[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] wget - secure?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] wget - secure?
From: tomtidaly@xxxxxxxxxxx
Date: Thu, 13 Aug 2015 03:02:20 -0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 12 Aug 2015 23:02:55 -0400
Importance: Normal
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> On 2012-04-20, Robert Ransom wrote
<https://lists.torproject.org/pipermail/tor-talk/2012-April/024040.html>:

> No, the underlying point is that I have personally seen wget send my
> computer's IP address over Tor in an FTP PORT command.  wget is not
> ?100% safe?.

> The code to send a PORT command is still present in wget 1.13.4.  wget
> 1.13.4 is not ?100% safe?; anyone who wants to recommend it needs to
> specify a particular configuration of wget which is safe.  (Don't
> count on a ?default configuration?; Linux distributors might have
> messed with it, or failed to update it to the version shipped in
> recent wget source distributions.)

> Robert Ransom

I asked a question asked about this issue on the wget mailing list this
week and a patch was provided by Tim Ruehsen. If you have time it would be
great if you read the mailing list discussion to see if I got the issue
correct, and if your happy with the patch.

https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Prev by Author: Re: [tor-talk] IBM says Block Tor
Next by Author: Re: [tor-talk] Multicore, bandwidth, relays, capacity, location
Previous by thread: Re: [tor-talk] Why is my message reject at tor-announce-owner@xxxxxxxxxxxxxxxxxxxx ?
Next by thread: [tor-talk] Can't download my Facebook archive via Tor Browser
Index(es):
- Author
- Thread