On 10/21/2016 06:23 PM, Tristan wrote:
> And?
>
> Honestly, the way people create names and websites for these things,
> you'd think it's a fund-raiser for something, not a critical security bug.
Tristan, they know this. They are even good-natured enough to make fun
of it themselves. From http://
Test, not working on my side. Some demos on your side?
Le 22/10/2016 à 00:22, I a écrit :
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Kernel
>
> http://dirtycow.ninja/
>
>
> ___
> tor-relays mailing list
> tor-r
And?
Honestly, the way people create names and websites for these things, you'd
think it's a fund-raiser for something, not a critical security bug.
On Fri, Oct 21, 2016 at 5:22 PM, I wrote:
> Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the
> Linux Kernel
>
> http://dir
Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux
Kernel
http://dirtycow.ninja/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
There a also some x86 mainboards which supported by coreboot. You could
run your boot loader or kernel with initrd from the flash chip, if the
capacity is big enough or you create your own embedded system with tor.
And all works very well ...
On 21.10.2016 17:56, Duncan Guthrie wrote:
> If you wan
Hi there,
More likely, they just compromise your relay in runtime.
Reflashing the boot firmware is theoretical, but due to the huge variation in
the hardware running Tor, I am not convinced using such an exploit on vast
numbers of computers is entirely practical. Since relays are up for months
> In the age of FBI mass hacking, the FBI will attempt to hack all Tor
> relays, and thus, they can trace traffic throughout the entire proxy chain.
You don't think that would be risky for the FBI in terms of being exposed
by security researchers who catch them?
And by proxy chain you mean tor ci
Regardless of whether the Pi’s firmware can actually be updated or not –
it’s probably not good for diversity to run the whole Tor network on a
single kind of device: we don’t want every relay in the network to be
compromised when a single flaw on the Pi is found. Performance might
also suffer, tho
I can confirm "rpi-update" usually works fine to update firmware.
But don't forget to run this command sometimes by hand, no auto-update
during the system /apt-get upgrade/
> firmware of RPi can be changed: https://github.com/Hexxeh/rpi-update /
> https://github.com/Hexxeh/rpi-firmware
--
Petrus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
firmware of RPi can be changed: https://github.com/Hexxeh/rpi-update /
https://github.com/Hexxeh/rpi-firmware
next to that the official firmware of RPi is closed source. you have
no idea what it does
and RPi is build by a small company in the UK, v
Wouldn't it just be easier to use Tails?
On Oct 21, 2016 7:08 AM, "Dan Michaels" wrote:
> The Tor Project website recommends various security setups for people
> running Tor relays.
>
> Such as, don't run a web browser on the same machine as your Tor relay,
> otherwise the browser could get hack
The Tor Project website recommends various security setups for people
running Tor relays.
Such as, don't run a web browser on the same machine as your Tor relay,
otherwise the browser could get hacked, and then if Tor relays are hacked,
it compromises the entire concept of Tor.
In the age of FBI
12 matches
Mail list logo