[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is Tor still valid?



On 08/05/2013 06:53 PM, Crypto wrote:
> On 8/5/2013 1:29 PM, Andrew F wrote:
>> Is Tor still Valid now that we know the nsa is actively exploiting holes in
>> technology anonymity tools?  We know that Tor and hidden services has
>> issues, not to mention the whole fingerprinting problems.
>>
>> Is Tor too vulnerable to trust?    Watch the video below.
>>
>> XKeyscore
>> http://www.youtube.com/watch?v=TSEbshxgUas
>>
> I'm curious as to why everyone is so intent on blaming Tor itself? Tor
> was not exploited. It was a hole in FF 17 in conjunction with the
> application running behind the hidden service. It's like saying "My car
> got a flat tire! Should I ever drive again?" I agree that the exploit
> was a bad one and in turn it's a big security issue. But if we're going
> to point fingers let's not point at Tor. Let's focus on the underlying
> issue(s) that caused this to happen. FF 17 was the target, not Tor.
> Mozilla has addressed the issue. How did the exploit occur? Let's look
> at the application(s) that were running behind the hidden service.
>
That was not my focus. My concern is for known Tor venerabilities that
are documented and know by all.
If we know that Government agencies are actively and successfully
attacking soft technology targets. then how can we assume the know Tor
Venerabilities are not being exploited at this very moment.   The Tor
Venerabilities are going to be dealt with one day.. but what about right
now.  We know about them, therefore everyone knows about them.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk