Practically all modern internet browsers are based on sandoxing technology in order to separate browser from system. This protecting mechanism teases processes apart making them limited by an isolated environment and resistant to cyberattacks. In such a way, sanboxing prevents an operation system from hackers which operates with any application vulnerability.
Until quite recently, Tor Browser did not include sandboxing technology even without regard to Mozilla Firefox basing, as the result of which its customers were not protected from attackers and law-enforcement authorities. For example, 8700 devices in 120 world countries were hacked by FBI in 2015 declaring identity of Play-Pen users. This technique is applied not only for law-enforcement measures, but also to identify journalists, dissidents, activists etc.
The situation gave an impetus to start a Sandbox Tor Browser project which began in September. The main idea is to bar exploits in an isolated environment which are targeted at browser vulnerability and should not be used for users deanonymization.
The newest alpha version 0.0.2 for Linux was implemented on December 10, 2016 with publicly available source codes. Sandbox Tor Browser is supported by bubblewrap tools and uses seccomp-bpf and namespace packages. According to the developers, new versions will be created for Mac and Windows OS.
Until then, internet users need to exploit other preventive measures and services, such as a VPN. This modern technology hides a real geographical location and gives new IP address providing a high level of anonymity and security. Using a reliable VPN you will forget about hackers and government spying and monitoring.