Windows Defender Flags Tor Browser as “Trojan Horse” Malware
Reprinted with permission from Ryan Farmer.
Windows Defender Flags Tor Browser as “Trojan Horse” Malware.
Anti-virus software is terrible, and Microsoft’s is obviously no exception.
The fact that it flags a lot of Free and Open Source software makes me wonder if this is worse than the usual “it’s only guessing” that usually lead to false positives in anti-virus programs.
I’ve seen it flag LibreOffice, qBittorrent, PeaZip, and many other FOSS programs, but it also has flagged the latest Tor Browser.
This doesn’t surprise me. What does surprise me is that anyone wanting privacy would use Tor Browser on Windows, where on top of the spyware Microsoft builds into the OS, you have millions of other pieces of spyware, ranging from ransomware, to “Pegasus-like” government-backed malware. And since Windows has so many security problems, it has no trouble getting in.
The United States has committed cyberwarfare using Windows, to sabotage the Iranian nuclear program, with malware like Flame and Stuxnet, which set up on millions of Windows computers and completely eluded anti-virus programs for years.
China and Russia target Windows. Lots of governments do things like this.
Why do these go undetected for years? Are the government attackers really that good at hiding it, or do the anti-virus companies suck that much, or are they told not to do anything? Some of each?
On Debian, on most Linux distributions, you can just install Tor Browser Launcher and forget about it. It automatically downloads the Tor Browser and installs it and checks the signature to make sure it’s really from them and hasn’t been tampered with.
If you don’t want to persistently install a Linux system, you should at least consider running Tails in a live environment.
Again, who is even running Tor Browser on a Windows machine?
A lot of people use Tor criminally, like the multi-national band of criminals, crazies, and derelicts who attacked Techrights’ IRC server and briefly caused an outage of the site.
Tor was part of their harassment mechanism.
But other people use Tor because they need to be safe from actual government oppression or bypass the censors, and if they get caught using it, it could mean prison or death.
Even in America, which is no longer a free country, or a democracy, even looking up an abortion using a normal Web browser with Google can be used later to send you to prison, in some States.
It’s not safe to browse the Web as an American anymore. Even if you have done nothing wrong. Using it on Windows and without a reliable VPN and non-US server, and maybe Tor as well sometimes, is a serious mistake.
But Windows completely undermines the privacy of Tor. The software itself may work, but everything you do gets uploaded to Microsoft. If you download a file, Windows Defender (the same one that flagged Tor Browser as malware) can send them the file or a hash value so they know what you have. If you browse with it at all, Windows sends your keystrokes to Microsoft…..”For Spell Checking”.
If Tor Browser crashes, Windows will send an error report, including a crash dump of what was in the Tor Browser while it was in memory, leading up to the crash.
This is all stated in the Windows EULA. It’s possible it’s worse than we even know.
Even if you think you’ve “Disabled Telemetry” or something, it is still Windows.
Don’t trust it. █