On 08/05/2013 06:53 PM, Crypto wrote: On 8/5/2013 1:29 PM, Andrew F wrote:
Is Tor still Valid now that we know the nsa is actively exploiting holes in technology anonymity tools? We know that Tor and hidden services has issues, not to mention the whole fingerprinting problems. Is Tor too vulnerable to trust? Watch the video below. XKeyscorehttp://www.youtube.com/watch?v=TSEbshxgUas I'm curious as to why everyone is so intent on blaming Tor itself? Tor was not exploited. It was a hole in FF 17 in conjunction with the application running behind the hidden service. It's like saying "My car got a flat tire! Should I ever drive again?" I agree that the exploit was a bad one and in turn it's a big security issue. But if we're going to point fingers let's not point at Tor. Let's focus on the underlying issue(s) that caused this to happen. FF 17 was the target, not Tor. Mozilla has addressed the issue. How did the exploit occur? Let's look at the application(s) that were running behind the hidden service. That was not my focus. My concern is for known Tor venerabilities that are documented and know by all. If we know that Government agencies are actively and successfully attacking soft technology targets. then how can we assume the know Tor Venerabilities are not being used at this very moment. The Tor Venerabilities are going to be dealt with one day.. but what about right now. We know about them, therefore everyone knows about them. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk