According to Motherboard, the Tor Project is working with security researchers to protect user from FBI hacking:
But according to a new paper, security researchers are now working closely with the Tor Project to create a “hardened” version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement.
Specifically, the researchers are currently testing “Selfrando,” a technique made to protect against browser exploits such as the one reportedly used by the FBI.
The new method is meant to counteract what’s known as “code reuse” exploits, where rather than attempting the much harder task of injecting new malicious code, an attacker will exploit a memory leak to reuse code libraries that already exist in the browser—essentially, building malware by rearranging things inside the application’s memory.
To do that, an attacker generally needs to have an idea of where certain functions are located within the application’s memory space. But the current security mechanisms in browsers only randomize the locations of code libraries, not the individual functions. Which is where the Selfrando technique comes in, creating a random address space for internal code that’s much harder to exploit.