Brave Privacy Bug Leaks Onion Addresses in DNS Traffic

Brave Privacy Bug Leaks Onion Addresses in DNS Traffic

The Tor mode included with the Brave web browser lets users access .onion dark web domains inside Brave private browsing windows without installing Tor as a separate software package.

Brave’s Tor mode, which was added in June 2018, has allowed access to increased privacy to Brave users when navigating the web, letting them access the .onion versions of legitimate websites like Wikipedia, Facebook, and major news portals.

But research posted online by an anonymous security researcher claims they found that Brave’s Tor mode was sending queries for .onion domains to public internet DNS resolvers rather than Tor nodes.

The risks from this DNS leak are significant, as any leaks will create footprints in DNS server logs for the Tor traffic of Brave browser users.

To Read More:  ZDNet