carnegie Mellon University in the United States for assistance in penetrating Tor in order to deanonymize its users.
In November 2016, the Tor Project team announced the creation of a prototype of its own Android smartphone equipped with advanced cybersecurity tools. The prototype, called Mission Improbable, was created by the developer of the anonymous Tor network Mike Perry (Mike Perry). As a hardware part, Google Nexus and Pixel smartphones were taken ready-made, only the software has undergone changes. The device runs under the Copperhead OS, a protected version of Android created for Nexus and Pixel smartphones.