Mozilla has filed a brief with a U.S. District Court asking the FBI to disclose the potential vulnerabilities in its Firefox browser that the agency exploited to unmask TOR users in a criminal investigation.
Last year, the FBI used a zero-day flaw to hack TOR browser and de-anonymize users visiting child sex websites.
Now, Mozilla is requesting the government to ask the FBI about the details of the hack so that it can ensure the security of its Firefox browser.
TOR is an anonymity software that provides a safe haven to human rights activists, government, journalists but also is a place where drugs, child pornography, assassins for hire and other illegal activities has allegedly been traded.
TOR Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the user’s anonymity via Tor and Vidalia.
In 2015, the FBI seized computer servers running the world’s largest dark web child pornography site ‘Playpen’ from a web host in Lenoir, North Carolina. However, after the seizure, the site was not immediately shut down.
Instead, the FBI agents continued to run Playpen from its own servers in Newington, Virginia, from February 20 to March 4. During that period, the agency deployed its so-called Network Investigative Technique (NIT) to identify the real IP addresses of users visiting this illegal site.
Recently, an investigation revealed that Matthew J. Edman, a former employee of TOR Project, created malware for the FBI that has been used by US law enforcement and intelligence agencies in several investigations to unmask Tor users.
The FBI hacked more than a thousand computers in the US alone and over three thousand abroad. The Internet Service Providers (ISPs) were then forced to hand over the target customer’s details, following their arrest.
Two months back, a judge ordered the FBI to reveal the complete source code for the TOR exploit that not only affected the Tor Browser, which would have likely been used to hack visitors of PlayPen, but also Firefox.
Here’s what Mozilla’s top lawyer Denelle Dixon-Thayer explained in a blog post:
"The Tor Browser is partially based on our Firefox browser code. Some have speculated, including members of the defense team, that the vulnerability might exist in the portion of the Firefox browser code relied on by the Tor Browser. At this point, no one (including us) outside the government knows what vulnerability was exploited and whether it resides in any of our code base."
Mozilla has now filed a motion with a US district court in Washington, asking the government to disclose the vulnerability within 14 days before any disclosure to the Defendant requiring the FBI to hand over the source code of the exploit to the defense team.
It is because Mozilla wants time to analyze the vulnerability, prepare a patch, and update its products before any malicious actor could exploit the flaw to compromise its Firefox browser, which is being used by millions of people.