use the following search parameters to narrow your results:
e.g. subreddit:pics site:imgur.com dog
subreddit:pics site:imgur.com dog
advanced search: by author, sub...
~2 users here now
Information Security Technology sub. For resources, news, memes, and community.
Please review the rules before participating.
Affiliates
s/Techgore
Multiple Tor security issues disclosed, more to come
submitted 3 years ago by quipu from zdnet.com
view the rest of the comments →
[–]quipu[S] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 0 fun5 insightful - 1 fun - 3 years ago (3 children)
For the record, I read his original disclosures and I think he is inflating the importance of them (FWIW one of them is in Tor Browser, not Tor). In a way this reads like FUD against Tor, which is still one of the best anonymity tools out there. The issues he is describing should be addressed, though, and it does seem like they have some problems in their bug management processes.
[–][deleted] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - 3 years ago (2 children)
This kind of thing has always been a problem. The real Tor users, same with the I2P and other security network users, know to disable javascript and other likely exploits. They know to use custom linux distros. People who are using things like browsers on insecure dirty operating systems like Windows, that leave traces in triplicate of everything, aren't interested in security and are asking for trouble.
[–]Turn0ffy0urmind 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (1 child)
This. Tor is the best anonymity system we have. If you're concerned with being totally anonymous on the net boot Tails from a USB drive and educate yourself on how it works as well as encryption and cryptocurrency. Never send or receive sensitive information from windows, mac, (most flavors of) linux, android or ios.
[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (0 children)
Sadly, as the opsec people tend to say, if mossad is after you mossad gonna get you. Flash drives are hardly secure either, and given how many resources the government has poured into penetrating Tor nodes I've no doubt it's severely compromised. Inevitably, end-to-end encryption like offered by I2P will also fail due to the future of optical computing. While I sincerely doubt optical in its potential ability to replace general computing, I am greatly concerned about a niche use in raw brute forcing for cryptography.
If the governments of the world ever truly become able to penetrate high level encryption, aside from just mossading you and taking all your shit with the infinite resources of government to dredge bits of leftover data from physical drives, we're all doomed.
view the rest of the comments →
[–]quipu[S] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 0 fun5 insightful - 1 fun - (3 children)
[–][deleted] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 0 fun4 insightful - 1 fun - (2 children)
[–]Turn0ffy0urmind 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (1 child)
[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (0 children)