Brave Privacy Bug Exposes Tor Onion URLs to Your DNS Provider
upstart writes in with an IRC submission for Runaway1956:
Brave privacy bug exposes Tor onion URLs to your DNS provider:
Websites located on Tor use onion URL addresses that users can only access through the Tor network. For example, DuckDuckGo's Tor address is https://3g2upl4pq6kufc4m.onion/ and the New York Time's address is https://www.nytimes3xbfgragh.onion/.
To access Tor onion URLs, Brave added a 'Private Window with Tor' mode that acts as a proxy to the Tor network. When you attempt to connect to an onion URL, your request is proxied through volunteer-run Tor nodes who make the request for you and send back the returned HTML.
[...] However, a bug in Brave's 'Private window with Tor' mode is causing the onion URL for any Tor address you visit to also be sent as a standard DNS query to your machine's configured DNS server.
This bug was first reported in a Reddit post and later confirmed by James Kettle, the Director of Research at PortSwigger.
This issue is caused by Brave's CNAME decloaking ad-blocking feature that blocks third-party tracking scripts that use CNAME DNS records to impersonate a first-party script.
To prevent Tor URLs from being sent to configured DNS servers, Brave has disabled the CNAME adblocking feature when in the Tor browsing mode.
[*] tweet.
See the bug report on GitHub.
pretty big bug!
Read more of this story at SoylentNews.