On Mon, Aug 05, 2013 at 10:46:35AM +0200, Georg Koppen wrote: > On 05.08.2013 10:15, Nadim Kobeissi wrote: > > Now, we find out that the FBI has been sitting on an exploit since an > > unknown amount of time that can compromise the Tor Browser Bundle > > is that really so? See: > https://blog.mozilla.org/security/2013/08/04/investigating-security-vulnerability-report/ > first comment.
Specifically, it would appear that the TBB updates we put out on June 26 addressed this vulnerability: https://blog.torproject.org/blog/new-tor-browser-bundles-and-tor-02414-alpha-packages My preference here is increasingly that we should finish https://trac.torproject.org/projects/tor/ticket/9387 and then make TBB 3.x the new default: https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released (Apparently this means breaking support for Win XP until somebody fixes that: https://trac.torproject.org/projects/tor/ticket/9084 But hey, there are worse things to do than that.) --Roger -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
