[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR bundle on hostile platforms: why?



On Wed, 7 Aug 2013, Ivan Zaigralin wrote:
What I am talking about is a trivial attack, technically trivial. The feds
(at least in US and in Russia) have a complete list of unpatched Windows
vulnerabilities. They also have crackers on staff.

They don't have "a complete list", but they have many of such vulnerabilities, we can be certain of that.

It is also likely that they have vulnerabilities in any other operating system. And in Tor implementations. And it is good to assume they have enough 'crackers' on staff that will be able to exploit such vulnerabilities.

Depending on why someone uses Tor, this may or may not be an issue. If you use Tor to do research into cybercrime, or to access your organisation's mail server while on a secret mission, it may not matter very much.

In other cases it may be a reason not to use the Internet at all. Or to make an informed choice about how you can use Tor while minimising the attack vector.

YMMV.

Martijn.
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk