Tor Project patches critical flaw in its anonymizing network

The Tor Project has released an upgrade to its software that blocks some recently revealed critical vulnerabilities in the Tor network’s protection of user anonymity. The Tor Project’s Erinn Clark detailed the fixes in a blog entry, and urged all users to update immediately.

Tor, originally called “The Onion Network,” anonymizes user visits to websites and other Internet traffic by passing it through a series of relay servers around the Internet. It also can be used to bypass national firewalls like China’s Great Firewall, or Internet “shutdowns” like the one imposed by the Mubarak regime in Egypt earlier this year, through “bridge relays” that connect to the global Internet through dialup or satellite connections or other connections that bypass normal Internet routing. However, an attack has been developed that could be used to track individuals using the Tor network, and discover hidden bridges, potentially putting them at risk.