[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17031 [Ponies]: hardware tor relay

Subject: Re: [tor-bugs] #17031 [Ponies]: hardware tor relay
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 10 Sep 2015 09:14:39 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 10 Sep 2015 05:14:47 -0400
In-reply-to: <047.c71e46218ca97eb6e91ff7712aefd6b5@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.c71e46218ca97eb6e91ff7712aefd6b5@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17031: hardware tor relay
-------------------------+-----------------
     Reporter:  elypter  |      Owner:
         Type:  task     |     Status:  new
     Priority:  normal   |  Milestone:
    Component:  Ponies   |    Version:
   Resolution:           |   Keywords:
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-----------------

Comment (by cypherpunks):

 Replying to [comment:2 elypter]:
 > there are no practical ways to hack into 100% signed hardware that is
 protected on the chip layer. you would have to do microprobing to get the
 private key. and there are probably enough ways to prevent this by adding
 mechanical or chemical self destruction.

 That's simply wrong. There are plenty of devices where the encryption has
 been broken, including smartcards and game consoles with very eloborate
 hardware lock-down mechanisms.

 A common hardware platform would be a very juicy target for a
 sophisticated attacker that could undermine some link in the supply chain
 (the US and China would likely be in a good position to do that).

 IMO, the best defense is platform diversity in hardware and software.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17031#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17031 [general]: hardware tor relay
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #7349 [Tor]: Obfsbridges should be able to "disable" their ORPort
Next by Author: Re: [tor-bugs] #17025 [BridgeDB]: use private messaging functions on websites that will not get blocked to deliver bridges
Previous by thread: Re: [tor-bugs] #17031 [Ponies]: hardware tor relay
Next by thread: Re: [tor-bugs] #17031 [Ponies]: hardware tor relay
Index(es):
- Author
- Thread