[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

clock jump bug(s?) update (was Re: security of systems using Tor < [was: JanusVM ...])

     On Mon, 26 May 2008 11:33:21 -0700 coderman <coderman@xxxxxxxxx>
>On Mon, May 26, 2008 at 9:00 AM, Mad Hatter <onideus@xxxxxxxxxxxxxxx> wrote:
>> ...
>> Is it  [[old JanusVM with Tor <]]  even still ^safe^ to use,
>> given that several
>> security bugs have been fixed in subsequent versions of
>> TOR?
>from http://archives.seul.org/or/announce/May-2008/msg00000.html
>  Second, all Tor clients and servers running 0.2.0.x should upgrade to

     The only problem I have with that is the clock jump bug.  I finally did
figure out where to find a copy of to download.  I ran it for
about a week until my system crashed last night.  During that time, the clock
jump message appeared only once, about two days into the run.  So I suspect
that the bug was introduced between and  However,
since the later releases all issue that message considerably more often, I
now wonder whether more than one change was made in different releases, but
resulting in the same external symptoms.  As long as it doesn't start doing
it more often, I'll stick with for now. through are all unusable for servers as far as I'm concerned.  Unless
someone has identified the cause of and fixed this bug in, I
think I should assume that it would be yet another waste of time to try it

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *