Privacy-focused web browser Brave has announced its websites will now be available directly from the dark web, which will provide a greater pool of users with secure access to its service. Brave has fixed a privacy issue in its browser that sent queries for.onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites.
Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users’ visits to dark web websites.
The bug was addressed in a hotfix release (V1.20.108) made available yesterday.
Brave ships with a built-in feature called “Private Window with Tor” that integrates the Tor anonymity network into the browser, allowing users to access .onion websites, which are hosted on the darknet, without revealing the IP address information to internet service providers (ISPs), Wi-Fi network providers, and the websites themselves. The feature was added in June 2018.
This is achieved by relaying users’ requests for an onion URL through a network of volunteer-run Tor nodes. At the same time, it’s worth noting that the feature uses Tor just as a proxy and does not implement most of the privacy protections offered by Tor Browser.
But according to a report first disclosed on Ramble, the privacy-defeating bug in the Tor mode of the browser made it possible to leak all the .onion addresses visited by a user to public DNS resolvers.
“Your ISP or DNS provider will know that a request made to a specific Tor site was made by your IP,” the post read.
DNS requests, by design, are unencrypted, meaning that any request to access .onion sites in Brave can be tracked, thereby defeating the very purpose of the privacy feature.
Brave Dark Web Browser
This issue stems from the browser’s CNAME ad-blocking feature that blocks third-party tracking scripts that use CNAME DNS records to impersonate the first-party script when it is not and avoid detection by content blockers. In doing so, a website can cloak third-party scripts using sub-domains of the main domain, which are then redirected automatically to a tracking domain.
Brave, for its part, already had prior knowledge of the issue, for it was reported on the bug bounty platform HackerOne on January 13, following which the security issue was resolved in a Nightly release 15 days ago.
It appears that the patch was originally scheduled to roll out in Brave Browser 1.21.x, but in the wake of public disclosure, the company said it’s pushing it to the stable version of the browser released yesterday.
Brave browser users can head to Menu on the top right > About Brave to download and install the latest update.
Brave Dark Web Free
The Crypto-friendly Brave browser is now available on the Tor onion network, a popular browser used to access the dark web. Users of Tor can now access Brave web pages directly from the dark web itself.
Initially integrated into the Brave browser since 2018, Tor also runs some of the relays.
Brave announced in its official announcement:
“Our Private Window with Tor helps protect Brave users from ISPs (Internet Service Providers), guest Wi-Fi providers, and visited sites that may be watching their Internet connection or even tracking and collecting IP addresses, a device’s Internet identifier.”
Brave Dark Web App
Tor users can now access Brace with a “.onion” extension instead of the “.com” where instead of browsing as brave.com, users can access it as Brave.onion. The onion extension protects a users’ metadata, such as its location.
Brave even published a handy guide explaining how one could set this up.
https://t.co/yo4cVqraYq now has a @torproject .onion service, providing more users with secure access to Brave. See how our devops engineer @bkero created this setup, which you should be able to use to create your own onion service #MoreOnionsPorFavor: https://t.co/DSrmyNh5qO
— Brave Software (@brave) October 5, 2020
Brave-Tor Integration For Optimum Privacy
Known popularly as the hotspot for criminals, procuring illegal items and malicious activities, Bitcoin too gained popularity on the dark web as a preferred payment method due to its anonymous nature.
Brave Dark Web Download
While mainstream notions towards the dark web are portrayed only as a destination for drug purchases or hiring assassins, the world of Tor and the dark web is also preferable for journalists, researchers, and activists too for their research works, where certain countries might have restrictive internet policies.
An onion network will bounce one’s search requests around a bunch of relays, set up all over the world while protecting the identity of the person.
Dark Web Links
The decision to make Brave accessible through the dark web is mainly for the privacy aspects associated with the Tor onion network.
Brave, a competitor to Google is known for its privacy-friendly technology. Its crypto-friendly feature rewards people for watching advertisements and even rewards content creators. It’s an opposite take to Google where it sells its users data for its own profit-making.