'awokd' via qubes-users:
> On Tue, April 3, 2018 11:42 pm, Giulio wrote:
>> 3) Not using tor in order to download files prevent only man in the
>> middles attack coming from the tor network, your provider, your
>> neighbors, your dns server etc may still tricks you the same way.
> To jsnow's question on this, file modifications can be automated. The
> attacker could have a selection of files already modified, then watch for
> anyone trying to download it and substitute the poisoned one. Probably
> other ways to dynamically patch filetypes (like all .EXE for example) on
> the fly too. Check out "Quantum Insert". Tor helps here because it's much
> more difficult to target specific recipients for poisoned files, so they
> have to be sent to everyone who requests them which increases the
> likelihood they will get discovered. Of course, that's not the case if
> you're logging in to something.

Ok yea that makes sense. I guess i'm partially protected by the fact i'm
not doing anything really suspicious, but i guess what i'm concerned
about is dragnet attempts to compromise everyone and anyone, tho it
makes sense that would increase the chance they'd be caught which makes
it less likely.


You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to