I am wondering that another effect of the heartbleed was increased TLS
overhead, that I saw many times also before April-7.
Unfortunately I do not store more than 7 files worth of logs:
Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7%
Apr 1 08:51:35 localhost Tor[394]: TLS write
Mateusz B?aszczyk blah...@gmail.com wrote:
I am wondering that another effect of the heartbleed was increased TLS
overhead, that I saw many times also before April-7.
Unfortunately I do not store more than 7 files worth of logs:
Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7%
This is an excellent email.
--
On Fri, Apr 11, 2014 5:32 PM PDT Jesse Victors wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Saw this article:
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
The U.S.
Interesting.
Could this be a part of what the leaked documents were referring to as
groundbreaking capabilities a few months back?
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=4_r=1hp
https://www.eff.org/document/2013-09-05-guard-bullrun
On Sat, Apr
and for others Tor relays Operators !
Best regards
Julien ROBIN
- Mail original -
De: Jesse Victors jvict...@jessevictors.com
À: tor-relays@lists.torproject.org
Envoyé: Samedi 12 Avril 2014 02:32:07
Objet: [tor-relays] NSA knew about Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jesse Victors:
The U.S. National Security Agency knew for at least two years about a
flaw in the way that many websites send sensitive information, now
dubbed the Heartbleed bug, and regularly used it to gather critical
intelligence, two people familiar with the matter said. The NSA said in
Delton Barnes:
That said, if you carefully parse the statement from DNI, it seems to me
to imply they were aware of the Heartbleed vulnerability in 2014. Why
would they say before 2014 instead of before its disclosure Monday
or something? They may have known about it weeks or months in
On Sat, Apr 12, 2014 at 08:45:23PM +, Delton Barnes wrote:
Two sources familiar with matter could merely be two computer security
experts who have an unsubstantiated opinion that the NSA was exploiting
this beforehand. We have no idea how credible these sources are.
I agree.
I'm assuming
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Saw this article:
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
The U.S. National Security Agency knew for at least two years about a
flaw in the way that many websites send sensitive