On 2013-08-05, at 11:41 AM, Nadim Kobeissi <na...@nadim.cc> wrote: > > On 2013-08-05, at 11:04 AM, Michael Owen <mich...@theramparts.com> wrote: > >> On Mon, Aug 5, 2013 at 9:46 AM, Nadim Kobeissi <na...@nadim.cc> wrote: >>> >>> >>> Hmm. So it's more of a 38-day. Perhaps there should have been a Tor Browser >>> security advisory in that case. >> >> I'm not sure how long the Tor bundle goes without actively complaining >> to the user about things being out of date. Out of curiosity I >> reloaded a 48-day old beta of 3.0 last night, and it immediately >> complained that it was out of date and should be upgraded to the >> latest version. > > Yeah, Tor's update notifications are definitely legit. I'm just wondering why > there wasn't an actual advisory. I mean, all this time there seems to have > been a .js file that could compromise any Tor users accessing a website which > loads it.
Clarification: Tor Browser users, not vanilla Tor users, obviously. NK > > NK > >> >> Mike >> -- >> Liberationtech list is public and archives are searchable on Google. Too >> many emails? Unsubscribe, change to digest, or change password by emailing >> moderator at compa...@stanford.edu or changing your settings at >> https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech