'awokd' via qubes-users: > On Tue, April 3, 2018 11:42 pm, Giulio wrote: >> 3) Not using tor in order to download files prevent only man in the >> middles attack coming from the tor network, your provider, your >> neighbors, your dns server etc may still tricks you the same way. > > To jsnow's question on this, file modifications can be automated. The > attacker could have a selection of files already modified, then watch for > anyone trying to download it and substitute the poisoned one. Probably > other ways to dynamically patch filetypes (like all .EXE for example) on > the fly too. Check out "Quantum Insert". Tor helps here because it's much > more difficult to target specific recipients for poisoned files, so they > have to be sent to everyone who requests them which increases the > likelihood they will get discovered. Of course, that's not the case if > you're logging in to something.
Ok yea that makes sense. I guess i'm partially protected by the fact i'm not doing anything really suspicious, but i guess what i'm concerned about is dragnet attempts to compromise everyone and anyone, tho it makes sense that would increase the chance they'd be caught which makes it less likely. -Jackie -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/268ec220-23ef-bc66-4951-0a9c870f2b6e%40riseup.net. For more options, visit https://groups.google.com/d/optout.
