[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] WannaCry fallout FYI



On Mon, May 15, 2017 at 09:58:26AM +0200, Cristian Consonni wrote:
> Interesting. In fact, I though that downloading the whole browser seemed
> to be not so smart, surely there are better ways to connect
> programmatically to the tor network.

It is not the whole browser -- it is the "windows expert bundle":
https://www.torproject.org/download/download
So it is indeed stupid to treat its libraries like the cloud, but
not so stupid that it's fetching the whole tor browser.

> To my untrained eye, this malware seems to be both clever
> (self-replication) and dumb (kill switch, downloading the browser) at
> the same time.

Also ask yourself whether it checks the signature of the tor win32 thing
that it downloads before running it. :( Good thing we're not evil.

--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays