Did this end up biting TOR in the ass, or is this a Proactive move? I am just curious as I mentioned this very problem (or something extremely close to it) back in August last year (see: http://archives.seul.org/or/talk/Aug-2006/msg00187.html ) So I'm just wondering it if finally made it to the top of what I am sure is a long To-do list that the DEV's have, or was it actually exploited. I completely understand the need not to release further details until people upgrade but I am looking forward (once things are safe) to hearing how and by whom this was exploited if it was. In either case (exploited/not exploited), Kudos to the Dev's for fixing it quickly and getting the word out. This has left me wondering one thing tho.. My tor was updated auto-magically as I used a Debian based distro and have the official TOR repository in my apt list. So my question is, is there, or could there be some similar form of auto-updating for persons using the windows version of TOR? If not maybe Vadalia could be made to check for TOR updates and pop up notices to the users? ... just a thought. Sadly my coding skills are decades out of date or I'd offer to help. Freemor <freemor@xxxxxxxx> Freemor <freemor@xxxxxxxxxx> This e-mail has been digitally signed with GnuPG See: http://gnupg.org/ for more details
Attachment:
signature.asc
Description: This is a digitally signed message part