This doesn't have anything to do with the Silk Road takedown, if that is what you are referring to.
The vulnerability there was "between keyboard and chair". Ian. On Sat, Oct 5, 2013 at 1:26 PM, Robert Hailey <rob...@freenetproject.org>wrote: > > Is MITM the right term? > > Not to be picky... but I thought they just pulled the server that was > serving up those particular hidden services and dropped in a new server > with the "identify all users" exploit [if they were not controlling that > server in the first place :-) ]. > > -- > Robert Hailey > > > On 2013/10/04 (Oct), at 3:34 PM, Ian Clarke wrote: > > > This is very interesting: > > > > > http://www.theguardian.com/world/2013/oct/04/tor-attacks-nsa-users-online-anonymity > > > > Looks like it's not an attack on Tor itself, rather they identify Tor > users > > (which Tor isn't designed to prevent AFAIK), and then do a MITM on the > > connection between Tor and the web to insert some code that exploits a > > vulnerability that (until recently) was distributed as part of the Tor > > bundle. > > > > Seem like, even though this Firefox vulnerability has been fixed, that > they > > probably have a library of other ones to choose from. > > > > Ian. > > > > -- > > Ian Clarke > > Founder, The Freenet Project > > Email: i...@freenetproject.org > > _______________________________________________ > > Devl mailing list > > Devl@freenetproject.org > > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > _______________________________________________ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- Ian Clarke Personal blog: http://blog.locut.us/ _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
