[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor no longer works with win2K ??



I'll pretend you didn't insult me and the rest of the Tor dev team, and
try and get your question answered. I've snipped the useless
allegations.

On Nov 12, 2011, at 12:52 PM, Anon Mus wrote:
> Jacob Appelbaum wrote:
>> On 11/10/2011 02:39 AM, Anon Mus wrote:
>>> I got a message to upgrade my Tor version..
>>> 
>>> Nov 10 10:20:45.953 [Warning] Please upgrade! This version of Tor
>>> (0.2.1.30) is obsolete, according to the directory authorities.
>>> Recommended versions are: 0.2.1.31,0.2.2.34,0.2.3.6-alpha,0.2.3.7-alpha
>>> 
>>> But (as before) the latest versions of the expert install do not work.
>>> 
>>> 
>>> Here's the stable..
>>> 
>>> Nov 10 10:17:10.093 [Notice] Tor v0.2.2.34 (git-c4eae752f0d157ce). This
>>> is experimental software. Do not rely on it for strong anonymity.
>>> (Running on Windows 2000 Service Pack 4 [workstation])
>> 
>> Just as a general warning, I suspect the Random Number Generator on
>> Windows 2000 is not so great. I would seriously consider installing a
>> recent Operating system or booting a tails live CD.
>> 
>> All the best,
>> Jacob
>> 
>>  
> As I understand it the random number generator in win2k is the same as the one in WinNT, Win2003, WinXP and Windows Vista.
> 
> http://www.theregister.co.uk/2007/11/13/windows_random_number_gen_flawed/
> http://www.computerworld.com/s/article/9048438/Microsoft_confirms_that_XP_contains_random_number_generator_bug
> http://www.segobit.com/rng.htm
> 
> Does this mean support for these Windows OSes is also to be withdrawn?

Nobody said anything about withdrawing support because of this. Note
that Jake spoke of suspicion. Recommending against the use of Operating
Systems that have reached their end of life and no longer have security
support is also just common sense, and it isn't surprising that WinNT
or WinXP pre-SP have extremely bad security problems. Does this really
surprise you at all?

By just reading the articles you linked to above, you will see that
MS claims the attack is fixed in the most recent version of Windows XP.
You don't provide any kind of evidence that it is still a problem on
those systems.

> Perhaps you can ensure a full explanation is placed a warning on the Torproject web site otherwise lots of users will be using Windows operating systems which are vulnerable.

It's not entirely clear what the implications are, from what I understand.

> Obviously my questions are still NOT being answered, I QUOTE,

Maybe that is because you demand a fully qualified answer within six
hours, while you fail to provide a good bug report? Typically, bugs
get reported to https://bugs.torproject.org, where the developers
actually expect them.

> I re-iterate, can I get a reply from someone on the tor dev team about this ERROR and whether Win2k is being supported now or not?

Here's the reply from someone on the tor dev team: "Exciting! It seems
you've found a bug on Windows 2000 systems, we should totally debug that
and see if we can get it fixed! Unfortunately, we don't have a windows
2000 system around to debug this ourselves, and this is the only report
we've gotten about trouble so far. Please try and provide more input
about your system, the other software that you run, and if you have any
experience debugging software so we may help you get this issue
resolved.

If we have to conclude that the expert Bundle doesn't work on Windows
2000 anymore for whatever reason, I'm afraid we'll have to drop support
for it unless someone else steps in to provide the necessary fixes."


_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk