Feeds

The Pirate Bay's new censorship-dodging browser 'not secure'

Iranians can now access 'ayatollahsucks.com'*. Oh S$%t, actually...

SANS - Survey on application security programs

The Pirate Bay has released a bundle of add-ons to help people search for and access bits of the internet that governments and ISPs have locked away. The only hitch is: despite the fact that it contains a Tor client, security experts have said that it doesn't completely anonymise internet traffic.

This has raised concerns about users' security.

PirateBrowser, released in celebration of the torrent site's 10th birthday – and with a bunch of torrent sites already bookmarked, natch – is based on Firefox Portable and comes bundled with proxy-management toolset Foxyproxy and the Tor client Vidalia.

In its FAQ, The Pirate Bay says:

Does it [allow me to] surf the net anonymously?

No, while it uses Tor network, which is designed for anonymous surfing, this browser is intended just to circumvent censorship — to remove limits on accessing websites your government doesn't want you to know about.

If you are looking for something more secure you may want to try a VPN like PrivacyIO.

Security experts have complained that The Pirate Bay failed to adhere to Tor security protocols, with one observer claiming the new browser was "unsafe".

The new browser was released on Saturday, the notorious file-sharing site's 10th anniversary.

The Pirate Bay said: "Do you know any people who can't access TPB or other torrent sites because they are blocked? Recommend PirateBrowser to them. It's a simple one-click browser that circumvents censorship and blockades and makes the site instantly available and accessible."

It added: "This browser is intended just to circumvent censorship — to remove limits on accessing websites your government doesn't want you to know about."

But Twitter has erupted in criticism. The Spy Blog, which focuses on security, privacy and surveillance issues, tweeted:

Jacob Appelbaum, a security bod and a spokesman for the Tor Project, also tweeted:

In an FAQ about the browser, The Pirate Bay reassured torrent-seekers that there were no hidden nasties in their software.

It said: "There have been no modifications to any of the packages used, no adware, Trojans, toolbars, etc. This is simply a tool to help people get around censorship."

The creators of PirateBrowser lumped the UK and other countries that have issued court orders blocking access to torrent search sites together with international badboys like Iran and North Korea, claiming that nations around the world want to "limit" their citizens' online access.

TPB described the PirateBrowser thus:

PirateBrowser is a bundle package of the Tor client (Vidalia), FireFox Portable browser (with foxyproxy addon) and some custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens.

The Pirate Bay has come under attack in recent months, with founder Gottfrid Svartholm Warg sentenced to two years' imprisonment in Sweden after being found guilty of hacking. ®

* Sites expressing anti-government views or which include "undesirable content", such as YouTube, are routinely blocked in Iran. VPN services and certain social networking websites are also blocked.

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.