[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is Tor still valid?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Is Tor still valid?
From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
Date: Mon, 5 Aug 2013 23:47:03 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 06 Aug 2013 02:56:53 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=aDsZ5TEzsT5Q3OFmeH3bfmqx3DiMQ/N+BexCfSI5toM=; b=x8l3zAEIqv/KVsAh2sONsBKBnFsGL+zoDWAEyD/L9yzZEoP2Mab5RsGAy1NONsTrK1 FolwIjuYfRNUpYHrXz/zW4y6CVKC2kSw+p9RoOfdUI+aMxcTvbLY2etD4SXPA833Jm2R 5sogTjLmOQFiB3rGThejhSQB8FSkds3tL2u5DptBNorRLcdDRgrYq13+avkzjEM5Hd40 AZOlB42TIJtwQ79Tne5NFvetFvgIybU/PpHScHeegvCAbrqJi9YAlKOoEQ8yOLD5+aic Z2BARQAA3mZVHsMPvJBKbfEDG/7rZppV6xdm7vRqo8346kpRdVyDnCp20uC42AOjGygu +5GA==
In-reply-to: <85eha7pbh3.fsf@xxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAMnnSdieCC+A8QAUanr4qjwJxWv9GzTQHTMF=7tQPqAYmQWpyA@xxxxxxxxxxxxxx> <51FFF497.2050604@xxxxxxxxxx> <CAMnnSdgYyXo2encC_qobqQErxbW38EicON71yG3uwtq9LRSv0A@xxxxxxxxxxxxxx> <CAMnnSdg=tB5WLREdE+8Hndib1Edx7F-_qgWeeDB46n1_VHJL0Q@xxxxxxxxxxxxxx> <52008DBD.6050102@xxxxxxxxxx> <85eha7pbh3.fsf@xxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Mon, Aug 5, 2013 at 11:41 PM, intrigeri <intrigeri@xxxxxxxx> wrote:
> mirimir wrote (06 Aug 2013 05:46:37 GMT) :
>> If this exploit had included a Linux component, Tails would not have
>> protected you.
> I've not studied the attack code but this appears to be mostly
> correct.

I believe it would have had to also include a local privilege
escalation exploit and tails specific code to do the bypass.

This is basically the threat model that whonix's isolation is intended
to address, it would be good to see tails improve wrt this.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Is Tor still valid?
  - From: intrigeri

References:
- [tor-talk] Is Tor still valid?
  - From: Andrew F
- Re: [tor-talk] Is Tor still valid?
  - From: Crypto
- Re: [tor-talk] Is Tor still valid?
  - From: Andrew F
- Re: [tor-talk] Is Tor still valid?
  - From: Andrew F
- Re: [tor-talk] Is Tor still valid?
  - From: mirimir
- Re: [tor-talk] Is Tor still valid?
  - From: intrigeri

Prev by Author: Re: [tor-talk] Appearing American
Next by Author: Re: [tor-talk] HS drop
Previous by thread: Re: [tor-talk] Is Tor still valid?
Next by thread: Re: [tor-talk] Is Tor still valid?
Index(es):
- Author
- Thread