*Any* assumptions that presuppose security based on social affiliation need to be reconsidered.
t >-----Original Message----- >From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- >boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu >Sent: Monday, October 24, 2011 9:32 AM >To: Travis Biehn >Cc: full-disclosure@lists.grok.org.uk >Subject: Re: [Full-disclosure] Tor anonymizing network Compromised by >French researchers > >On Mon, 24 Oct 2011 11:53:02 EDT, Travis Biehn said: > >> So they put up a fake network, 'hacked' most of the nodes, and with >> complete control of their dummy network they were able to figure out >> traffic movement? >> >> This is news why? > >It's not news - it's *long* been known that Tor would be breakable if >somebody pwned a sufficient percentage of the nodes. It's been regarded as >a mostly theoretical attack, because the sort of people that run Tor have up to >now been the paranoid type that tend to secure their systems better. > >The only part of *news* in it was this: > >"Researchers showed that one third of the nodes are vulnerable," > >So maybe the "people who run Tor are more paranoid" assumption is flawed >and needs to be reconsidered. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/