[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 27 Oct 2017 08:46:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 27 Oct 2017 04:46:32 -0400
In-reply-to: <051.dd12f942125f1d57e94501adef5d8daa@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.dd12f942125f1d57e94501adef5d8daa@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#23841: Some asshole deleted cypherpunks account
----------------------------------------------+----------------------------
 Reporter:  cypherpunks                       |          Owner:  qbi
     Type:  defect                            |         Status:  closed
 Priority:  Medium                            |      Milestone:
Component:  Internal Services/Service - trac  |        Version:
 Severity:  Normal                            |     Resolution:  worksforme
 Keywords:                                    |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+----------------------------

Comment (by cypherpunks):

 You meant it has been recreated. But before recreation there is an amount
 of time when the account is not recreated. It is possible to remove an
 account by having a bot that tries to login periodically and deletes the
 account. Given that the period of the check is just a bit longer an
 adversary can effectively make the account unusable. You need to hardcode
 the check disallowing deletion or changing the password of the account
 with the name "cypherpunks". It's just 2 if in the right places!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23841#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #22427 [Webpages/Website]: Link to Linus's nightly builds from somewhere?
Next by Author: [tor-bugs] #24066 [Metrics/Bot]: Refactor IRCListener snippets into Factoids
Previous by thread: Re: [tor-bugs] #23841 [Internal Services/Service - trac]: Some asshole deleted cypherpunks account
Next by thread: [tor-bugs] #23842 [Internal Services]: Automatic check of ListOfServicesBlockingTor
Index(es):
- Author
- Thread