CPU sidechannel destroys TBB inter-tab isolation

A CPU sidechannel attack breaks TBB tab isolation . The researchers’ solution was a browser add-on or the advice not to use the same browsing session for different identities.

If this is a fundamental design flaw that still applies (I think it does) we need to document it on TBB’s page so people take this into account for opsec. I don’t know if or how TPO responded to this attack discovered since Jan this year.



1 Like

On Tor Browser Essentials at the very top:

Also on the same page:

Multiple Tor Browser Instances and Whonix-Workstation ™

  • Multiple Tor Browser Instances: To better separate different contextual identities, consider starting multiple Tor Browser instances and running them through different SocksPorts. This method is less secure than the method outlined below.

  • Multiple Whonix-Workstation ™: For tasks requiring different identities and/or additional software, it is recommended to compartmentalize activities and use two or more Whonix-Workstation ™ VMs. In this way, an exploit in Tor Browser in one Whonix-Workstation ™ cannot simultaneously read the individual’s identity in another VM (for example, an IRC account). [88] This method is less secure than using a Whonix-Workstation ™ Disposable with Tor Browser (see below).

Also on Whonix ™ and Tor Limitations in chapter Separation of Different Contextual Identities.

Also on Browser Tests - Whonix in chapter Fingerprint.com.

So restarting Tor Browser, using its new identity function or multiple Whonix-Workstation as a recommendation to avoid multiple Tor Browser tabs being correlated to the same pseudonym is documented but perhaps due to the many things that are documented, the structure could be improved to provider better emphasis. Help welcome.

OK I extended the tab isolation references under unsafe torbrowser habits

1 Like