On Mon, Oct 24, 2011 at 1:00 PM, Thor (Hammer of God) <t...@hammerofgod.com> wrote: > *Any* assumptions that presuppose security based on social affiliation need > to be reconsidered. Linus Torvalds would disagree with you. Git is secure because Linus has friends :) See http://www.youtube.com/watch?v=4XpnKHJAok8 at 27:43.
Jeff > >>-----Original Message----- >>From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- >>boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu >>Sent: Monday, October 24, 2011 9:32 AM >>To: Travis Biehn >>Cc: full-disclosure@lists.grok.org.uk >>Subject: Re: [Full-disclosure] Tor anonymizing network Compromised by >>French researchers >> >>On Mon, 24 Oct 2011 11:53:02 EDT, Travis Biehn said: >> >>> So they put up a fake network, 'hacked' most of the nodes, and with >>> complete control of their dummy network they were able to figure out >>> traffic movement? >>> >>> This is news why? >> >>It's not news - it's *long* been known that Tor would be breakable if >>somebody pwned a sufficient percentage of the nodes. It's been regarded as >>a mostly theoretical attack, because the sort of people that run Tor have up >>to >>now been the paranoid type that tend to secure their systems better. >> >>The only part of *news* in it was this: >> >>"Researchers showed that one third of the nodes are vulnerable," >> >>So maybe the "people who run Tor are more paranoid" assumption is flawed >>and needs to be reconsidered. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/