[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR bundle on hostile platforms: why?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] TOR bundle on hostile platforms: why?
From: Martijn Grooten <tor@xxxxxxxxxxxxxxxxxx>
Date: Wed, 7 Aug 2013 23:36:38 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 07 Aug 2013 18:57:00 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net; s=mail; t=1375918598; bh=aJHDV9fFJUEA9WmVLoKyBwAXEx9qqdUipQ9dS/fu9LM=; h=Date:From:To:Subject:In-Reply-To:Message-ID:References: MIME-Version:Content-Type; b=TQMdKalivXwHz7xjAKgP1huHIa21Rj0EvN5jf6OBc25G4LpmCEVF3hQH/GB6W4EWF 6ZcIGhzRXB52JaI1G1sUAnpnwdm3mJCyY9CkBuZ0xErn4NRLSWC5IH1oPd/07HJITS JPC4BZyDKCL8PvboCndUsKyy0j1fnBUF4x6gmzmM=
In-reply-to: <5202B9A7.7070408@xxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52028230.1000302@xxxxxxxxxxxx> <20130807183212.GC543@loar> <52029ACC.6090204@xxxxxxxxxxxx> <5202B3D0.6050806@xxxxxxx> <5202B9A7.7070408@xxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Alpine 2.00 (DEB 1167 2008-08-23)

On Wed, 7 Aug 2013, Ivan Zaigralin wrote:

What I am talking about is a trivial attack, technically trivial. The feds
(at least in US and in Russia) have a complete list of unpatched Windows
vulnerabilities. They also have crackers on staff.

They don't have "a complete list", but they have many of suchvulnerabilities, we can be certain of that.

It is also likely that they have vulnerabilities in any other operatingsystem. And in Tor implementations. And it is good to assume they haveenough 'crackers' on staff that will be able to exploit suchvulnerabilities.

Depending on why someone uses Tor, this may or may not be an issue. If youuse Tor to do research into cybercrime, or to access your organisation'smail server while on a secret mission, it may not matter very much.

In other cases it may be a reason not to use the Internet at all. Or tomake an informed choice about how you can use Tor while minimising theattack vector.


YMMV.

Martijn.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] TOR bundle on hostile platforms: why?
  - From: Ivan Zaigralin

References:
- [tor-talk] TOR bundle on hostile platforms: why?
  - From: Ivan Zaigralin
- Re: [tor-talk] TOR bundle on hostile platforms: why?
  - From: Lunar
- Re: [tor-talk] TOR bundle on hostile platforms: why?
  - From: Ivan Zaigralin
- Re: [tor-talk] TOR bundle on hostile platforms: why?
  - From: Antispam 06
- Re: [tor-talk] TOR bundle on hostile platforms: why?
  - From: Ivan Zaigralin

Prev by Author: Re: [tor-talk] Is Tor still valid?
Next by Author: Re: [tor-talk] Many more Tor users in the past week?
Previous by thread: Re: [tor-talk] TOR bundle on hostile platforms: why?
Next by thread: Re: [tor-talk] TOR bundle on hostile platforms: why?
Index(es):
- Author
- Thread