Maybe not a good week.
Browser flaws expose users to man-in-the-middle attacks
http://blogs.zdnet.com/security/?p=3950
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments
http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf
Ringo wrote:
Hey Tor,
I was watching a presentation today
(http://www.youtube.com/watch?v=ySQl0NhW1J0) and saw that this attack
applied to some of the cryptography Tor uses. I googled around and
couldn't find any information about where this attack would apply in Tor
or if it had been
On Sun, 9 Aug 2009 04:53:15 -0700 (PDT)
Curious Kid letsshareinformat...@yahoo.com wrote:
Maybe not a good week.
Browser flaws expose users to man-in-the-middle attacks
http://blogs.zdnet.com/security/?p=3950
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS
Deployments
Date: Sun, 9 Aug 2009 10:02:42 -0300
From: free...@gmail.com
To: or-talk@freehaven.net
Subject: Re: The dh small subgroup confinement attack and Tor
Since the recommended way to
run a Browser on Tor is with ALL scripting disabled, this shouldn't
effect people that are configured correctly.
Sigh... yes; especially when one (upon rare occasion) requests the
embedded http images, and thereby asks TBird to visit a web page. One
would then want the transaction monitored by both TorButton and
NoScript. :-(
(p.s. open up about:config in TB and scan for jav. I hope there really
is no
Tor currently has an accounting system for allowing data quota limitations
to be applied. This allows a relay to enter 'hibernation', maintaining it's
'up' status, and directory-perceived uptime, without actually relaying
traffic. However, it is feasible that an operator might want to control Tor
6 matches
Mail list logo