Tor has announced Oniux, which is a new command-line tool to root any Linux application, which is safe for unknown network connections through Tor Network.
Unlike classic methods such as Torsock, which rely on user-space tricks, Onix uses Linux names to create a completely isolated network environment for each application, prevents data leaks, even if the app is malicious or misunderstood.
Linux namespace is a kernel feature that allows processes to run in a separate environment, with each with its own view of specific system resources such as networking, procedures or file mounts.
Oniux uses Linux names to isolate apps at kernel level, so all their traffic is forced through Tor.
“We are excited to present Oniux: A small command-line utility providing tor network isolation for third-party applications using Linux Namespace, “reads” Tor blog post,
“Built on Aarti, and onionmasq, oniux drop-ships to root any Linux program through the tor in its network names and to remove the capacity for data leaks.”
It does not reach the host interface by placing each app in its own network namespace, and instead attachs a virtual interface (onion0) that uses onionmasq through Tor.
It uses mount name locations to inject a custom /tc/resolv.conf for tor-safe DNS, and user/PID names to safely establish the environment with minimal privileges.
This setup ensures leak-proof, kernel-enforced tor isolation for any Linux app.
On the other hand, the torsox dynamically works using a ‘LD_PRELOL’ hack to intercepted the network -related function calls in linked linux applications and redirect them through a tor socks proxy.
The problem with this approach is that the raw system calls have not been caught by the Torsock, and the malicious apps can avoid using libach tasks to cause leaks.
In addition, Torsox does not work with stable binergies, and does not offer the correct isolation, as the apps still reach the actual network interface of the host.
The Tor Project published a comparison table highlighting the qualitative difference between the two solutions.
| Oniux | Torusox |
|---|---|
| Standalone application | Need to run Tor Demon |
| Linux uses names | Uses LD.SO preload hack |
| Works on all applications | Only the system works on applications that make up the system through LIBC |
| Mulnerable application cannot be leaked | The malicious application may leaked by calling a system through the raw assembly |
| Linux only | Cross-platform |
| New and experimental | War-mark for more than 15 years |
| Uses Aarti as your engine | Uses CTOR as its engine |
| Written in war | It is written in C |
Despite the obvious benefits of Oniux, the tor has been highlighted that the project is still experimental and has not been tested extensively under many situations and scenarios.
He said, the device cannot function expected, so its use in significant operations is discouraged.
Instead, Tor calls for enthusiastic people who can test ONIUX and report any problem to cope with them so that the equipment can quickly reach maturity and be ready for widespread deployment.
Tor project has published source codeAnd those interested in Testing of Oniux must first ensure that they have been rusted on their Linux distribution, and then install the tool using the command:
cargo install --git oniux@0.4.0
The Tor gives some use examples such as a .onion site (oniux curl “oniux bash” to “tooring”, or running the GUI app on Tor in the desktop environment (Oniux Hexchat).
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
