[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] EFF Tor Challenge

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] EFF Tor Challenge
From: Javier Bassi <javierbassi@xxxxxxxxx>
Date: Thu, 2 Jun 2011 12:30:33 -0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 02 Jun 2011 11:31:08 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=YsA3SaIM357F/U7GFj8e//uy+gKN/veOO1fgPoT87AQ=; b=ALha+ZQgPp/o7WDlnaCJ0XXfwFwtP6+e7KVhOIpC1NjtA5QHoie45G5tG+Vmk6Qept apWX4fCDQPBu6OvX6aNXwoVJlibMglPUBR9K36NOqWR8zW98V1FTsiK90MVyFAUC74wa DuybSsC4wwYsDFZfR+iQe6M8Tpk6duDdGY1SI=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; b=BmiTSMswvR2UuJaJoUEayTWPIM8KRkPwkjS4n+TTwLcMy6isiVqRVTNdEhS/qWczF5 Ee5dXVJjrak98ZFY4EViXHwtQ5v6E+Ct5zNUd6+P4vrjFVFt10DKPYEhaEcBFRMj0s/c 6G5fRUhqFxLBBVgAXTuy2hTNWjG+r28QRrkQE=
In-reply-to: <BANLkTikT+Lhutzsfm7V5=5DrDEueM57mgQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <BANLkTikB8BtA8Rdf0eH7-zWi1W6UsZO8Ng@xxxxxxxxxxxxxx> <201106011735.10133.CACook@xxxxxxxxxxxxxxx> <4DE6EA5B.6030101@xxxxxxxxxxxxxxxxxx> <201106020636.05003.CACook@xxxxxxxxxxxxxxx> <BANLkTikT+Lhutzsfm7V5=5DrDEueM57mgQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Thu, Jun 2, 2011 at 11:35 AM, Joseph Lorenzo Hall <joehall@xxxxxxxxx> wrote:
> I hate to feed a troll, but many of us run relays that we monitor for
> badness... it's hard to tell from your curt messages what exactly your
> issue is or what your use case is. I'm certainly sure you're one of
> very few people that have alleged Tor is coy about security. Maybe if
> you laid your case out in more detail, with moderated rhetoric, we
> could engage on substance. best, Joe
>

What is think he is trying to say is that if someone finds a security
vulnerability in Tor/Vidalia (this has happened in the past) the
attacker can easily have a list of all IPs running relays, and may
compromise all their machines with his 0day. And also he mention that
even if Tor is chrooted, the attacker can break out of the chroot
jail. This is not as easy as it sounds. To break out of the chroot
jail you need to escalate privileges first and how do you get root
inside a chroot jail? ( Of course if Tor was not running as root)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] EFF Tor Challenge
  - From: Andrew Lewman
- Re: [tor-talk] EFF Tor Challenge
  - From: Joseph Lorenzo Hall
- Re: [tor-talk] EFF Tor Challenge
  - From: tor

References:
- [tor-talk] EFF Tor Challenge
  - From: Javier Bassi
- Re: [tor-talk] EFF Tor Challenge
  - From: CACook
- Re: [tor-talk] EFF Tor Challenge
  - From: Marsh Ray
- Re: [tor-talk] EFF Tor Challenge
  - From: CACook
- Re: [tor-talk] EFF Tor Challenge
  - From: Joseph Lorenzo Hall

Prev by Author: Re: [tor-talk] Running the Tor client on Linux/BSD/Unix
Next by Author: Re: [tor-talk] EFF Tor Challenge
Previous by thread: Re: [tor-talk] EFF Tor Challenge
Next by thread: Re: [tor-talk] EFF Tor Challenge
Index(es):
- Author
- Thread