back to article Modified version of Tor Browser spies on Chinese users

Cybersecurity biz Kaspersky has spotted a modified version of the Tor Browser it says collects sensitive data on Chinese users. The data collected by the browser itself includes internet history and data entered into website forms, said the threat hunter. More spyware was hidden in an accompanying library that collected …

  1. G2
    Facepalm

    Digital signature?

    the original Tor browser has no digital signatures in the file properties either (when it is installed) and its files even have a fake timestamp of 01-01-2000.

    Since they have practically "trained" their users not to bother with checking file properties for a signature on the main browser executable, it is no wonder they do as they were told and will not even bother checking installers either.

  2. Potemkine! Silver badge

    For the record, The Reg is not advocating doing this nor for breaking any laws in China.

    Making in your pants, pals? :-P

    There was a time people in UK were not afraid of dictatorships...

    == Bring us Dabbsy back! ==

    1. Anonymous Coward
      Anonymous Coward

      Its part of the standardisation on USA-speak.

    2. SotarrTheWizard

      Sounds familiar. . .

      . . .just another version of the milspeak "We can neither confirm nor deny <$foo>" . . .

  3. regadpellagru

    Authenticity verification

    "If that's not an option, verify the authenticity of installers downloaded from third-party sources by examining their digital signatures."

    Well, how to do that in China, since Tor's site is blocked ?

    The best way I could think of, would be to phone a pal outside of china, to give you the signature by phone ...

  4. JohnTill123

    Advice for the Chinese people:

    As per the Soviet intelligentsia

    1. Don't think.

    2. If you think, then don't speak.

    3. If you think and speak, then don't write.

    4. If you think, speak and write, then don't sign.

    5. If you think, speak, write and sign, then don't be surprised.

    Actually, these days with advanced technology it can be rewritten as:

    1. Don't think.

    2. If you think, then don't be surprised.

    Much more efficient...

  5. Anonymous Coward
    Anonymous Coward

    Kaspersky not boycotted here yet?

    Yeah, I used it, it "is" the best management of a security tool, might even still be good, but. And that is a huge but, and it's right now covered in blood

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like