[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Is Tor still valid?



 On 08/05/2013 06:53 PM, Crypto wrote:

On 8/5/2013 1:29 PM, Andrew F wrote:

 Is Tor still Valid now that we know the nsa is actively exploiting holes in
technology anonymity tools?  We know that Tor and hidden services has
issues, not to mention the whole fingerprinting problems.

Is Tor too vulnerable to trust?    Watch the video below.

XKeyscorehttp://www.youtube.com/watch?v=TSEbshxgUas

 I'm curious as to why everyone is so intent on blaming Tor itself? Tor
was not exploited. It was a hole in FF 17 in conjunction with the
application running behind the hidden service. It's like saying "My car
got a flat tire! Should I ever drive again?" I agree that the exploit
was a bad one and in turn it's a big security issue. But if we're going
to point fingers let's not point at Tor. Let's focus on the underlying
issue(s) that caused this to happen. FF 17 was the target, not Tor.
Mozilla has addressed the issue. How did the exploit occur? Let's look
at the application(s) that were running behind the hidden service.


 That was not my focus. My concern is for known Tor venerabilities that are
documented and know by all.
If we know that Government agencies are actively and successfully attacking
soft technology targets. then how can we assume the know Tor Venerabilities
are not being used at this very moment.   The Tor Venerabilities are going
to be dealt with one day.. but what about right now.  We know about them,
therefore everyone knows about them.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk