[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Blacklisting CVE-2014-0224 affected relays? (was: Yet another OpenSSL vulnerability)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Blacklisting CVE-2014-0224 affected relays? (was: Yet another OpenSSL vulnerability)
From: Nusenu <BM-2D8wMEVgGVY76je1WXNPfo8SrpZt5yGHES@xxxxxxxxxxxxx>
Date: Sun, 08 Jun 2014 10:55:24 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 08 Jun 2014 06:56:19 -0400
In-reply-to: <CAKDKvuwEkdpZCOGiAY0Aaze5MMTVayCf5qSX2pDHJD=1JxFu4g@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuwEkdpZCOGiAY0Aaze5MMTVayCf5qSX2pDHJD=1JxFu4g@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

> The circuit-layer crypto (which happens under the TLS layer)
> should still provide significant protection for user communications
> over Tor.  But a MITM attack of this kind could still help traffic 
> analysis, and likely other unexpected badness as well.

Will the Torproject - or more specifically the directory authorities
again blacklist affected relays (in this case only until they
upgraded) after the majority upgraded?

Has anyone done any measurements to determine how many relays are
running a vulnerable openssl version?

Did anyone run Adam Langley's check script against the tor consensus yet?

https://www.imperialviolet.org/2014/06/05/earlyccs.html
https://www.imperialviolet.org/binary/earlyccs_check.go
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTlEEcAAoJEDcK3SCCSvoeZ3wP/iaNxPSc9vG0ccsC61UFdtVK
2VN+CQLwTwpV2ZNnQwjKKFfUcKE/Wf8VUyjwUlRfy0RRmO/Lk/o009WpI50YQUgk
5HAxYiqGUkaPSwAb2OQASDs1q1qL6W0tK784s1A5VUWdKP4WDbs8fg8t/idoqHvn
uvGLxczKkuKzfIS/KW6Er3aV3gLJlK+MCAFgKEC8RMlXdka04Y1NWrKhd9Lt9ycw
XiO8Zf51X2KyqMswSUJZNukGEFS0JO97LFgKCEx9TEXVFnhZFQ1Y2vG0KZfZDARx
PwI8o6L1faBoIurEC2M3tT3N3lSguw9CzhvSKyG5JVi80pz/FemPyLmWKty7v3D7
WR8KW/hB1dsSg0BbUuqZMWdVeoJUur0Z6YLdyFBaaZPb/fyi13z3jYLzle/Kt8e4
G/OBOM/Ziagvks1f+wcLufKue3RfGZRcPfSEl6h2TbEtE+xrHRrsR9Cl47t/3Qyv
WrJuLJ3VWGUoeEPvaj69vvwMmxbw2W9T8qEi1ZnWaTmmibYuUWC4NowCuhPe9K4l
aD5+aMAMQtFDlR6YstS3ewb/QPY7cURUQldQkxqlhfC+uHJ4Cc0WhmrSZJIbvXC2
BJEKYQWgzP0kTxQJ1qpZHLNXJZp29rHMy51jQ9y5KkJBwD/VDN3yFuRRhTgfJeKi
YDYhvYcuvlqSt64fI++D
=DQf8
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Yet another OpenSSL vulnerability
  - From: Nick Mathewson

Prev by Author: Re: [tor-talk] how to stream videos using Tor
Next by Author: [tor-talk] how to automatically update torbrowser-launcher
Previous by thread: Re: [tor-talk] Yet another OpenSSL vulnerability
Next by thread: [tor-talk] Decentralized internet with Tor
Index(es):
- Author
- Thread