[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware

To: undisclosed-recipients:;
Subject: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 08 Feb 2011 21:04:24 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 Feb 2011 16:04:34 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2516: Examine TurnRight's packages for malware
----------------------+-----------------------------------------------------
  Reporter:  rransom  |              Owner:  ioerror
      Type:  task     |             Status:  new    
  Priority:  major    |          Milestone:         
 Component:  Company  |            Version:         
  Keywords:           |             Parent:         
    Points:           |   Actualpointsdone:         
Pointsdone:           |       Actualpoints:         
----------------------+-----------------------------------------------------
 A Chinese blogger who calls himself/herself/itself '!TurnRight' has
 produced two packages containing Tor, which he/she/it has named '!EasyTor'
 and '!TorPack'.  They are definitely not safe to use (the latest releases
 of both contain versions of Tor before 0.2.1.29 that are now believed to
 be remotely exploitable), they definitely infringe The Tor Project's
 trademark, and at least !TorPack infringes The Tor Project's copyright as
 well (I did not find the Tor license in it with a fairly thorough search).

 We should have these packages examined for malware, as the Chinese
 government and its accomplices have previously
 [http://www.zdnet.com/blog/government/chinese-monitoring-tom-skype-
 messages/4063 distributed repackaged versions of popular software that
 include malware] and [http://www.cl.cam.ac.uk/techreports/UCAM-CL-
 TR-746.html used targeted malware to attack groups which China opposes].

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2516>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2325 [Tor Relay]: Document torrc format
Next by Author: Re: [tor-bugs] #2477 [Tor Client]: Perform CBT tests in test lab
Previous by thread: Re: [tor-bugs] #2515 [Metrics]: Fix timeout syntax and sys.exit bug in torperf
Next by thread: Re: [tor-bugs] #2516 [Company]: Examine TurnRight's packages for malware
Index(es):
- Author
- Thread