[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is Tor still valid?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Is Tor still valid?
From: Crypto <crypto@xxxxxxxxxx>
Date: Mon, 05 Aug 2013 13:53:11 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 05 Aug 2013 15:26:30 -0400
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=jpunix.net; s=default; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Subject:To:MIME-Version:From:Date:Message-ID; bh=GyAzUe/WuehfNgy/tIZPpO3ZDw+xTbiKWAKPI7oWwwI=; b=H6fSDJCbOyBWOqgALyJ14OdWPT93hXe0Dtne6tc9S87UzcnY8A77tdhpTLuT+aSCWYoWQYZO2dv8y2arn/1CqI34NYNZJDrx/JUPfD0JEKE6qdxFRYrFZ/FX6qcUJMhW;
In-reply-to: <CAMnnSdieCC+A8QAUanr4qjwJxWv9GzTQHTMF=7tQPqAYmQWpyA@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAMnnSdieCC+A8QAUanr4qjwJxWv9GzTQHTMF=7tQPqAYmQWpyA@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

On 8/5/2013 1:29 PM, Andrew F wrote:
> Is Tor still Valid now that we know the nsa is actively exploiting holes in
> technology anonymity tools?  We know that Tor and hidden services has
> issues, not to mention the whole fingerprinting problems.
> 
> Is Tor too vulnerable to trust?    Watch the video below.
> 
> XKeyscore
> http://www.youtube.com/watch?v=TSEbshxgUas
> 

I'm curious as to why everyone is so intent on blaming Tor itself? Tor
was not exploited. It was a hole in FF 17 in conjunction with the
application running behind the hidden service. It's like saying "My car
got a flat tire! Should I ever drive again?" I agree that the exploit
was a bad one and in turn it's a big security issue. But if we're going
to point fingers let's not point at Tor. Let's focus on the underlying
issue(s) that caused this to happen. FF 17 was the target, not Tor.
Mozilla has addressed the issue. How did the exploit occur? Let's look
at the application(s) that were running behind the hidden service.

-- 
Crypto

Keywords: terrorism, bombs, jogging, suntan lotion,
nails, pellets, knives, shoes, underwear, milk, socks,
hair, toenails, masturbation, gasoline, cooking oil,
mayonnaise, bananas, Obama, Clinton, EFF, NSA, FBI,
PGP, USA, pressure cooker, marathon, fertilizer

Keywords are not necessarily in order of importance
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Is Tor still valid?
  - From: adrelanos
- Re: [tor-talk] Is Tor still valid?
  - From: Andrew F
- Re: [tor-talk] Is Tor still valid?
  - From: andrfew
- Re: [tor-talk] Is Tor still valid?
  - From: krugar

References:
- [tor-talk] Is Tor still valid?
  - From: Andrew F

Prev by Author: Re: [tor-talk] Many more Tor users in the past week?
Next by Author: Re: [tor-talk] Secure email with limited usable metadata
Previous by thread: [tor-talk] Is Tor still valid?
Next by thread: Re: [tor-talk] Is Tor still valid?
Index(es):
- Author
- Thread