[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR tried to take a snapshot of my screen



There is a solved ticket about this and more info about it.
https://trac.torproject.org/projects/tor/ticket/9490

@OP, instead of bitching about Tor being an NSA trap, why don't you learn
to use google?

Cheerz
http://apx808.blogspot.com


On Mon, Aug 25, 2014 at 4:02 PM, APX 808 <apx.808@xxxxxxxxx> wrote:

> I did a quick search and found a similar report from August 2013
>
> https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released
>
> Check the latest comment
>
> Cheerz
> http://apx808.blogspot.com
>
>
> On Mon, Aug 25, 2014 at 3:22 PM, <
> BM-2cVvnFWSftFx8dv12L8z8PjejmtrjYjnUY@xxxxxxxxxxxxx> wrote:
>
>> Hi,
>>
>> I will answer messages sent by different list members. Check for yours:
>>
>>
>>
>>
>>
>> Joe Btfsplk wrote:
>> > Or, this could be a hoax by the OP, or a simple mistake.
>>
>> This is not a hoax and is not a mistake.
>>
>>
>>
>>
>>
>>
>>
>> Mirimir wrote:
>> > Maybe Zemana is incorrectly flagging some aspect of HTML5 canvas
>> > spoofing by the Tor browser as taking a screen snapshot".
>>
>> The incident happend at different web pages that had been accessed before
>> many times without any incident.
>>
>> The Zemana is the same version I am running since December 2013, i.e., it
>> is running for around 8 months without any incident.
>>
>>
>>
>>
>>
>>
>> Sebastian G. wrote:
>> > Was it a website you trusted you browsed to? Did the software attempt to
>> > do anything without a website loaded?
>>
>> Ar regular sites at the surface web that is accessed by many TOR users.
>> Sorry, I can not provide more specific information that may facilitate my
>> identification.
>>
>>
>>
>>
>> Sebastian G. wrote:
>> > Looks, like the website(s) did something.
>> > Maybe trying to access canvas, what the TorBrowser tried to prevent.
>> > Maybe this triggered the alert.
>>
>> Again... I am using the same Zemana version for around 8 months without
>> any incident and acessing the same web sites.
>> So it is not a canvas access problem.
>> I will be very surprice if any web site is capable to generate such alert,
>> especially without to be able to run any script.
>>
>>
>>
>>
>>
>>
>> >> I am sending some screens with the Zemana log, where is possible to see
>> >> the TOR MD5 signature (firefox.exe; FC19E4AFB0E68BD4D25745A57AE14047)
>> and
>> >> the logged behaviour ("screenlogger"), the TOR version,
>> >> TOR button and the
>> >> Zemana version screens, and the extensions
>> >> and plug-ins existing in my TOR
>> >> install (just to confirm that nothing strange is there). They are
>> >> available to download here:
>> >> http://www.datafilehost.com/d/dfb201d8
>> >> or
>> >> https://www.sendspace.com/file/6ygdl3
>>
>> > Both of the files are broken or corrupted. They can't be opened as an
>> > archive on my end. The first source tries to make one download an .exe
>> > file. Well you can download the zip file, without it.
>>
>> > How can we be sure that your upload is safe?
>>
>>
>> If both links are broken this means that somebody is doing a big effort to
>> prevent the file access.
>>
>> The reason I uploaded to hosts is because the Tor Project team blocked my
>> attempt to send as attachment to this list.
>> By this you may also understand that the Tor Project team was aware about
>> my report two days in advance than the list members.
>>
>> The uploaded file is a ZIP with a number of JPG images inside. As far as I
>> know both file types are safe.
>>
>> I did a new upload to a popular JPG hosting service. Here they are:
>> http://i.imgur.com/QAKp7k1.jpg     (Zemana log)
>> http://i.imgur.com/nJkCQJp.jpg     (Zemana version)
>> http://i.imgur.com/06ZW0IK.jpg
>> http://i.imgur.com/XsbpQ4X.jpg
>> http://i.imgur.com/eikxgpe.jpg
>> http://i.imgur.com/jWjAq5N.jpg
>> http://i.imgur.com/iuqltM0.jpg
>> http://i.imgur.com/01cuLYd.jpg
>> http://i.imgur.com/ijnZwGs.jpg
>>
>>
>>
>>
>>
>>
>>
>>
>> Sebastian G. wrote:
>> > The remote operator claim would require evidence of some sort.
>>
>> My report with detailed information including the Zemana log showing that
>> firefox.exe tried to record my screen seems to be a very good evidence.
>> What more one may provide? Is somebody expecting a NSA or Tor Project
>> written confirmation?
>>
>>
>>
>>
>>
>>
>> Sebastian G. wrote:
>> >> This may explain also the, until now, unclear role and objectives of
>> the
>> >> US goverment by funding the TOR Project.
>>
>> > I think they use Tor for many purposes themselves.
>>
>> Why will USA fund the development of a tool that can be used by its
>> enemies?
>> You may have a doubt about the Tor backdoor. I don't.
>>
>> What we have here is very simple: who pays gives the orders!
>>
>>
>>
>>
>>
>>
>>
>>
>> Sebastian G. wrote:
>> >> I am an entusiast of privacy tools and TOR is not used for any kind of
>> >> unlawful purposes, is unlikely that I will attract attention from
>> public
>> >> authorities and I am not worried with any data such attacker eventually
>> >> may have had access.
>>
>> > If someone would exploit against the TorBrowser he might be trying to
>> > get as many hits as possible to see if someone is a target.
>>
>>
>> I guess inside the rerouting net is a kind of automatic tool to spy Tor
>> users and, in addition, the (humans) operators my pick users at will for
>> additional checks. Just my guess.
>>
>>
>>
>>
>>
>>
>>
>> Sebastian G. wrote:
>> > I hope this can be resolved.
>>
>> The Tor Project team is already working to resolve... keeping total
>> silence until everybody forgets my report with, for me a PROOF, for
>> everybody else an EVIDENCE, that TOR was spotted in flagrant while trying
>> to record my screen.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> no.thing_to-hide@xxxxxxxxxxxxxxx wrote:
>> > I did not touch the files, because the whole story made me
>> > mistrustful. When you look at some subjects of yesterday
>> > "Third-parties tracking me on Tor"
>> > "TOR tried to take a snapshot of my screen"
>> > Perhaps somebody is trolling this list and tries to seed confusion.
>>
>>
>>
>> I am not connected with the message with subject "Third-parties tracking
>> me on Tor".
>> I paid attention on it too. Strange to have an ambiguous message send to
>> the list exactly one day after my first try (blocked by Tor Project team)
>> to report to this list.
>>
>> I am not trolling this list.
>> I am providing serious information.
>>
>>
>>
>>
>>
>>
>>
>> AntiTree wrote:
>> > I don't know the anti-spyware tool that you used nor
>> > details about what the
>> > tool deems a "screenshot" but I want to point out that in Windows
>> > (especially older versions) one of the entropy sources for OpenSSL is
>> the
>> > screenshot of your current session[1]. So if the Tor Browser needs to
>> > generate keys (and it usually does in your use case) it is possible that
>> > the crypto functions are calling whatever "rand" sources are available
>> on
>> > your system, including first taking a screenshot of your session.
>>
>> Do not seems that is the case otherwise the Zemana alert would be
>> generated on regular basis.
>>
>>
>>
>>
>>
>>
>>
>>
>> Michael Wolf wrote:
>> > "NSA and GCHQ agents 'leak Tor bugs', alleges developer"
>> > http://www.bbc.com/news/technology-28886462
>>
>> Oh yes, we will see many "news and leaks" reporting the "efforts" of NSA
>> and GCHQ to break TOR and bla-bla-bla.
>> Just desinformation to keeps the TOR credibility.
>>
>> While may (or may not) provide some protection against USA enemies, TOR
>> provides NO PROTECTION against USA and friends.
>> TOR is a spy tool to spy on YOU!
>>
>>
>>
>> Hope more users will start to use Zemana and other anti-spyware and more
>> reports about this problem arrives.
>>
>>
>>
>>
>>
>>
>>
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk