Privacy

New Release: Tor Browser Version 10.0a2 and 9.51

New Release: Tor Browser Version 10.0a2 and 9.51

OpenDark.Net
On June 30, the Tor Project announced updates to both the alpha and stable releases of the Tor Browser. The new releases include fixes for vulnerabilities discovered in FireFox (through an update to FireFox 68.10.0esr) as well as NoScript bug fixes (through an update to NoScript 11.0.32). Complete changelog for 10.0a2 here and 9.51 here. Both releases include minor tweaks to Onion Location links and settings. Onion Location is an easy way for site operators to advertise their onion service to visitors.
U.S. Senators Introduce Another Anti-Encryption Bill

U.S. Senators Introduce Another Anti-Encryption Bill

OpenDark.Net
U.S. Senators introduced the Lawful Access to Encrypted Data Act in an attempt to mandate backdoors. The bill gives the Department of Justice the ability to force companies and service providers to decrypt data upon request and bans so-called “warrant-proof” encryption. The Lawful Access to Encrypted Data Act (pdf) applies to providers across the board. According to a blog post from the Center for Internet and Society at Stanford Law School, the bill applies to providers of operating systems, messaging applications, email providers, manufacturers of computers, video game consoles, smartphones, or “basically any electronic device with just 1 GB of storage capacity.
ProtonMail's Updated Transparency Report Changes Nothing

ProtonMail's Updated Transparency Report Changes Nothing

OpenDark.Net
ProtonMail, “the world’s largest secure email provider,” recently updated their transparency report to include some of the latest requests for information from law enforcement across the world. The company also added a statement about complying with court orders prior to officially receiving said orders. This concerned some members of privacy communities on Reddit. The most recent update to their Transparency Report added an entry to their list of special or significant interactions with law enforcement as well.
LocalBitcoins Disables Cash for Bitcoin Transactions

LocalBitcoins Disables Cash for Bitcoin Transactions

OpenDark.Net
Localbitcoins, one of the services used to purchase bitcoin as anonymously as possible, unexpectedly ended the ability to trade cash for bitcoin. Although users of Localbitcoins have alternative options for buying bitcoin, trading cash for bitcoin was one of the platform’s primary incentives for those concerned with their privacy, such as the users of darkweb marketplaces. Localbitcoins, since early this year, has been implementing new anti-money laundering (AML) and know your customer (KYC) measures and protections.
Reddit is Blocking 15% of Tor Exit Relays

Reddit is Blocking 15% of Tor Exit Relays

OpenDark.Net
According to Reddit users on various Tor and privacy related subreddits, Reddit—or Reddit’s CDN, Fastly—is blocking access to many Tor users and directly blocking exit nodes in Germany. Relay Stats According to a post on the Tor subreddit, Reddit or their content delivery netowork (CDN) have been blocking access to Tor users. The users, it seems, are those accessing Reddit while connected to an exit node in Germany. Germany, according to the Tor Projects own metrics, is currently the host of 131 exit nodes.
Encrypted eMail Company ProtonMail Denies Being Hacked

Encrypted eMail Company ProtonMail Denies Being Hacked

OpenDark.Net
A recent paste on Pastebin claimed that hackers had hacked the encypted email service Protonmail. The so-called hackers provided no proof of the hack and the email service has responded, denying any hack had every ocurred. In many cases, such immediate denials are categorically false. However, in Protonmail’s case, the denial has a decent chance of being correct. Although the message has raised concerns, the hackers provided no evidence to back up their claims and requested “a small fee” from the email company.
Zero-Day Company Reveals Vulnerability in Tor Browser 7.x

Zero-Day Company Reveals Vulnerability in Tor Browser 7.x

OpenDark.Net
In a post on Twitter, a company specializing in purchasing zero-day exploits from researchers and selling them to government agencies revealed that several versions of the Tor Browser fail to prevent JavaScript from running even with NoScript on the most secure setting. The security company, Zerodium, announced the vulnerability after a new version of the Tor Browser had been released. Tor Browser 8.x is unaffected by the vulnerability, according to their announcement.
How a Privacy Focused Email Service Dropped Google's Notification System

How a Privacy Focused Email Service Dropped Google's Notification System

OpenDark.Net
The open-source end-to-end encrypted email service Tutanota successfully dropped Google’s push notification service in an effort to increase privacy and allow Android users to go Google-free and still have access to one of the best encrypted email services available. They announced the release in a blog post on Tutanota.com fairly recently. Although many privacy-oriented services such as Signal have also replaced Firebase Cloud Messaging (formerly GCM) with other options that allow Google-free Android ROMs to receive notifications.