Bonum Certa Men Certa

Windows Defender Flags Tor Browser as “Trojan Horse” Malware

posted by Roy Schestowitz on Oct 04, 2023

High Tor Vintage Comedy Poster

Reprinted with permission from Ryan Farmer.

Windows Defender Flags Tor Browser as “Trojan Horse” Malware.

Anti-virus software is terrible, and Microsoft’s is obviously no exception.

The fact that it flags a lot of Free and Open Source software makes me wonder if this is worse than the usual “it’s only guessing” that usually lead to false positives in anti-virus programs.

I’ve seen it flag LibreOffice, qBittorrent, PeaZip, and many other FOSS programs, but it also has flagged the latest Tor Browser.

This doesn’t surprise me. What does surprise me is that anyone wanting privacy would use Tor Browser on Windows, where on top of the spyware Microsoft builds into the OS, you have millions of other pieces of spyware, ranging from ransomware, to “Pegasus-like” government-backed malware. And since Windows has so many security problems, it has no trouble getting in.

The United States has committed cyberwarfare using Windows, to sabotage the Iranian nuclear program, with malware like Flame and Stuxnet, which set up on millions of Windows computers and completely eluded anti-virus programs for years.

China and Russia target Windows. Lots of governments do things like this.

Why do these go undetected for years? Are the government attackers really that good at hiding it, or do the anti-virus companies suck that much, or are they told not to do anything? Some of each?

On Debian, on most Linux distributions, you can just install Tor Browser Launcher and forget about it. It automatically downloads the Tor Browser and installs it and checks the signature to make sure it’s really from them and hasn’t been tampered with.

If you don’t want to persistently install a Linux system, you should at least consider running Tails in a live environment.

Again, who is even running Tor Browser on a Windows machine?

A lot of people use Tor criminally, like the multi-national band of criminals, crazies, and derelicts who attacked Techrights’ IRC server and briefly caused an outage of the site.

Tor was part of their harassment mechanism.

But other people use Tor because they need to be safe from actual government oppression or bypass the censors, and if they get caught using it, it could mean prison or death.

Even in America, which is no longer a free country, or a democracy, even looking up an abortion using a normal Web browser with Google can be used later to send you to prison, in some States.

It’s not safe to browse the Web as an American anymore. Even if you have done nothing wrong. Using it on Windows and without a reliable VPN and non-US server, and maybe Tor as well sometimes, is a serious mistake.

But Windows completely undermines the privacy of Tor. The software itself may work, but everything you do gets uploaded to Microsoft. If you download a file, Windows Defender (the same one that flagged Tor Browser as malware) can send them the file or a hash value so they know what you have. If you browse with it at all, Windows sends your keystrokes to Microsoft…..”For Spell Checking”.

If Tor Browser crashes, Windows will send an error report, including a crash dump of what was in the Tor Browser while it was in memory, leading up to the crash.

This is all stated in the Windows EULA. It’s possible it’s worse than we even know.

Even if you think you’ve “Disabled Telemetry” or something, it is still Windows.

Don’t trust it.

Other Recent Techrights' Posts

FSFE: Donate to Us to Co-Fund With Microsoft the Unpaid Underage Labour, YH4F
Latest from FSFE
Links 07/09/2024: China's Financial "Bond" to Africa and Attempts to Postpone Trump Criminal Cases
Links for the day
Why We Are Suing Matthew J. Garrett for Harassment and Why It's Important to Everybody in the Community
There's a limit to how much abuse to me and to my family I can tolerate for the act of merely reporting on corporate corruption
 
Links 07/09/2024: Qualcomm May Buy Parts of Intel, YouTube Deletes Channels for the US Government
Links for the day
No, Mastodon is Not Growing, Social Control Media is Generally Waning
Our sister site pulled the plug on the whole thing over a year ago, seeing it was mostly a source of online abuse
A Loss for Fake Security, a Win for Net Autonomy
Crucifixion of domains has been ramping up this past week; it's a cautionary signal
Links 07/09/2024: UK Police Raid Journalist's Home, Epoch Times Setbacks, and Karma
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 06, 2024
IRC logs for Friday, September 06, 2024
linuxsecurity.com is Still Spamming the Web
This is not harmless to Linux and it definitely merits a shun
Gemini Links 07/09/2024: Freedom in Bareness, Reactions in Addictive Social Control Media
Links for the day
[Meme] Confused Michael
Teaser...
Links 06/09/2024: Censorship of Sites by US, Hype Around LLMs Noted
Links for the day
[Meme] Hijacking the Brands
"Linux? Ah, you mean Microsoft!"
Google: We Help Combat What We Are Guilty of
The search itself is a conflict of interest
Linux Foundation Technical Advisory Board Has Election, But Google is Already Guaranteed Over 33.3% of the Seats ('Reserved' for It)
It has too much power/influence and it looks like a stacked panel
[Video] Theodore Ts'o Says How He Brought Linux to the United States (MIT) and What Makes Linux Leadership Effective
Microsofters keep attacking him
Layoffs Are Healthy and Not Happening
Good news for a change?
[Meme] Trickle-Down Ponzi Scheme
Where does money actually come from?
Considering Microsoft's Totally Fake Finances It Too is at Risk of Being Delisted From the Dow Jones Industrial Average and Other Indexes (NASDAQ, S and P) in the Near Future
Microsoft and Apple both had many layoffs this year
Asking Ourselves What Topics to Strategically Focus on
A lot of the tech media - if not "mainstream" media too - is already covering the growth of GNU/Linux
Media Needs to Stop Asking If "AI" is Just Hype (It Is, It's Not a Question)
The media should stop asking if the "AI" thing is bubble about to pop
Lots of GNU/Linux Detected in Palau and Windows Falls to New All-Time Low (14%)
Windows is falling further
Gemini Links 06/09/2024: Degoogling, LLMs, and ROOPHLOCH
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 05, 2024
IRC logs for Thursday, September 05, 2024
Links 05/09/2024: Starlink to Block Twitter (X) in Brazil, Ukraine Government Shake-Up
Links for the day
Gemini Links 05/09/2024: Going Vegan and Internet Office Hours
Links for the day
GNU/Linux and ChromeOS Still Moving Up in Africa
Chromebooks (with ChromeOS) aren't big there, but "proper" GNU/Linux is a fast-growing force
Links 05/09/2024: Apple Misleads UK Regulators, Microsoft Tries to Ignore Backlash Against Windows Ingrained CCTV
Links for the day
ChromeOS+GNU+Linux in Sweden Now Hovering Around 20%
It seems like Chromebooks are doing well enough in Sweden to bring up GNU/Linux usage to about 20%
Gemini Links 05/09/2024: ROOPHLOC, Source-of-Truth Problem, and Arrival of Autumn
Links for the day
Terms of Service (TOS) Under Scrutiny - Part XIII - RealVNC and What It Does in Practice
Some of these companies have financial objectives and they view users' behaviour/data as an "asset" they can sell for profit; do you wish to becoming their "client"?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 04, 2024
IRC logs for Wednesday, September 04, 2024