[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: critical security vulnaribility fixed in Tor 0.1.2.16

To: or-talk@xxxxxxxxxxxxx
Subject: Re: critical security vulnaribility fixed in Tor 0.1.2.16
From: "vikingserver@xxxxxxxxx" <vikingserver@xxxxxxxxx>
Date: Sat, 04 Aug 2007 21:40:25 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 04 Aug 2007 15:40:56 -0400
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=PounaCZeH5I/u4lpeEuXv3Nda824b+Cii/jEuLTpsLvGR08zbkWhiuWGx/ESIgtvmufXfZBPOUk1IvKPM47dm7DlC5sw5uk7Qy3Hxd3Sf4K53uQd5KeQ0EcHKRK/v9zm2hKiwam8pGsn7elbTpgfBiofvMEU9LtwHIyAqqHitUc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=dFbrdxsdNcin5Gn2iIWhJaFed6BJ543lMlwWdk3h4CU1IKesQWJpyakamSLac+vQoSk0trD8dLfaA+Qeaad7n7yMx0kMwbDofcwrTzuCrhmMM5s/utdMMdVvdi1rerB4apUJ/Mj6Z8ItimVl6E7mXnQjt8XeOhNajbMCnXxWzwQ=
In-reply-to: <20070804182312.GX11269@xxxxxxxxxxxxxx>
References: <20070802221918.GF20786@xxxxxxxxxxxxxx> <46B44F87.7000902@xxxxxxxxx> <4ef5fec60708040425q51472a84m9e7be3255df9d99d@xxxxxxxxxxxxxx> <46B468DF.9030100@xxxxxxxxx> <4ef5fec60708040504x40df49deh418fa5a103261da1@xxxxxxxxxxxxxx> <46B473F6.4010604@xxxxxxxxx> <4ef5fec60708040548u28846a3agc155044a90486d6c@xxxxxxxxxxxxxx> <46B48FC4.8000404@xxxxxxxxx> <20070804182312.GX11269@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

So both you and "coderman" know how this attack is done but simply don't want to explain more? Now I understand why the answers were confusing. ;-)

Thanks for answering anyways.
/Viking

Roger Dingledine skrev:

On Sat, Aug 04, 2007 at 04:40:04PM +0200, vikingserver@xxxxxxxxx wrote:

Perhaps someone else has an answer for this.<br>
Nothing in coderman's short answers have made this clear to me. The
answers look rather confusing to me, sorry.<br>


(Typing on defcon network so will be quite brief)

The short answer is yes, this is an attack, and no, we're not going
to tell you exactly how it works yet. That's because several hundred
thousand people are vulnerable, and we're going to give them several
weeks to upgrade before we arm random people on the Internet with the
ability to launch this attack against them.

You should be one of the people who upgrades. :)

--Roger

References:
- critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: coderman
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: coderman
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: coderman
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: vikingserver@xxxxxxxxx
- Re: critical security vulnaribility fixed in Tor 0.1.2.16
  - From: Roger Dingledine

Prev by Author: Re: critical security vulnaribility fixed in Tor 0.1.2.16
Next by Author: Re: Proposal of a new hidden wiki
Previous by thread: Re: critical security vulnaribility fixed in Tor 0.1.2.16
Next by thread: Re: critical security vulnaribility fixed in Tor 0.1.2.16
Index(es):
- Author
- Thread