wakeupneo555@xxxxxxxxxxxxx wrote:
What began as a simple reply to a Tor user on the subject of downloading PDF files through Tor, turned into a wealth of information on Tor OPSEC. I am adding this post to the list because others might find it as useful as I have. Cheers. Origin of discussion: http://ubuntuforums.org/showthread.php?&t=1890619
[snip]
Remember, you're downloading PDF files through Tor, and unless you verify each file through checksum verification (like MD5 or GPG) there's a chance they could've been trojaned ...
MD5 has been known to be cryptographically broken for some years now. It should NEVER be used to verfiy something has not been malicously altered.
Jim _______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk